class BlockAccessControlHandler
Same name in other branches
- 9 core/modules/block/src/BlockAccessControlHandler.php \Drupal\block\BlockAccessControlHandler
- 10 core/modules/block/src/BlockAccessControlHandler.php \Drupal\block\BlockAccessControlHandler
- 11.x core/modules/block/src/BlockAccessControlHandler.php \Drupal\block\BlockAccessControlHandler
Defines the access control handler for the block entity type.
Hierarchy
- class \Drupal\Core\Entity\EntityHandlerBase uses \Drupal\Core\StringTranslation\StringTranslationTrait, \Drupal\Core\DependencyInjection\DependencySerializationTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler extends \Drupal\Core\Entity\EntityHandlerBase implements \Drupal\Core\Entity\EntityAccessControlHandlerInterface
- class \Drupal\block\BlockAccessControlHandler extends \Drupal\Core\Entity\EntityAccessControlHandler implements \Drupal\Core\Entity\EntityHandlerInterface uses \Drupal\Core\Condition\ConditionAccessResolverTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler extends \Drupal\Core\Entity\EntityHandlerBase implements \Drupal\Core\Entity\EntityAccessControlHandlerInterface
Expanded class hierarchy of BlockAccessControlHandler
See also
File
-
core/
modules/ block/ src/ BlockAccessControlHandler.php, line 26
Namespace
Drupal\blockView source
class BlockAccessControlHandler extends EntityAccessControlHandler implements EntityHandlerInterface {
use ConditionAccessResolverTrait;
/**
* The plugin context handler.
*
* @var \Drupal\Core\Plugin\Context\ContextHandlerInterface
*/
protected $contextHandler;
/**
* The context manager service.
*
* @var \Drupal\Core\Plugin\Context\ContextRepositoryInterface
*/
protected $contextRepository;
/**
* {@inheritdoc}
*/
public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
return new static($entity_type, $container->get('context.handler'), $container->get('context.repository'));
}
/**
* Constructs the block access control handler instance
*
* @param \Drupal\Core\Entity\EntityTypeInterface $entity_type
* The entity type definition.
* @param \Drupal\Core\Plugin\Context\ContextHandlerInterface $context_handler
* The ContextHandler for applying contexts to conditions properly.
* @param \Drupal\Core\Plugin\Context\ContextRepositoryInterface $context_repository
* The lazy context repository service.
*/
public function __construct(EntityTypeInterface $entity_type, ContextHandlerInterface $context_handler, ContextRepositoryInterface $context_repository) {
parent::__construct($entity_type);
$this->contextHandler = $context_handler;
$this->contextRepository = $context_repository;
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\block\BlockInterface $entity */
if ($operation != 'view') {
return parent::checkAccess($entity, $operation, $account);
}
// Don't grant access to disabled blocks.
if (!$entity->status()) {
return AccessResult::forbidden()->addCacheableDependency($entity);
}
else {
$conditions = [];
$missing_context = FALSE;
$missing_value = FALSE;
foreach ($entity->getVisibilityConditions() as $condition_id => $condition) {
if ($condition instanceof ContextAwarePluginInterface) {
try {
$contexts = $this->contextRepository
->getRuntimeContexts(array_values($condition->getContextMapping()));
$this->contextHandler
->applyContextMapping($condition, $contexts);
} catch (MissingValueContextException $e) {
$missing_value = TRUE;
} catch (ContextException $e) {
$missing_context = TRUE;
}
}
$conditions[$condition_id] = $condition;
}
if ($missing_context) {
// If any context is missing then we might be missing cacheable
// metadata, and don't know based on what conditions the block is
// accessible or not. Make sure the result cannot be cached.
$access = AccessResult::forbidden()->setCacheMaxAge(0);
}
elseif ($missing_value) {
// The contexts exist but have no value. Deny access without
// disabling caching. For example the node type condition will have a
// missing context on any non-node route like the frontpage.
$access = AccessResult::forbidden();
}
elseif ($this->resolveConditions($conditions, 'and') !== FALSE) {
// Delegate to the plugin.
$block_plugin = $entity->getPlugin();
try {
if ($block_plugin instanceof ContextAwarePluginInterface) {
$contexts = $this->contextRepository
->getRuntimeContexts(array_values($block_plugin->getContextMapping()));
$this->contextHandler
->applyContextMapping($block_plugin, $contexts);
}
$access = $block_plugin->access($account, TRUE);
} catch (MissingValueContextException $e) {
// The contexts exist but have no value. Deny access without
// disabling caching.
$access = AccessResult::forbidden();
} catch (ContextException $e) {
// If any context is missing then we might be missing cacheable
// metadata, and don't know based on what conditions the block is
// accessible or not. Make sure the result cannot be cached.
