simple_user_management-8.x-1.4/simple_user_management.module

<?php

/**
 * @file
 * Contains simple_user_management.module..
 */

use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Routing\RouteMatchInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\Core\Url;

/**
 * Implements hook_help().
 */
function simple_user_management_help($route_name, RouteMatchInterface $route_match) {
  switch ($route_name) {
    // Main module help for the simple_user_management module.
    case 'help.page.simple_user_management':
      $output = '';
      $output .= '<h3>' . t('About') . '</h3>';
      $output .= '<p>' . t('Interface for clients to manage their users.') . '</p>';
      return $output;

    default:
  }
}

/**
 * Implements hook_entity_operation_alter().
 */
function simple_user_management_entity_operation_alter(array &$operations, EntityInterface $entity) {
  if ($entity->getEntityTypeId() == 'user') {
    /** @var \Drupal\user\UserInterface $entity */
    /** @var \Drupal\Core\Session\AccountProxyInterface $current_user */
    $current_user = \Drupal::currentUser();

    // Add link to the new user approval form provided by this module.
    if (!$entity->isActive() && $current_user->hasPermission('approve user accounts')) {
      $operations['activate'] = [
        'title' => t('Activate'),
        'url' => Url::fromRoute("simple_user_management.user_approval_form", ['user' => $entity->id()]),
        'weight' => 50,
      ];
    }

    // Add link to role delegation if current user can delegate any roles.
    /** @var \Drupal\role_delegation\DelegatableRoles $delegatable_roles */
    $delegatable_roles = \Drupal::service('delegatable_roles');
    $roles = $delegatable_roles->getAssignableRoles($current_user);
    if ($roles) {
      $operations['change_roles'] = [
        'title' => t('Change roles'),
        'url' => Url::fromRoute("role_delegation.edit_form", ['user' => $entity->id()]),
        'weight' => 55,
      ];

      // In both cases we have to check role delegation access.
      $role_delegation_access = FALSE;
      if ($current_user->hasPermission('deactivate user accounts')
        || $current_user->hasPermission('delete user accounts')) {
        // Only allow deactivation/deletion if the logged in user has
        // permission to delegate all roles that the user being checked has.
        $role_delegation_access = TRUE;
        $user_roles = $entity->getRoles();
        foreach ($user_roles as $user_role) {
          if ($user_role != 'authenticated' && !in_array($user_role, array_keys($roles))) {
            $role_delegation_access = FALSE;
          }
        }
      }

      // Add link to the user deactivation form provided by this module.
      if ($entity->isActive() && $current_user->hasPermission('deactivate user accounts')) {
        // If logged in user can deactivate the user being checked.
        if ($role_delegation_access) {
          $operations['deactivate'] = [
            'title'  => t('Deactivate'),
            'url'    => Url::fromRoute("simple_user_management.user_deactivate_form",
              ['user' => $entity->id()]),
            'weight' => 60,
          ];
        }
      }
      // Add link to delete user account.
      if ($current_user->hasPermission('delete user accounts')) {

        // Allow custom control over when deletion can happen.
        $bypass_role_delegation_check = FALSE;
        $context = [
          'target_user' => $entity,
          'current_user' => $current_user,
        ];
        \Drupal::moduleHandler()->alter(
          'simple_user_management_delete_role_delegation_check',
          $bypass_role_delegation_check,
          $context
        );

        // If logged in user can delete the user being checked.
        if ($role_delegation_access || $bypass_role_delegation_check) {
          $operations['delete'] = [
            'title'  => t('Delete'),
            'url'    => Url::fromRoute('simple_user_management.user_delete_form',
              ['user' => $entity->id()]),
            'weight' => 60,
          ];
        }
      }
    }

    // Add a link to change the password if the user has ALL permission to
    // assign ALL roles AND the user has at least one delegate-able role.
    if ($roles && $current_user->hasPermission('change user passwords')) {

      // Compare the roles the user has with the assignable roles. Ignore
      // the authenticated role in the permission.
      $user_roles = $entity->getRoles();
      $assignable_roles = array_keys($roles);
      $assignable_roles[] = AccountInterface::AUTHENTICATED_ROLE;
      if (!array_diff($user_roles, $assignable_roles + [AccountInterface::AUTHENTICATED_ROLE])) {
        $operations['change_password'] = [
          'title' => t('Change password'),
          'url' => Url::fromRoute('simple_user_management.user_change_password_form', [
            'user' => $entity->id(),
          ]),
          'weight' => 60,
        ];
      }
    }

    // Add link to cancel account.
    if ($current_user->hasPermission('administer users')) {
      $operations['cancel'] = [
        'title' => t('Cancel account'),
        'url' => Url::fromRoute("entity.user.cancel_form", ['user' => $entity->id()]),
        'weight' => 60,
      ];
    }
  }
}