function MenuLinkContentAccessControlHandler::checkAccess

Same name and namespace in other branches
  1. 8.9.x core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php \Drupal\menu_link_content\MenuLinkContentAccessControlHandler::checkAccess()
  2. 10 core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php \Drupal\menu_link_content\MenuLinkContentAccessControlHandler::checkAccess()
  3. 11.x core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php \Drupal\menu_link_content\MenuLinkContentAccessControlHandler::checkAccess()

Overrides EntityAccessControlHandler::checkAccess

File

core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php, line 50

Class

MenuLinkContentAccessControlHandler
Defines the access control handler for the menu link content entity type.

Namespace

Drupal\menu_link_content

Code

protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
    switch ($operation) {
        case 'view':
            // There is no direct viewing of a menu link, but still for purposes of
            // content_translation we need a generic way to check access.
            return AccessResult::allowedIfHasPermission($account, 'administer menu');
        case 'update':
            if (!$account->hasPermission('administer menu')) {
                return AccessResult::neutral("The 'administer menu' permission is required.")->cachePerPermissions();
            }
            else {
                // Assume that access is allowed.
                $access = AccessResult::allowed()->cachePerPermissions()
                    ->addCacheableDependency($entity);
                
                /** @var \Drupal\menu_link_content\MenuLinkContentInterface $entity */
                // If the link is routed determine whether the user has access unless
                // they have the 'link to any page' permission.
                if (!$account->hasPermission('link to any page') && ($url_object = $entity->getUrlObject()) && $url_object->isRouted()) {
                    $link_access = $this->accessManager
                        ->checkNamedRoute($url_object->getRouteName(), $url_object->getRouteParameters(), $account, TRUE);
                    $access = $access->andIf($link_access);
                }
                return $access;
            }
        case 'delete':
            return AccessResult::allowedIfHasPermission($account, 'administer menu')->andIf(AccessResult::allowedIf(!$entity->isNew())
                ->addCacheableDependency($entity));
        default:
            return parent::checkAccess($entity, $operation, $account);
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.