Permalink
Browse files

option to disable roles

  • Loading branch information...
talhaparacha committed Jul 8, 2016
1 parent 2c7bb6e commit 294185e40b1f4a70bbbe64b7142ee23f5b79a52e
@@ -0,0 +1 @@
disabled_roles: []
@@ -1,6 +1,6 @@
pubkey_encrypt.initialization_settings:
type: config_object
label: 'Pubkey Encrypt Settings'
label: 'Pubkey Encrypt Initialization Settings'
mapping:
module_initialized:
type: boolean
@@ -20,3 +20,13 @@ asymmetric_keys_generator.configuration.*:
label: 'asymmetric keys generator plugin configuration.'
sequence:
type: string

pubkey_encrypt.admin_settings:
type: config_object
label: 'Pubkey Encrypt Settings'
mapping:
disabled_roles:
type: sequence
label: 'Disabled roles.'
sequence:
type: string
@@ -4,12 +4,12 @@ pubkey_encrypt.settings:
_title: 'Pubkey Encrypt settings'
_form: '\Drupal\pubkey_encrypt\Form\PubkeyEncryptSettingsForm'
requirements:
_permission: 'administer modules'
_permission: 'administer modules,administer permissions'

pubkey_encrypt.initialization_settings:
path: '/admin/config/system/pubkey_encrypt/initialize'
defaults:
_form: '\Drupal\pubkey_encrypt\Form\PubkeyEncryptInitializationSettingsForm'
_title: 'Pubkey Encrypt initialization settings'
requirements:
_permission: 'administer modules'
_permission: 'administer modules,administer permissions'
@@ -7,13 +7,43 @@
namespace Drupal\pubkey_encrypt\Form;
use Drupal\Core\Form\FormBase;
use Drupal\Core\Form\ConfigFormBase;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\pubkey_encrypt\PubkeyEncryptManager;
use Drupal\user\Entity\Role;
use Symfony\Component\DependencyInjection\ContainerInterface;
/**
* Form builder for the Pubkey Encrypt main settings form.
*/
class PubkeyEncryptSettingsForm extends FormBase {
class PubkeyEncryptSettingsForm extends ConfigFormBase {
/**
* Pubkey Encrypt manager service.
*
* @var \Drupal\pubkey_encrypt\PubkeyEncryptManager
*/
protected $pubkeyEncryptManager;
/**
* Constructs a PubkeyEncryptSettingsForm object.
*
* @param \Drupal\pubkey_encrypt\PubkeyEncryptManager $pubkey_encrypt_manager
* Pubkey Encrypt service.
*/
public function __construct(PubkeyEncryptManager $pubkey_encrypt_manager) {
$this->pubkeyEncryptManager = $pubkey_encrypt_manager;
}
/**
* {@inheritdoc}
*/
public static function create(ContainerInterface $container) {
return new static(
$container->get('pubkey_encrypt.pubkey_encrypt_manager')
);
}
/**
* {@inheritdoc}
@@ -22,17 +52,56 @@ public function getFormId() {
return 'pubkey_encrypt_admin_settings';
}
/**
* {@inheritdoc}
*/
protected function getEditableConfigNames() {
return ['pubkey_encrypt.admin_settings'];
}
/**
* {@inheritdoc}
*/
public function buildForm(array $form, FormStateInterface $form_state) {
$form = parent::buildForm($form, $form_state);
$config = $this->config('pubkey_encrypt.admin_settings');
$role_options = [];
foreach (Role::loadMultiple() as $role) {
$role_options[$role->id()] = $role->label();
}
unset($role_options[AccountInterface::ANONYMOUS_ROLE]);
unset($role_options[AccountInterface::AUTHENTICATED_ROLE]);
$form['disabled_roles'] = array(
'#type' => 'checkboxes',
'#title' => $this->t('Disabled roles'),
'#description' => $this->t("Pubkey would disable its processes for all roles selected here. This would boost the performance of various operations like creation of a user etc."),
'#options' => $role_options,
'#default_value' => $config->get('disabled_roles'),
);
return $form;
}
/**
* {@inheritdoc}
*/
public function submitForm(array &$form, FormStateInterface $form_state) {
$disabled_roles = array_flip($form_state->getValue('disabled_roles'));
unset($disabled_roles[0]);
// Save the configuration.
$this->config('pubkey_encrypt.admin_settings')
->set('disabled_roles', $disabled_roles)
->save();
parent::submitForm($form, $form_state);
// A user may have activated any previously disabled roles. Update all Role
// keys to cater for this change.
$this->pubkeyEncryptManager->updateAllRoleKeys();
}
}
@@ -116,13 +116,19 @@ public function setKeyValue(KeyInterface $key, $key_value) {
$users = \Drupal::service('entity_type.manager')
->getStorage('user')
->loadMultiple();
// Disable roles will only store Share keys for users with "administer
// permissions" permission.
$disabled_roles = \Drupal::config('pubkey_encrypt.admin_settings')
->get('disabled_roles');
// Each user will have a Share key.
foreach ($users as $user) {
// Generate Share keys for all users from the specified role. Also
// generate a Share key for any user with "administer_permissions"
// permission since he should be given complete complete control over
// all keys.
if ($user->hasRole($role) || $user->hasPermission('administer permissions')) {
// If the specified role is not disabled, generate Share keys for all
// users from that role. Also generate a Share key for any user with
// "administer_permissions" permission since he should be given complete
// complete control over all keys.
if (($user->hasRole($role) && !in_array($role, $disabled_roles)) || $user->hasPermission('administer permissions')) {
$userId = $user->get('uid')->getString();
// Check from the cache before generating any Share key to boost

0 comments on commit 294185e

Please sign in to comment.