Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
U
uw_sites_all
Manage
Activity
Members
Labels
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Model registry
Analyze
Value stream analytics
Contributor analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
WCMS
uw_sites_all
Commits
8e2fc15f
Commit
8e2fc15f
authored
2 months ago
by
Lily Yan
Browse files
Options
Downloads
Patches
Plain Diff
ISTWCMS-7240 Make administrator role automatically expire after 1 day
parent
a79e24ba
No related branches found
Branches containing commit
No related tags found
Tags containing commit
1 merge request
!208
ISTWCMS-7240 Make administrator role automatically expire after 1 day
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
config/install/role_expire.config.yml
+2
-1
2 additions, 1 deletion
config/install/role_expire.config.yml
uw_sites_all.install
+56
-0
56 additions, 0 deletions
uw_sites_all.install
uw_sites_all.module
+34
-0
34 additions, 0 deletions
uw_sites_all.module
with
92 additions
and
1 deletion
config/install/role_expire.config.yml
+
2
−
1
View file @
8e2fc15f
role_expire_default_roles
:
'
{"administrator":"0","uw_role_site_owner":"0","uw_role_site_manager":"0","uw_role_content_author":"0","uw_role_content_editor":"0","uw_role_form_editor":"0","uw_role_form_results_access":"0","uw_role_private_content_viewer":"0"}'
role_expire_disabled_roles
:
'
{"administrator":0,"uw_role_site_owner":0,"uw_role_site_manager":0,"uw_role_content_author":0,"uw_role_content_editor":0,"uw_role_form_editor":0,"uw_role_form_results_access":0,"uw_role_private_content_viewer":0}'
role_expire_default_duration_roles
:
{
}
role_expire_default_duration_roles
:
administrator
:
'
1
day'
This diff is collapsed.
Click to expand it.
uw_sites_all.install
+
56
−
0
View file @
8e2fc15f
...
...
@@ -99,6 +99,21 @@ function uw_sites_all_install() {
\Drupal
::
database
()
->
update
(
'users_field_data'
)
->
fields
([
'preferred_admin_langcode'
=>
'en'
])
->
execute
();
// Get the config factory.
$config_factory
=
\Drupal
::
service
(
'config.factory'
);
// Load the role_expire settings.
$config
=
$config_factory
->
getEditable
(
'role_expire.config'
);
// Get role_expire_default_duration_roles.
$data
=
$config
->
get
(
'role_expire_default_duration_roles'
);
// Set role_expire_default_duration_roles administrator to 1 day.
$data
[
'administrator'
]
=
'1 day'
;
// Save the change.
$config
->
set
(
'role_expire_default_duration_roles'
,
$data
)
->
save
();
}
/**
...
...
@@ -2039,3 +2054,44 @@ function uw_sites_all_update_9166(&$sandbox) {
function
uw_sites_all_update_9167
(
&
$sandbox
)
{
\Drupal
::
service
(
'module_installer'
)
->
install
([
'pantheon_advanced_page_cache'
]);
}
/**
* Set 1 day expire for the existing Administrator users.
*/
function
uw_sites_all_update_9168
(
&
$sandbox
)
{
// Get the config factory.
$config_factory
=
\Drupal
::
service
(
'config.factory'
);
// Load the role_expire settings.
$config
=
$config_factory
->
getEditable
(
'role_expire.config'
);
// Get role_expire_default_duration_roles.
$data
=
$config
->
get
(
'role_expire_default_duration_roles'
);
// Set role_expire_default_duration_roles administrator to 1 day.
$data
[
'administrator'
]
=
'1 day'
;
// Save the change.
$config
->
set
(
'role_expire_default_duration_roles'
,
$data
)
->
save
();
// Load all users with the administrator role.
$user_storage
=
\Drupal
::
entityTypeManager
()
->
getStorage
(
'user'
);
$query
=
$user_storage
->
getQuery
()
->
condition
(
'roles'
,
'administrator'
)
->
condition
(
'mail'
,
'wcmsadmin@uwaterloo.ca'
,
'<>'
);
$uids
=
$query
->
execute
();
$users
=
$user_storage
->
loadMultiple
(
$uids
);
// Get the role expire API.
$role_expire
=
\Drupal
::
service
(
'role_expire.api'
);
// Add the expiry to each account.
foreach
(
$users
as
$account
)
{
$role_expire
->
writeRecord
(
$account
->
id
(),
'administrator'
,
strtotime
(
'+1 day'
)
);
}
}
This diff is collapsed.
Click to expand it.
uw_sites_all.module
+
34
−
0
View file @
8e2fc15f
...
...
@@ -7,6 +7,7 @@
use
Drupal\Core\Form\FormStateInterface
;
use
Drupal\menu_link_content
\Entity\MenuLinkContent
;
use
Drupal\user\Entity\User
;
use
Drupal\webform\WebformInterface
;
/**
...
...
@@ -159,3 +160,36 @@ function uw_sites_all_preprocess_input(&$variables) {
$variables
[
'attributes'
][
'alt'
]
=
t
(
'Add'
);
}
}
/**
* Implements hook_user_login().
*/
function
uw_sites_all_user_login
(
User
$account
)
{
// Get the SimpleSAMLphp attributes.
$auth_manager
=
\Drupal
::
service
(
'simplesamlphp_auth.manager'
);
$saml_attributes
=
$auth_manager
->
getAttributes
();
// Check if the group does not have the administrator role.
if
(
isset
(
$saml_attributes
[
'http://schemas.xmlsoap.org/claims/Group'
])
&&
in_array
(
'ist-WCMS Admins'
,
$saml_attributes
[
'http://schemas.xmlsoap.org/claims/Group'
])
&&
!
$account
->
hasRole
(
'administrator'
))
{
// Add the administrator role to the user.
$account
->
addRole
(
'administrator'
);
$account
->
save
();
}
// Check if the user has the administrator role.
if
(
$account
->
hasRole
(
'administrator'
)
&&
$account
->
getEmail
()
!==
'wcmsadmin@uwaterloo.ca'
)
{
// Get the role expire API.
$role_expire
=
\Drupal
::
service
(
'role_expire.api'
);
// Add the expiry to the account.
$role_expire
->
writeRecord
(
$account
->
id
(),
'administrator'
,
strtotime
(
'+1 day'
)
);
}
}
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
