class WorkflowStateTransitionOperationsAccessCheck

Same name in other branches
  1. 9 core/modules/workflows/src/WorkflowStateTransitionOperationsAccessCheck.php \Drupal\workflows\WorkflowStateTransitionOperationsAccessCheck
  2. 8.9.x core/modules/workflows/src/WorkflowStateTransitionOperationsAccessCheck.php \Drupal\workflows\WorkflowStateTransitionOperationsAccessCheck
  3. 11.x core/modules/workflows/src/WorkflowStateTransitionOperationsAccessCheck.php \Drupal\workflows\WorkflowStateTransitionOperationsAccessCheck

Provides an access check for state and transition operations.

Hierarchy

Expanded class hierarchy of WorkflowStateTransitionOperationsAccessCheck

1 file declares its use of WorkflowStateTransitionOperationsAccessCheck
WorkflowStateTransitionOperationsAccessCheckTest.php in core/modules/workflows/tests/src/Unit/WorkflowStateTransitionOperationsAccessCheckTest.php
1 string reference to 'WorkflowStateTransitionOperationsAccessCheck'
workflows.services.yml in core/modules/workflows/workflows.services.yml
core/modules/workflows/workflows.services.yml
1 service uses WorkflowStateTransitionOperationsAccessCheck
workflows.access_check.extended_permissions in core/modules/workflows/workflows.services.yml
Drupal\workflows\WorkflowStateTransitionOperationsAccessCheck

File

core/modules/workflows/src/WorkflowStateTransitionOperationsAccessCheck.php, line 13

Namespace

Drupal\workflows
View source
class WorkflowStateTransitionOperationsAccessCheck implements AccessInterface {
    
    /**
     * Checks access for operations of workflow states and transitions.
     *
     * The value of '_workflow_access' is used to check to kind of access that
     * should be applied to a route in the context of a workflow and a state or
     * transition. States and transitions can individually have access control
     * applied to them for 'add', 'update' and 'delete'. By default workflows will
     * use the admin permission 'administer workflows' for all of these
     * operations, except for delete-state which checks there is at least one
     * state, a state does not have data and it's not a required state.
     *
     * For the update and delete operations, a workflow and a state or transition
     * is required in the route for the access check to be applied. For the "add"
     * operation, only a workflow is required. The '_workflow_access' requirement
     * translates into access checks on the workflow entity type in the formats:
     *   - @code"$operation-state:$state_id"@endcode
     *   - @code"$operation-transition:$transition_id"@endcode
     *
     * For example the following route definition with the path
     * "/test-workflow/foo-state/delete" the 'delete-state:foo-state' operation
     * will be checked:
     * @code
     * pattern: '/{workflow}/{workflow_state}/delete'
     * requirements:
     *   _workflow_access: 'delete-state'
     * @endcode
     *
     * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
     *   The parametrized route
     * @param \Drupal\Core\Session\AccountInterface $account
     *   The currently logged in account.
     *
     * @return \Drupal\Core\Access\AccessResultInterface
     *   An access result.
     *
     * @throws \Exception
     *   Throws an exception when a route is defined with an invalid operation.
     */
    public function access(RouteMatchInterface $route_match, AccountInterface $account) {
        $workflow_operation = $this->getOperation($route_match);
        if (!preg_match('/^(?<operation>add|update|delete)-(?<type>state|transition)$/', $workflow_operation, $matches)) {
            throw new \Exception("Invalid _workflow_access operation '{$workflow_operation}' specified for route '{$route_match->getRouteName()}'.");
        }
        $parameters = $route_match->getParameters();
        $workflow = $parameters->get('workflow');
        if ($workflow && $matches['operation'] === 'add') {
            return $workflow->access($workflow_operation, $account, TRUE);
        }
        if ($workflow && ($type = $parameters->get(sprintf('workflow_%s', $matches['type'])))) {
            return $workflow->access(sprintf('%s:%s', $workflow_operation, $type), $account, TRUE);
        }
        return AccessResult::neutral();
    }
    
    /**
     * Get the operation that will be used for the access check.
     *
     * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
     *   The parametrized route
     *
     * @return string
     *   The access operation.
     */
    protected function getOperation(RouteMatchInterface $route_match) {
        return $route_match->getRouteObject()
            ->getRequirement('_workflow_access');
    }

}

Members

Title Sort descending Modifiers Object type Summary
WorkflowStateTransitionOperationsAccessCheck::access public function Checks access for operations of workflow states and transitions.
WorkflowStateTransitionOperationsAccessCheck::getOperation protected function Get the operation that will be used for the access check.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.