function EntityAccessControlHandler::access
Same name in other branches
- 9 core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php \Drupal\Core\Entity\EntityAccessControlHandler::access()
- 8.9.x core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php \Drupal\Core\Entity\EntityAccessControlHandler::access()
- 11.x core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php \Drupal\Core\Entity\EntityAccessControlHandler::access()
Overrides EntityAccessControlHandlerInterface::access
1 call to EntityAccessControlHandler::access()
- MediaAccessControlHandler::checkAccess in core/
modules/ media/ src/ MediaAccessControlHandler.php - Performs access checks.
1 method overrides EntityAccessControlHandler::access()
- NodeAccessControlHandler::access in core/
modules/ node/ src/ NodeAccessControlHandler.php - Checks access to an operation on a given entity or entity translation.
File
-
core/
lib/ Drupal/ Core/ Entity/ EntityAccessControlHandler.php, line 61
Class
- EntityAccessControlHandler
- Defines a default implementation for entity access control handler.
Namespace
Drupal\Core\EntityCode
public function access(EntityInterface $entity, $operation, ?AccountInterface $account = NULL, $return_as_object = FALSE) {
$account = $this->prepareUser($account);
$langcode = $entity->language()
->getId();
if ($operation === 'view label' && $this->viewLabelOperation == FALSE) {
$operation = 'view';
}
// If an entity does not have a UUID, either from not being set or from not
// having them, use the 'entity type:ID' pattern as the cache $cid.
$cid = $entity->uuid() ?: $entity->getEntityTypeId() . ':' . $entity->id();
// If the entity is revisionable, then append the revision ID to allow
// individual revisions to have specific access control and be cached
// separately.
if ($entity instanceof RevisionableInterface) {
/** @var \Drupal\Core\Entity\RevisionableInterface $entity */
$cid .= ':' . $entity->getRevisionId();
// It is not possible to delete or revert the default revision.
if ($entity->isDefaultRevision() && ($operation === 'revert' || $operation === 'delete revision')) {
return $return_as_object ? AccessResult::forbidden() : FALSE;
}
}
if (($return = $this->getCache($cid, $operation, $langcode, $account)) !== NULL) {
// Cache hit, no work necessary.
return $return_as_object ? $return : $return->isAllowed();
}
// Invoke hook_entity_access() and hook_ENTITY_TYPE_access(). Hook results
// take precedence over overridden implementations of
// EntityAccessControlHandler::checkAccess(). Entities that have checks that
// need to be done before the hook is invoked should do so by overriding
// this method.
// We grant access to the entity if both of these conditions are met:
// - No modules say to deny access.
// - At least one module says to grant access.
$access = array_merge($this->moduleHandler()
->invokeAll('entity_access', [
$entity,
$operation,
$account,
]), $this->moduleHandler()
->invokeAll($entity->getEntityTypeId() . '_access', [
$entity,
$operation,
$account,
]));
$return = $this->processAccessHookResults($access);
// Also execute the default access check except when the access result is
// already forbidden, as in that case, it can not be anything else.
if (!$return->isForbidden()) {
$return = $return->orIf($this->checkAccess($entity, $operation, $account));
}
$result = $this->setCache($return, $cid, $operation, $langcode, $account);
return $return_as_object ? $result : $result->isAllowed();
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.