function BlockContentAccessControlHandler::checkAccess

File

core/modules/block_content/src/BlockContentAccessControlHandler.php, line 56

Class

BlockContentAccessControlHandler

Defines the access control handler for the custom block entity type.

Namespace

Code

protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
  if ($operation === 'view') {
    $access = AccessResult::allowedIf($entity->isPublished())
      ->orIf(AccessResult::allowedIfHasPermission($account, 'administer blocks'));
  }
  else {
    $access = parent::checkAccess($entity, $operation, $account);
  }
  // Add the entity as a cacheable dependency because access will at least be
  // determined by whether the block is reusable.
  $access->addCacheableDependency($entity);
  /** @var \Drupal\block_content\BlockContentInterface $entity */
  if ($entity->isReusable() === FALSE) {
    if (!$entity instanceof DependentAccessInterface) {
      throw new \LogicException("Non-reusable block entities must implement \\Drupal\\block_content\\Access\\DependentAccessInterface for access control.");
    }
    $dependency = $entity->getAccessDependency();
    if (empty($dependency)) {
      // If an access dependency has not been set let modules set one.
      $event = new BlockContentGetDependencyEvent($entity);
      $this->eventDispatcher
        ->dispatch($event, BlockContentEvents::BLOCK_CONTENT_GET_DEPENDENCY);
      $dependency = $event->getAccessDependency();
      if (empty($dependency)) {
        return AccessResult::forbidden("Non-reusable blocks must set an access dependency for access control.");
      }
    }
    /** @var \Drupal\Core\Entity\EntityInterface $dependency */
    $access = $access->andIf($dependency->access($operation, $account, TRUE));
  }
  return $access;
}