function MediaLibraryFieldWidgetOpener::checkAccess

Overrides MediaLibraryOpenerInterface::checkAccess

File

core/modules/media_library/src/MediaLibraryFieldWidgetOpener.php, line 42

Class

MediaLibraryFieldWidgetOpener

The media library opener for field widgets.

Namespace

Code

public function checkAccess(MediaLibraryState $state, AccountInterface $account) {
    $parameters = $state->getOpenerParameters() + [
        'entity_id' => NULL,
    ];
    // Forbid access if any of the required parameters are missing.
    foreach ([
        'entity_type_id',
        'bundle',
        'field_name',
    ] as $key) {
        if (empty($parameters[$key])) {
            return AccessResult::forbidden("{$key} parameter is missing.")->addCacheableDependency($state);
        }
    }
    $entity_type_id = $parameters['entity_type_id'];
    $bundle = $parameters['bundle'];
    $field_name = $parameters['field_name'];
    // Since we defer to a field to determine access, ensure we are dealing with
    // a fieldable entity type.
    $entity_type = $this->entityTypeManager
        ->getDefinition($entity_type_id);
    if (!$entity_type->entityClassImplements(FieldableEntityInterface::class)) {
        throw new \LogicException("The media library can only be opened by fieldable entities.");
    }
    
    /** @var \Drupal\Core\Entity\RevisionableStorageInterface $storage */
    $storage = $this->entityTypeManager
        ->getStorage($entity_type_id);
    $access_handler = $this->entityTypeManager
        ->getAccessControlHandler($entity_type_id);
    if (!empty($parameters['revision_id'])) {
        $entity = $storage->loadRevision($parameters['revision_id']);
        $entity_access = $access_handler->access($entity, 'update', $account, TRUE);
    }
    elseif ($parameters['entity_id']) {
        $entity = $storage->load($parameters['entity_id']);
        $entity_access = $access_handler->access($entity, 'update', $account, TRUE);
    }
    else {
        $entity_access = $access_handler->createAccess($bundle, $account, [], TRUE);
    }
    // If entity-level access is denied, there's no point in continuing.
    if (!$entity_access->isAllowed()) {
        if ($entity_access instanceof RefinableCacheableDependencyInterface) {
            $entity_access->addCacheableDependency($state);
        }
        return $entity_access;
    }
    // If the entity has not been loaded, create it in memory now.
    if (!isset($entity)) {
        $values = [];
        if ($bundle_key = $entity_type->getKey('bundle')) {
            $values[$bundle_key] = $bundle;
        }
        
        /** @var \Drupal\Core\Entity\FieldableEntityInterface $entity */
        $entity = $storage->create($values);
    }
    $items = $entity->get($field_name);
    $field_definition = $items->getFieldDefinition();
    // Check that the field is an entity reference, or subclass of it, since we
    // need to check the target_type setting.
    if (!$items instanceof EntityReferenceFieldItemList) {
        throw new \LogicException('Expected the media library to be opened by an entity reference field.');
    }
    if ($field_definition->getFieldStorageDefinition()
        ->getSetting('target_type') !== 'media') {
        throw new \LogicException('Expected the media library to be opened by an entity reference field that target media items.');
    }
    $field_access = $access_handler->fieldAccess('edit', $field_definition, $account, $items, TRUE);
    $access = $entity_access->andIf($field_access);
    if ($access instanceof RefinableCacheableDependencyInterface) {
        $access->addCacheableDependency($state);
    }
    return $access;
}