class EntityAccessCheck

Same name and namespace in other branches
  1. 9 core/lib/Drupal/Core/Entity/EntityAccessCheck.php \Drupal\Core\Entity\EntityAccessCheck
  2. 8.9.x core/lib/Drupal/Core/Entity/EntityAccessCheck.php \Drupal\Core\Entity\EntityAccessCheck
  3. 10 core/lib/Drupal/Core/Entity/EntityAccessCheck.php \Drupal\Core\Entity\EntityAccessCheck

Provides a generic access checker for entities.

Hierarchy

Expanded class hierarchy of EntityAccessCheck

1 file declares its use of EntityAccessCheck
EntityAccessCheckTest.php in core/tests/Drupal/Tests/Core/Entity/EntityAccessCheckTest.php

File

core/lib/Drupal/Core/Entity/EntityAccessCheck.php, line 14

Namespace

Drupal\Core\Entity
View source 
class EntityAccessCheck implements AccessInterface {
    
    /**
     * Checks access to the entity operation on the given route.
     *
     * The route's '_entity_access' requirement must follow the pattern
     * 'slug.operation'. Typically, the slug is an entity type ID, but it can be
     * any slug defined in the route. The route match parameter corresponding to
     * the slug is checked to see if it is entity-like, that is: implements
     * EntityInterface. Available operations are: 'view', 'update', 'create', and
     * 'delete'.
     *
     * For example, this route configuration invokes a permissions check for
     * 'update' access to entities of type 'node':
     * @code
     * pattern: '/foo/{node}/bar'
     * requirements:
     *   _entity_access: 'node.update'
     * @endcode
     * And this will check 'delete' access to a dynamic entity type:
     * @code
     * example.route:
     *   path: foo/{entity_type}/{example}
     *   requirements:
     *     _entity_access: example.delete
     *   options:
     *     parameters:
     *       example:
     *         type: entity:{entity_type}
     * @endcode
     *
     * @see \Drupal\Core\ParamConverter\EntityConverter
     *
     * @param \Symfony\Component\Routing\Route $route
     *   The route to check against.
     * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
     *   The parametrized route
     * @param \Drupal\Core\Session\AccountInterface $account
     *   The currently logged in account.
     *
     * @return \Drupal\Core\Access\AccessResultInterface
     *   The access result.
     *
     * @link https://www.drupal.org/docs/8/api/routing-system/parameters-in-routes
     */
    public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account) {
        // Split the entity type and the operation.
        $requirement = $route->getRequirement('_entity_access');
        [
            $entity_type,
            $operation,
        ] = explode('.', $requirement);
        // If $entity_type parameter is a valid entity, call its own access check.
        $parameters = $route_match->getParameters();
        if ($parameters->has($entity_type)) {
            $entity = $parameters->get($entity_type);
            if ($entity instanceof EntityInterface) {
                return $entity->access($operation, $account, TRUE);
            }
        }
        // No opinion, so other access checks should decide if access should be
        // allowed or not.
        return AccessResult::neutral();
    }

}

Members

Title Modifiers Object type Summary
EntityAccessCheck::access public function Checks access to the entity operation on the given route.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.