From de3304ecf5ea8bc59e5a7bccabcfba83143a4a94 Mon Sep 17 00:00:00 2001
From: Christia Troyer <christia.troyer@civicactions.com>
Date: Fri, 15 Sep 2023 07:03:34 -0700
Subject: [PATCH] VACMS-15222: Unlock benefit taxononmy fields to content
 admins

---
 .../EventSubscriber/BenefitsSubscriber.php    | 25 +++++++++++--------
 1 file changed, 15 insertions(+), 10 deletions(-)

diff --git a/docroot/modules/custom/va_gov_benefits/src/EventSubscriber/BenefitsSubscriber.php b/docroot/modules/custom/va_gov_benefits/src/EventSubscriber/BenefitsSubscriber.php
index 157ab4c5333..cba3eefcb22 100644
--- a/docroot/modules/custom/va_gov_benefits/src/EventSubscriber/BenefitsSubscriber.php
+++ b/docroot/modules/custom/va_gov_benefits/src/EventSubscriber/BenefitsSubscriber.php
@@ -2,12 +2,12 @@
 
 namespace Drupal\va_gov_benefits\EventSubscriber;
 
-use Drupal\core_event_dispatcher\Event\Form\FormAlterEvent;
-use Drupal\core_event_dispatcher\FormHookEvents;
 use Drupal\Core\Entity\ContentEntityForm;
 use Drupal\Core\Form\FormStateInterface;
-use Drupal\va_gov_user\Service\UserPermsService;
 use Drupal\Core\StringTranslation\StringTranslationTrait;
+use Drupal\core_event_dispatcher\Event\Form\FormAlterEvent;
+use Drupal\core_event_dispatcher\FormHookEvents;
+use Drupal\va_gov_user\Service\UserPermsService;
 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
 
 /**
@@ -65,14 +65,19 @@ public function formAlter(FormAlterEvent $event): void {
    */
   public function protectSelectFields(array &$form, FormStateInterface $form_state): void {
     $form_object = $form_state->getFormObject();
-    if ($form_object instanceof ContentEntityForm) {
-      $bundle = $form_object->getEntity()->bundle();
-      if (!$this->userPermsService->hasAdminRole(TRUE) && $bundle === 'va_benefits_taxonomy') {
-        // Disable Official Benefit name field from non-editors.
+    if ($form_object instanceof ContentEntityForm
+      && $form_object->getEntity()->bundle() === 'va_benefits_taxonomy') {
+      // Distinguish between admins and lock down accordingly.
+      $is_admin = $this->userPermsService->hasAdminRole();
+      $is_administrator_only = $this->userPermsService->hasAdminRole(TRUE);
+      if (!$is_admin) {
+        // Disable Official Benefit name field from non-admins.
         $form['name']['#disabled'] = TRUE;
-        // Hide API ID field from non-editors.
-        $form['field_va_benefit_api_id']['#access'] = FALSE;
-        // Hide taxonomy Relations field from non-editors.
+        // Disable API ID field from non-admins.
+        $form['field_va_benefit_api_id']['#disabled'] = TRUE;
+      }
+      if (!$is_administrator_only) {
+        // Hide taxonomy Relations field.
         $form['relations']['#access'] = FALSE;
       }
     }