function EntityTestAccessControlHandler::checkAccess

Same name and namespace in other branches
  1. 9 core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php \Drupal\entity_test\EntityTestAccessControlHandler::checkAccess()
  2. 8.9.x core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php \Drupal\entity_test\EntityTestAccessControlHandler::checkAccess()
  3. 10 core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php \Drupal\entity_test\EntityTestAccessControlHandler::checkAccess()

Overrides EntityAccessControlHandler::checkAccess

File

core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php, line 36

Class

EntityTestAccessControlHandler
Defines the access control handler for the test entity type.

Namespace

Drupal\entity_test

Code

protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
    
    /** @var \Drupal\entity_test\Entity\EntityTest $entity */
    // Always forbid access to entities with the label 'forbid_access', used for
    // \Drupal\system\Tests\Entity\EntityAccessControlHandlerTest::testDefaultEntityAccess().
    if ($entity->label() == 'forbid_access') {
        return AccessResult::forbidden();
    }
    if ($operation === 'view label' && $entity instanceof EntityTestLabel) {
        // Viewing the label of the 'entity_test_label' entity type is allowed.
        return AccessResult::allowed();
    }
    elseif (in_array($operation, [
        'view',
        'view label',
    ])) {
        if (!$entity->isDefaultTranslation()) {
            if ($entity instanceof EntityPublishedInterface && !$entity->isPublished()) {
                return AccessResult::allowedIfHasPermission($account, 'view unpublished test entity translations');
            }
            else {
                return AccessResult::allowedIfHasPermission($account, 'view test entity translations');
            }
        }
        if ($entity instanceof EntityPublishedInterface && !$entity->isPublished()) {
            return AccessResult::neutral('Unpublished entity');
        }
        return AccessResult::allowedIfHasPermission($account, 'view test entity');
    }
    elseif (in_array($operation, [
        'update',
        'delete',
    ])) {
        $access = AccessResult::allowedIfHasPermission($account, 'administer entity_test content');
        if (!$access->isAllowed() && $operation === 'update' && $account->hasPermission('edit own entity_test content')) {
            $access = $access->orIf(AccessResult::allowedIf($entity->getOwnerId() === $account->id()))
                ->cachePerUser()
                ->addCacheableDependency($entity);
        }
        return $access;
    }
    // Access to revisions is based on labels, so access can vary by individual
    // revisions, since the 'name' field can vary by revision.
    $labels = explode(',', $entity->label());
    $labels = array_map('trim', $labels);
    if (in_array($operation, [
        'view all revisions',
        'view revision',
    ], TRUE)) {
        return AccessResult::allowedIf(in_array($operation, $labels, TRUE));
    }
    elseif ($operation === 'revert') {
        return AccessResult::allowedIf(in_array('revert', $labels, TRUE));
    }
    elseif ($operation === 'delete revision') {
        return AccessResult::allowedIf(in_array('delete revision', $labels, TRUE));
    }
    // No opinion.
    return AccessResult::neutral();
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.