Merge branch 'feature/ISTWCMS-4229-lkmorlan-protect-homepage' into '8.x-1.x'

ISTWCMS-4229: Prevent moderation of home page except by admin See merge request !34

Merge branch 'feature/ISTWCMS-4229-lkmorlan-protect-homepage' into '8.x-1.x'
f7fbc5e4 · Eric Bremner · 6db4c581 · ffdedab2 · f7fbc5e4 · f7fbc5e4
Commit f7fbc5e4 authored 4 years ago by Eric Bremner
--- a/src/Form/UwContentModerationForm.php
+++ b/src/Form/UwContentModerationForm.php
@@ -2,10 +2,13 @@
 namespace Drupal\uw_cfg_common\Form;
+use Drupal\Core\Access\AccessResult;
 use Drupal\Core\Entity\EntityTypeManagerInterface;
 use Drupal\Core\Form\ConfirmFormBase;
 use Drupal\Core\Form\FormStateInterface;
+use Drupal\Core\Session\AccountInterface;
 use Drupal\Core\Url;
+use Drupal\uw_cfg_common\Service\UWService;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 /**
@@ -54,6 +57,19 @@ class UwContentModerationForm extends ConfirmFormBase {
    );
  }
+  /**
+   * Access callback. No access for the home page, except by admin.
+   *
+   * @return object
+   *   A AccessResult object.
+   */
+  public function access(int $nid, AccountInterface $account): AccessResult {
+    if (UWService::nodeIsHomePage($nid) && !$account->hasPermission('bypass home page protection')) {
+      return AccessResult::forbidden();
+    }
+    return AccessResult::allowed();
+  }
  /**
   * {@inheritdoc}
   */

--- a/src/Service/UWService.php
+++ b/src/Service/UWService.php
@@ -368,4 +368,19 @@ class UWService implements UWServiceInterface {
    }
  }
+  /**
+   * Determine whether a node is the home page.
+   *
+   * @param int $nid
+   *   A node ID.
+   *
+   * @return bool
+   *   TRUE when the node is the home page, FALSE otherwise.
+   */
+  public static function nodeIsHomePage(int $nid): bool {
+    $front_page_path = \Drupal::configFactory()->get('system.site')->get('page.front');
+    $node_alias = \Drupal::service('path_alias.manager')->getAliasByPath('/node/' . $nid);
+    return $front_page_path === $node_alias;
+  }
 }
--- a/uw_cfg_common.permissions.yml
+++ b/uw_cfg_common.permissions.yml
 'access content access form':
  title: 'Access content access form'
  description: 'Allows access to the content access form.'
+'bypass home page protection':
+  title: 'Bypass home page protection'
+  description: 'Allows taking actions that are not normally allowed for the home page, such as unpublishing.'
+  restrict access: true
--- a/uw_cfg_common.routing.yml
+++ b/uw_cfg_common.routing.yml
@@ -11,4 +11,5 @@ uw_content_moderation.form:
    _title: 'Content moderation'
    _form: '\Drupal\uw_cfg_common\Form\UwContentModerationForm'
  requirements:
+    _custom_access: '\Drupal\uw_cfg_common\Form\UwContentModerationForm::access'
    _permission: 'access content'