$access = AccessResult::forbidden()->setCacheMaxAge(0);
}
}
else {
$reason = count($conditions) > 1 ? "One of the block visibility conditions ('%s') denied access." : "The block visibility condition '%s' denied access.";
$access = AccessResult::forbidden(sprintf($reason, implode("', '", array_keys($conditions))));
}
$this->mergeCacheabilityFromConditions($access, $conditions);
// Ensure that access is evaluated again when the block changes.
return $access->addCacheableDependency($entity);
}
}
/**
* Merges cacheable metadata from conditions onto the access result object.
*
* @param \Drupal\Core\Access\AccessResult $access
* The access result object.
* @param \Drupal\Core\Condition\ConditionInterface[] $conditions
* List of visibility conditions.
*/
protected function mergeCacheabilityFromConditions(AccessResult $access, array $conditions) {
foreach ($conditions as $condition) {
if ($condition instanceof CacheableDependencyInterface) {
$access->addCacheTags($condition->getCacheTags());
$access->addCacheContexts($condition->getCacheContexts());
$access->setCacheMaxAge(Cache::mergeMaxAges($access->getCacheMaxAge(), $condition->getCacheMaxAge()));
}
}
}
}
Members
Title Sort descending | Modifiers | Object type | Summary | Overriden Title | Overrides |
---|---|---|---|---|---|
BlockAccessControlHandler::$contextHandler | protected | property | The plugin context handler. | ||
BlockAccessControlHandler::$contextRepository | protected | property | The context manager service. | ||
BlockAccessControlHandler::checkAccess | protected | function | Performs access checks. | Overrides EntityAccessControlHandler::checkAccess | |
BlockAccessControlHandler::createInstance | public static | function | Instantiates a new instance of this entity handler. | Overrides EntityHandlerInterface::createInstance | |
BlockAccessControlHandler::mergeCacheabilityFromConditions | protected | function | Merges cacheable metadata from conditions onto the access result object. | ||
BlockAccessControlHandler::__construct | public | function | Constructs the block access control handler instance | Overrides EntityAccessControlHandler::__construct | |
ConditionAccessResolverTrait::resolveConditions | protected | function | Resolves the given conditions based on the condition logic ('and'/'or'). | ||
DependencySerializationTrait::$_entityStorages | protected | property | An array of entity type IDs keyed by the property name of their storages. | ||
DependencySerializationTrait::$_serviceIds | protected | property | An array of service IDs keyed by property name used for serialization. | ||
DependencySerializationTrait::__sleep | public | function | 1 | ||
DependencySerializationTrait::__wakeup | public | function | 2 | ||
EntityAccessControlHandler::$accessCache | protected | property | Stores calculated access check results. | ||
EntityAccessControlHandler::$entityType | protected | property | Information about the entity type. | ||
EntityAccessControlHandler::$entityTypeId | protected | property | The entity type ID of the access control handler instance. | ||
EntityAccessControlHandler::$viewLabelOperation | protected | property | Allows to grant access to just the labels. | 5 | |
EntityAccessControlHandler::access | public | function | Checks access to an operation on a given entity or entity translation. | Overrides EntityAccessControlHandlerInterface::access | 1 |
EntityAccessControlHandler::checkCreateAccess | protected | function | Performs create access checks. | 14 | |
EntityAccessControlHandler::checkFieldAccess | protected | function | Default field access as determined by this access control handler. | 4 | |
EntityAccessControlHandler::createAccess | public | function | Checks access to create an entity. | Overrides EntityAccessControlHandlerInterface::createAccess | 1 |
EntityAccessControlHandler::fieldAccess | public | function | Checks access to an operation on a given entity field. | Overrides EntityAccessControlHandlerInterface::fieldAccess | |
EntityAccessControlHandler::getCache | protected | function | Tries to retrieve a previously cached access value from the static cache. | ||
EntityAccessControlHandler::prepareUser | protected | function | Loads the current account object, if it does not exist yet. | ||
EntityAccessControlHandler::processAccessHookResults | protected | function | We grant access to the entity if both of these conditions are met: | ||
EntityAccessControlHandler::resetCache | public | function | Clears all cached access checks. | Overrides EntityAccessControlHandlerInterface::resetCache | |
EntityAccessControlHandler::setCache | protected | function | Statically caches whether the given user has access. | ||
EntityHandlerBase::$moduleHandler | protected | property | The module handler to invoke hooks on. | 2 | |
EntityHandlerBase::moduleHandler | protected | function | Gets the module handler. | 2 | |
EntityHandlerBase::setModuleHandler | public | function | Sets the module handler for this handler. | ||
StringTranslationTrait::$stringTranslation | protected | property | The string translation service. | ||
StringTranslationTrait::formatPlural | protected | function | Formats a string containing a count of items. | ||
StringTranslationTrait::getNumberOfPlurals | protected | function | Returns the number of plurals supported by a given language. | ||
StringTranslationTrait::getStringTranslation | protected | function | Gets the string translation service. | ||
StringTranslationTrait::setStringTranslation | public | function | Sets the string translation service to use. | 2 | |
StringTranslationTrait::t | protected | function | Translates a string to the current language or to a given language. |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.