function NodeAccessControlHandler::checkFieldAccess

Same name and namespace in other branches
  1. 11.x core/modules/node/src/NodeAccessControlHandler.php \Drupal\node\NodeAccessControlHandler::checkFieldAccess()
  2. 10 core/modules/node/src/NodeAccessControlHandler.php \Drupal\node\NodeAccessControlHandler::checkFieldAccess()
  3. 8.9.x core/modules/node/src/NodeAccessControlHandler.php \Drupal\node\NodeAccessControlHandler::checkFieldAccess()

File

core/modules/node/src/NodeAccessControlHandler.php, line 206

Class

NodeAccessControlHandler
Defines the access control handler for the node entity type.

Namespace

Drupal\node

Code

protected function checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL) {
  // Only users with the administer nodes permission can edit administrative
  // fields.
  $administrative_fields = [
    'uid',
    'status',
    'created',
    'promote',
    'sticky',
  ];
  if ($operation == 'edit' && in_array($field_definition->getName(), $administrative_fields, TRUE)) {
    return AccessResult::allowedIfHasPermission($account, 'administer nodes');
  }
  // No user can change read only fields.
  $read_only_fields = [
    'revision_timestamp',
    'revision_uid',
  ];
  if ($operation == 'edit' && in_array($field_definition->getName(), $read_only_fields, TRUE)) {
    return AccessResult::forbidden();
  }
  // Users have access to the revision_log field either if they have
  // administrative permissions or if the new revision option is enabled.
  if ($operation == 'edit' && $field_definition->getName() == 'revision_log') {
    if ($account->hasPermission('administer nodes')) {
      return AccessResult::allowed()->cachePerPermissions();
    }
    return AccessResult::allowedIf($items->getEntity()->type->entity
      ->shouldCreateNewRevision())
      ->cachePerPermissions();
  }
  return parent::checkFieldAccess($operation, $field_definition, $account, $items);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.