class UserAccessControlHandler

Same name in other branches
  1. 9 core/modules/user/src/UserAccessControlHandler.php \Drupal\user\UserAccessControlHandler
  2. 8.9.x core/modules/user/src/UserAccessControlHandler.php \Drupal\user\UserAccessControlHandler
  3. 11.x core/modules/user/src/UserAccessControlHandler.php \Drupal\user\UserAccessControlHandler

Defines the access control handler for the user entity type.

Hierarchy

Expanded class hierarchy of UserAccessControlHandler

See also

\Drupal\user\Entity\User

1 file declares its use of UserAccessControlHandler
UserAccessControlHandlerTest.php in core/modules/user/tests/src/Unit/UserAccessControlHandlerTest.php

File

core/modules/user/src/UserAccessControlHandler.php, line 18

Namespace

Drupal\user
View source
class UserAccessControlHandler extends EntityAccessControlHandler {
    
    /**
     * Allow access to user label.
     *
     * @var bool
     */
    protected $viewLabelOperation = TRUE;
    
    /**
     * {@inheritdoc}
     */
    protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
        
        /** @var \Drupal\user\UserInterface $entity*/
        // We don't treat the user label as privileged information, so this check
        // has to be the first one in order to allow labels for all users to be
        // viewed, including the special anonymous user.
        if ($operation === 'view label') {
            return AccessResult::allowed();
        }
        // The anonymous user's profile can neither be viewed, updated nor deleted.
        if ($entity->isAnonymous()) {
            return AccessResult::forbidden();
        }
        // Administrators can view/update/delete all user profiles.
        if ($account->hasPermission('administer users')) {
            return AccessResult::allowed()->cachePerPermissions();
        }
        switch ($operation) {
            case 'view':
                // Only allow view access if the account is active.
                $result = AccessResult::allowedIfHasPermission($account, 'access user profiles');
                if ($result->isAllowed()) {
                    $result = $result->andIf(AccessResult::allowedIf($entity->isActive())
                        ->addCacheableDependency($entity));
                    if ($result instanceof AccessResultReasonInterface) {
                        $result->setReason("The 'access user profiles' permission is required and the user must be active.");
                    }
                    if ($result->isAllowed()) {
                        return $result;
                    }
                }
                // Users can view own profiles at all times.
                return $result->orIf(AccessResult::allowedIf($account->id() == $entity->id())
                    ->addCacheContexts([
                    'user',
                ]));
            case 'update':
                // Users can always edit their own account.
                $access_result = AccessResult::allowedIf($account->id() == $entity->id())
                    ->cachePerUser();
                if (!$access_result->isAllowed() && $access_result instanceof AccessResultReasonInterface) {
                    $access_result->setReason("Users can only update their own account, unless they have the 'administer users' permission.");
                }
                return $access_result;
            case 'delete':
                // Users with 'cancel account' permission can cancel their own account.
                return AccessResult::allowedIfHasPermission($account, 'cancel account')->andIf(AccessResult::allowedIf($account->id() == $entity->id())
                    ->cachePerUser());
        }
        // No opinion.
        return AccessResult::neutral();
    }
    
    /**
     * {@inheritdoc}
     */
    protected function checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, ?FieldItemListInterface $items = NULL) {
        // Fields that are not implicitly allowed to administrative users.
        $explicit_check_fields = [
            'pass',
        ];
        // Administrative users are allowed to edit and view all fields.
        if (!in_array($field_definition->getName(), $explicit_check_fields) && $account->hasPermission('administer users')) {
            return AccessResult::allowed()->cachePerPermissions();
        }
        // Flag to indicate if this user entity is the own user account.
        $is_own_account = $items ? $items->getEntity()
            ->id() == $account->id() : FALSE;
        switch ($field_definition->getName()) {
            case 'name':
                // Allow view access to anyone with access to the entity.
                // The username field is editable during the registration process.
                if ($operation == 'view' || $items && $items->getEntity()
                    ->isNew()) {
                    return AccessResult::allowed()->cachePerPermissions();
                }
                // Allow edit access for the own user name if the permission is
                // satisfied.
                if ($is_own_account && $account->hasPermission('change own username')) {
                    return AccessResult::allowed()->cachePerPermissions()
                        ->cachePerUser();
                }
                else {
                    return AccessResult::neutral();
                }
            case 'mail':
                // Only check for the 'view user email addresses' permission and a view
                // operation. Use case fall-through for all other cases.
                if ($operation == 'view' && $account->hasPermission('view user email addresses')) {
                    return AccessResult::allowed()->cachePerPermissions();
                }
            case 'preferred_langcode':
            case 'preferred_admin_langcode':
            case 'timezone':
                // Allow view access to own mail address and other personalization
                // settings.
                if ($operation == 'view') {
                    return AccessResult::allowedIf($is_own_account)->cachePerUser();
                }
                // Anyone that can edit the user can also edit this field.
                return AccessResult::allowed()->cachePerPermissions();
            case 'pass':
                // Allow editing the password, but not viewing it.
                return $operation == 'edit' ? AccessResult::allowed() : AccessResult::forbidden();
            case 'created':
                // Allow viewing the created date, but not editing it.
                return $operation == 'view' ? AccessResult::allowed() : AccessResult::neutral();
            case 'roles':
            case 'status':
            case 'access':
            case 'login':
            case 'init':
                return AccessResult::neutral();
        }
        return parent::checkFieldAccess($operation, $field_definition, $account, $items);
    }

}

Members

Title Sort descending Modifiers Object type Summary Overriden Title Overrides
DependencySerializationTrait::$_entityStorages protected property
DependencySerializationTrait::$_serviceIds protected property
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
EntityAccessControlHandler::$accessCache protected property Stores calculated access check results.
EntityAccessControlHandler::$entityType protected property Information about the entity type.
EntityAccessControlHandler::$entityTypeId protected property The entity type ID of the access control handler instance.
EntityAccessControlHandler::access public function Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface::access 1
EntityAccessControlHandler::checkCreateAccess protected function Performs create access checks. 14
EntityAccessControlHandler::createAccess public function Checks access to create an entity. Overrides EntityAccessControlHandlerInterface::createAccess 1
EntityAccessControlHandler::fieldAccess public function Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface::fieldAccess
EntityAccessControlHandler::getCache protected function Tries to retrieve a previously cached access value from the static cache.
EntityAccessControlHandler::prepareUser protected function Loads the current account object, if it does not exist yet.
EntityAccessControlHandler::processAccessHookResults protected function Determines entity access.
EntityAccessControlHandler::resetCache public function Clears all cached access checks. Overrides EntityAccessControlHandlerInterface::resetCache
EntityAccessControlHandler::setCache protected function Statically caches whether the given user has access.
EntityAccessControlHandler::__construct public function Constructs an access control handler instance. 8
EntityHandlerBase::$moduleHandler protected property The module handler to invoke hooks on. 5
EntityHandlerBase::moduleHandler protected function Gets the module handler. 5
EntityHandlerBase::setModuleHandler public function Sets the module handler for this handler.
StringTranslationTrait::$stringTranslation protected property The string translation service. 3
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.
UserAccessControlHandler::$viewLabelOperation protected property Allow access to user label. Overrides EntityAccessControlHandler::$viewLabelOperation
UserAccessControlHandler::checkAccess protected function Performs access checks. Overrides EntityAccessControlHandler::checkAccess
UserAccessControlHandler::checkFieldAccess protected function Default field access as determined by this access control handler. Overrides EntityAccessControlHandler::checkFieldAccess

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.