/
RoleCommands.php
145 lines (138 loc) · 5.34 KB
/
RoleCommands.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
<?php
namespace Drush\Drupal\Commands\core;
use Consolidation\OutputFormatters\Options\FormatterOptions;
use Drupal\user\Entity\Role;
use Drush\Commands\DrushCommands;
use Consolidation\OutputFormatters\StructuredData\RowsOfFields;
use Drush\Log\LogLevel;
use Drush\Role\RoleBase;
class RoleCommands extends DrushCommands
{
/**
* Create a new role.
*
* @command role:create
* @param $machine_name The symbolic machine name for the role.
* @param $human_readable_name A descriptive name for the role.
* @usage drush role:create 'test role'
* Create a new role 'test role'. On D8, the human-readable name will be 'Test role'.
* @usage drush role:create 'test role' 'Test role'
* Create a new role with a machine name of 'test role', and a human-readable name of 'Test role'.
* @aliases rcrt,role-create
*/
public function create($machine_name, $human_readable_name = null)
{
$role = Role::create([
'id' => $machine_name,
'label' => $human_readable_name,
], 'user_role');
$role->save();
$this->logger()->success(dt('Created "!role"', ['!role' => $machine_name]));
return $role;
}
/**
* Delete a new role.
*
* @command role:delete
* @param $machine_name The symbolic machine name for the role.
* @validate-entity-load user_role machine_name
* @usage drush role:delete 'test role'
* Delete the role 'test role'.
* @aliases rdel,role-delete
*/
public function delete($machine_name)
{
$role = Role::load($machine_name);
$role->delete();
$this->logger()->success(dt('Deleted "!role"', ['!role' => $machine_name]));
}
/**
* Grant specified permission(s) to a role.
*
* @todo Add validation for permission names.
*
* @command role:perm:add
* @validate-entity-load user_role machine_name
* @validate-permissions permissions
* @param $machine_name The role to modify.
* @param $permissions The list of permission to grant, delimited by commas.
* @option cache-clear Set to 0 to suppress normal cache clearing; the caller should then clear if needed.
* @usage drush role-add-perm anonymous 'post comments'
* Allow anon users to post comments.
* @usage drush role:add-perm anonymous "'post comments','access content'"
* Allow anon users to post comments and access content.
* @usage drush pm:info --fields=permissions --format=csv aggregator
* Discover the permissions associated with given module (then use this command as needed).
* @aliases rap,role-add-perm
*/
public function roleAddPerm($machine_name, $permissions)
{
$perms = _convert_csv_to_array($permissions);
user_role_grant_permissions($machine_name, $perms);
$this->logger()->success(dt('Added "!permissions" to "!role"', ['!permissions' => $permissions, '!role' => $machine_name]));
drush_drupal_cache_clear_all();
}
/**
* Remove specified permission(s) from a role.
*
* @command role:perm:remove
* @validate-entity-load user_role machine_name
* @validate-permissions permissions
* @param $machine_name The role to modify.
* @param $permissions The list of permission to grant, delimited by commas.
* @option cache-clear Set to 0 to suppress normal cache clearing; the caller should then clear if needed.
* @usage drush role:remove-perm anonymous 'access content'
* Hide content from anon users.
* @aliases rmp,role-remove-perm
*/
public function roleRemovePerm($machine_name, $permissions)
{
$perms = _convert_csv_to_array($permissions);
user_role_revoke_permissions($machine_name, $perms);
$this->logger()->success(dt('Removed "!permissions" to "!role"', ['!permissions' => $permissions, '!role' => $result->name]));
drush_drupal_cache_clear_all();
}
/**
* Display a list of all roles defined on the system.
*
* If a role name is provided as an argument, then all of the permissions of
* that role will be listed. If a permission name is provided as an option,
* then all of the roles that have been granted that permission will be listed.
*
* @command role:list
* @usage drush role:list --filter='administer nodes'
* Display a list of roles that have the administer nodes permission assigned.
* @aliases rls,role-list
* @field-labels
* rid: ID
* label: Role Label
* perms: Permissions
*
* @filter-default-field perms
* @return \Consolidation\OutputFormatters\StructuredData\RowsOfFields
*/
public function roleList($options = ['format' => 'yaml'])
{
$rows = [];
$roles = Role::loadMultiple();
foreach ($roles as $role) {
$rows[$role->id()] = [
'label' => $role->label(),
'perms' => $role->getPermissions(),
];
}
$result = new RowsOfFields($rows);
$result->addRendererFunction([$this, 'renderPermsCell']);
return $result;
}
/*
* Used in the unlikely event user specifies --format=table.
*/
public function renderPermsCell($key, $cellData, FormatterOptions $options)
{
if (is_array($cellData)) {
return implode(',', $cellData);
}
return $cellData;
}
}