- view: adding hook to set perms

- deploy: add new roles fields for taxonomy
- install: add another term

oda.deploy.php

@@ -0,0 +1,46 @@
+<?php
+
+/**
+ * @file
+ * Contains oda_deploy.install.
+ */
+
+/**
+ * Add role name to oda_access_control terms.
+ */
+function oda_deploy_10000_accesscontrol() {
+  $terms = \Drupal::entityTypeManager()->getStorage('taxonomy_term')->loadTree('oda_access_control');
+  $oda_access_terms = [];
+  foreach ($terms as $term) {
+    $query = \Drupal::database()->select('permissions_by_term_role', 'p');
+    $query->fields('p', ['rid']);
+    $query->condition('p.tid', $term->tid);
+    $query->condition('p.rid', 'oit_oda%', 'LIKE');
+    $results = $query->execute()->fetchAll();
+    $term_name = $term->name;
+    $tid = $term->tid;
+    if ($tid == 1229) {
+      $key = 'anonymous';
+    }
+    elseif ($tid == 1228) {
+      $key = 'authenticated';
+    }
+    elseif ($tid == 1227) {
+      $key = 'dl_student';
+    }
+    else {
+      $key = $results[0]->rid;
+    }
+    $oda_access_terms[$term_name] = [
+      'role' => $key,
+      'tid' => $tid,
+    ];
+  }
+  foreach ($oda_access_terms as $term_name => $term) {
+    $tid = $term['tid'];
+    $role = $term['role'];
+    $term = \Drupal::entityTypeManager()->getStorage('taxonomy_term')->load($tid);
+    $term->field_oda_role_machine_name->value = $role;
+    $term->save();
+  }
+}

oda.install

@@ -210,7 +210,6 @@ function oda_update_10004() {
     'OIT-ODA-faculty',
     'OIT-ODA-professional',
     'OIT-ODA-staff',
-
   ];
 
   $weight = 3;
@@ -224,5 +223,43 @@ function oda_update_10004() {
     $term->save();
     $weight++;
   }
+}
 
+/**
+ * Add oda permission terms to TAC Control..
+ */
+function oda_update_10005() {
+  $tac_terms = [
+    'DA-DataAndAnalyticsTeam',
+  ];
+
+  $weight = 3;
+
+  foreach ($tac_terms as $tac_term) {
+    $term = Term::create([
+      'name' => $tac_term,
+      'vid' => 'oda_access_control',
+      'weight' => $weight,
+    ]);
+    $term->save();
+
+    $weight++;
+
+    $roles = [
+      'administrator',
+      'pseudo_admin',
+      'oit_oda_da_team',
+    ];
+
+    foreach ($roles as $role) {
+      $query = \Drupal::database();
+      $query->insert('permissions_by_term_role')
+        ->fields([
+          'tid' => $term->id(),
+          'rid' => $role,
+          'langcode' => 'en',
+        ])
+        ->execute();
+    }
+  }
 }

oda.module

@@ -24,6 +24,40 @@ function oda_page_attachments(array &$attachments) {
   }
 }
 
+/**
+ * Implements hook_views_pre_render().
+ */
+function oda_views_pre_view(ViewExecutable $view) {
+  if ($view->id() == 'oda_data') {
+    // Get current users roles.
+    $current_user = \Drupal::currentUser();
+    $roles = $current_user->getRoles();
+    // Get all taxonomy terms from 'oda_access_control' vocabulary.
+    $terms = \Drupal::entityTypeManager()->getStorage('taxonomy_term')->loadTree('oda_access_control');
+    // Get the permissions from taxonomy access control terms.
+    $oda_access_terms = [];
+    foreach ($terms as $term) {
+      $tid = $term->tid;
+      $term = \Drupal::entityTypeManager()->getStorage('taxonomy_term')->load($tid);
+      $key = $term->get("field_oda_role_machine_name")->getValue()[0]['value'];
+      $oda_access_terms[$key] = $tid;
+    }
+
+    $view_filters = $view->display_handler->getOption('filters');
+    $view_filters['field_oda_report_access']['value'] = [];
+    foreach ($oda_access_terms as $term_role=>$term_tid) {
+      if (in_array('administrator', $roles) || in_array('pseudo_admin', $roles)) {
+        $view_filters['field_oda_report_access']['value'][$term_tid] = $term_tid;
+      }
+      elseif (in_array($term_role, $roles)) {
+        $view_filters['field_oda_report_access']['value'][$term_tid] = $term_tid;
+      }
+    }
+
+    $view->display_handler->setOption('filters', $view_filters);
+  }
+}
+
 /**
  * Implements hook_views_pre_render().
  */