Contrib.social

Comment Permissions

Open on Drupal.org →
Created on 9 January 2020, about 5 years ago
Updated 22 February 2025, about 2 months ago

Can we have a permission setting for Comments. Right now there isn't a way to set a role to have the ability to leave a comment or not.

A scenario would be to give the Group Admin the ability to leave comments on a node but Members would be denied.

Feature request
Status

Active

Version

1.0

Component

Code

Created by

🇨🇦Canada seanenroute

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

  • Comment about 2 months ago
    🇵🇹Portugal introfini

    Here's the updated code for Group v3:

    
use Drupal\comment\CommentInterface;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Session\AccountInterface;
use Drupal\group\Entity\GroupInterface;
use Drupal\group\Entity\GroupRelationship;

/**
 * Implements hook_ENTITY_TYPE_access().
 *
 * Allow group admins to edit or delete comments of that group content entities
 */
function hook_comment_access(CommentInterface $comment, $operation, AccountInterface $account) {
  // Allow group admins to edit and delete comments on group content entities.
  if (!in_array($operation, ['delete', 'update'])) {
    return AccessResult::neutral();
  }

  $current_user = \Drupal::currentUser();

  // Exit early if the current user has global permissions.
  if (
    $current_user->hasPermission('bypass group access') ||
    $current_user->hasPermission('administer comments')
  ) {
    return AccessResult::neutral();
  }

  // Get the entity type manager service.
  $entity_type_manager = \Drupal::entityTypeManager();

  // Load group relationships for the commented entity.
  $group_relationships = $entity_type_manager
    ->getStorage('group_relationship')
    ->loadByEntity($comment->getCommentedEntity());

  if (empty($group_relationships)) {
    return AccessResult::neutral();
  }

  $result = AccessResult::neutral();

  /** @var \Drupal\group\GroupMembershipLoaderInterface $membership_loader */
  $membership_loader = \Drupal::service('group.membership_loader');

  /** @var \Drupal\group\Entity\GroupRelationship $relationship */
  foreach ($group_relationships as $relationship) {
    // Get the group from the relationship
    $group = $relationship->getGroup();

    if (!$group instanceof GroupInterface) {
      continue;
    }

    // Check if the user is a member of the group
    $membership = $membership_loader->load($group, $current_user);

    if ($membership) {
      // In Group v3, we check permissions directly through the membership
      if ($membership->hasPermission('administer group')) {
        $result = AccessResult::allowed();
        break;
      }
    }
  }

  // Add cache contexts for user and group permissions
  return $result->addCacheContexts([
    'user.group_permissions',
    'user.roles',
  ])->mergeCacheMaxAge(0);
}
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024