class NodeRevisionAccessCheck

Same name and namespace in other branches
  1. 8.9.x core/modules/node/src/Access/NodeRevisionAccessCheck.php \Drupal\node\Access\NodeRevisionAccessCheck

Provides an access checker for node revisions.

Hierarchy

Expanded class hierarchy of NodeRevisionAccessCheck

Related topics

Node access rights
The node access system determines who can do what to which nodes.
1 string reference to 'NodeRevisionAccessCheck'
node.services.yml in core/modules/node/node.services.yml
core/modules/node/node.services.yml
1 service uses NodeRevisionAccessCheck
access_check.node.revision in core/modules/node/node.services.yml
Drupal\node\Access\NodeRevisionAccessCheck

File

core/modules/node/src/Access/NodeRevisionAccessCheck.php, line 17

Namespace

Drupal\node\Access
View on git.drupalcode.org
View source 
class NodeRevisionAccessCheck implements AccessInterface {
  
  /**
   * The node storage.
   *
   * @var \Drupal\node\NodeStorageInterface
   */
  protected $nodeStorage;
  
  /**
   * Constructs a new NodeRevisionAccessCheck.
   *
   * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
   *   The entity type manager.
   */
  public function __construct(EntityTypeManagerInterface $entity_type_manager) {
    @trigger_error('NodeRevisionAccessCheck is deprecated in drupal:9.3.0 and will be removed before drupal:10.0.0. Use "_entity_access" requirement with relevant operation instead. See https://www.drupal.org/node/3161210', E_USER_DEPRECATED);
    $this->nodeStorage = $entity_type_manager->getStorage('node');
  }
  
  /**
   * Checks routing access for the node revision.
   *
   * @param \Symfony\Component\Routing\Route $route
   *   The route to check against.
   * @param \Drupal\Core\Session\AccountInterface $account
   *   The currently logged in account.
   * @param int $node_revision
   *   (optional) The node revision ID. If not specified, but $node is, access
   *   is checked for that object's revision.
   * @param \Drupal\node\NodeInterface $node
   *   (optional) A node object. Used for checking access to a node's default
   *   revision when $node_revision is unspecified. Ignored when $node_revision
   *   is specified. If neither $node_revision nor $node are specified, then
   *   access is denied.
   *
   * @return \Drupal\Core\Access\AccessResultInterface
   *   The access result.
   */
  public function access(Route $route, AccountInterface $account, $node_revision = NULL, NodeInterface $node = NULL) {
    if ($node_revision) {
      $node = $this->nodeStorage
        ->loadRevision($node_revision);
    }
    $operation = $route->getRequirement('_access_node_revision');
    return AccessResult::allowedIf($node && $this->checkAccess($node, $account, $operation))
      ->cachePerPermissions()
      ->addCacheableDependency($node);
  }
  
  /**
   * Checks node revision access.
   *
   * @param \Drupal\node\NodeInterface $node
   *   The node to check.
   * @param \Drupal\Core\Session\AccountInterface $account
   *   A user object representing the user for whom the operation is to be
   *   performed.
   * @param string $op
   *   (optional) The specific operation being checked. Defaults to 'view.'
   *
   * @return bool
   *   TRUE if the operation may be performed, FALSE otherwise.
   */
  public function checkAccess(NodeInterface $node, AccountInterface $account, $op = 'view') {
    // Converts legacy operations for this access check to new revision
    // operation found in access control handler.
    $entity_operation_map = [
      'view' => 'view all revisions',
      'update' => 'revert revision',
      'delete' => 'delete revision',
    ];
    return isset($entity_operation_map[$op]) ? $node->access($entity_operation_map[$op], $account) : FALSE;
  }

}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.