From 5f42d32712fd67eb0bec070a3b997be3cf83e6c1 Mon Sep 17 00:00:00 2001
From: Michael Lee <lee.5151@osu.edu>
Date: Wed, 14 Aug 2024 09:56:40 -0400
Subject: [PATCH] Add administrator check to user cancel form alter hooks in
 asc adminimal

---
 web/themes/asc_adminimal/asc_adminimal.theme | 31 ++++++++++++--------
 1 file changed, 19 insertions(+), 12 deletions(-)

diff --git a/web/themes/asc_adminimal/asc_adminimal.theme b/web/themes/asc_adminimal/asc_adminimal.theme
index b91086ba35..6d24dd9325 100644
--- a/web/themes/asc_adminimal/asc_adminimal.theme
+++ b/web/themes/asc_adminimal/asc_adminimal.theme
@@ -1,18 +1,25 @@
 <?php
+
 use \Drupal\Core\Form\FormStateInterface;
 
-function asc_adminimal_form_user_cancel_form_alter(&$form, FormStateInterface $form_state, $form_id) {
-  // Don't allow delet users or content when disabling an account
-  unset($form['user_cancel_method']['#options']['user_cancel_block_unpublish']);
-  unset($form['user_cancel_method']['#options']['user_cancel_reassign']);
-  unset($form['user_cancel_method']['#options']['user_cancel_delete']);
-  unset($form['user_cancel_confirm']);
+function asc_adminimal_form_user_cancel_form_alter(&$form, FormStateInterface $form_state, $form_id)
+{
+  // Only allow users with the administrator role to delete users
+  if (!\Drupal::currentUser()->hasRole('administrator')) {
+    unset($form['user_cancel_method']['#options']['user_cancel_block_unpublish']);
+    unset($form['user_cancel_method']['#options']['user_cancel_reassign']);
+    unset($form['user_cancel_method']['#options']['user_cancel_delete']);
+    unset($form['user_cancel_confirm']);
+  }
 }
 
-function asc_adminimal_form_user_multiple_cancel_confirm_alter(&$form, FormStateInterface $form_state, $form_id) {
-  // Don't allow delet users or content when disabling an account
-  unset($form['user_cancel_method']['#options']['user_cancel_block_unpublish']);
-  unset($form['user_cancel_method']['#options']['user_cancel_reassign']);
-  unset($form['user_cancel_method']['#options']['user_cancel_delete']);
-  unset($form['user_cancel_confirm']);
+function asc_adminimal_form_user_multiple_cancel_confirm_alter(&$form, FormStateInterface $form_state, $form_id)
+{
+  // Only allow users with the administrator role to delete users
+  if (!\Drupal::currentUser()->hasRole('administrator')) {
+    unset($form['user_cancel_method']['#options']['user_cancel_block_unpublish']);
+    unset($form['user_cancel_method']['#options']['user_cancel_reassign']);
+    unset($form['user_cancel_method']['#options']['user_cancel_delete']);
+    unset($form['user_cancel_confirm']);
+  }
 }
-- 
GitLab