From b97f821be7bf7df3c5f2926d936bdbce964b65ea Mon Sep 17 00:00:00 2001
From: ebremner <ebremner@uwaterloo.ca>
Date: Thu, 13 Aug 2020 16:26:44 -0400
Subject: [PATCH] ISTWCMS-4025: removing manage link in admin toolbar for
 strictly authenitcated users only

---
 uw_cfg_common.module | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/uw_cfg_common.module b/uw_cfg_common.module
index ca75c12e..37503874 100644
--- a/uw_cfg_common.module
+++ b/uw_cfg_common.module
@@ -135,3 +135,30 @@ function uw_cfg_common_form_webform_settings_submissions_form_alter(array &$form
   unset($form['submission_behaviors']['token_update']);
   unset($form['views_settings']);
 }
+
+/**
+ * Implements hook_toolbar_alter().
+ *
+ * Remove the Manage link from the toolbar for authenticated users.
+ */
+function uw_cfg_common_toolbar_alter(&$items) {
+
+  // Get the current user.
+  $current_user = \Drupal::currentUser();
+
+  // Ensure that the current user is not user1.
+  if ($current_user->id() !== 1) {
+
+    // Get the roles of the user.
+    $roles = $current_user->getRoles();
+
+    // If there is only 1 role and that first role is authenticated, remove the manage link.
+    // If there are multiple roles then we know that they will have the Manage link, we are
+    // only removing the manage link for strictly authenticated users only.
+    if (count($roles) == 1 && $roles[0] == 'authenticated') {
+
+      // Remove the manage link.
+      unset($items['administration']);
+    }
+  }
+}
-- 
GitLab