Group roles and permissions UI

[zerolab]

This PR is a continuation of amitaibu#196. It:

• Fixes the clashing routes for adding a role
• Fixes new group roles considered required, rather than standard
• Adds a role deletion form
• Adds a group permissions and a group role permissions form

To-Do:

• clean-up the routing
• use separate permissions for roles (og_role.add, og_role.update, og_role.delete)
• allow permissions groups other that "Group" and "Group content"
• tests

Also needs decision as to when amitaibu#315 comes into force.

[pfrenssen]

Created a followup to merge OG and OG UI: #396

[cofihouse]

Just want to provide some feedback:
Setting a group to 'private' hides all the field information and functions for the group node from non-members, including things like the 'subscribe' link. I would think an access module should block access to the entities and users of a group, and not necessarily the fields of the group node itself. In my use case, I would like the fields of the actual group node to still be viewable by non-members, so they can decide if they want to join the group or not.
I'm not great at coding modules. I'm going to poke around the code a little, but I probably can't contribute much. In a few weeks I should have some funds to pay for development toward this module.

[impara]

What is the status of this pull request?

[lennartvava]

Add access check to entity query for Drupal 10 compatibility.

Suggested change

	->sort($this->entityType->getKey('weight'));
	->sort($this->entityType->getKey('weight'))
	->accessCheck();

[damienmckenna]

Could someone please update the PR with the latest from the 8.x-1.x branch? It's really out of date and can't be applied anymore. Thank you.

[damienmckenna]

FWIW the current PR does apply cleanly to the current 8.x-1.x branch on d.o.

[damienmckenna]

I created a PR to rebase this PR with the latest from the 8.x-1.x branch: zerolab#11

[damienmckenna]

I also created a PR that adds more accessCheck() calls: zerolab#12

[damienmckenna]

With the latest PR (my fork of it anyway) on 10.2.x when you try to add a new role you get this error:

Drupal\Core\Entity\Exception\UndefinedLinkTemplateException: No link template 'canonical' found for the 'og_role' entity type in Drupal\Core\Entity\EntityBase->toUrl() (line 211 of core/lib/Drupal/Core/Entity/EntityBase.php).