www.aleph1.co.uk Git - yaffs-website/blob - web/modules/contrib/entity/src/EntityAccessControlHandler.php

   1 <?php
   2
   3 namespace Drupal\entity;
   4
   5 use Drupal\Core\Access\AccessResult;
   6 use Drupal\Core\Entity\EntityInterface;
   7 use Drupal\Core\Entity\EntityPublishedInterface;
   8 use Drupal\Core\Entity\EntityTypeInterface;
   9 use Drupal\Core\Session\AccountInterface;
  10
  11 /**
  12  * Controls access based on the generic entity permissions.
  13  *
  14  * @see \Drupal\entity\UncacheableEntityPermissionProvider
  15  */
  16 class EntityAccessControlHandler extends EntityAccessControlHandlerBase {
  17
  18   /**
  19    * {@inheritdoc}
  20    */
  21   public function __construct(EntityTypeInterface $entity_type) {
  22     parent::__construct($entity_type);
  23
  24     if (!$entity_type->hasHandlerClass('permission_provider') || !is_a($entity_type->getHandlerClass('permission_provider'), EntityPermissionProvider::class, TRUE)) {
  25       throw new \Exception('\Drupal\entity\EntityAccessControlHandler requires the \Drupal\entity\EntityPermissionProvider permission provider.');
  26     }
  27   }
  28
  29   /**
  30    * {@inheritdoc}
  31    */
  32   protected function checkEntityOwnerPermissions(EntityInterface $entity, $operation, AccountInterface $account) {
  33     /** @var \Drupal\user\EntityOwnerInterface $entity */
  34     if ($operation === 'view') {
  35       if ($entity instanceof EntityPublishedInterface && !$entity->isPublished()) {
  36         if ($account->id() != $entity->getOwnerId()) {
  37           // There's no permission for viewing other user's unpublished entity.
  38           return AccessResult::neutral()->cachePerUser();
  39         }
  40
  41         $permissions = [
  42           "view own unpublished {$entity->getEntityTypeId()}",
  43         ];
  44         $result = AccessResult::allowedIfHasPermissions($account, $permissions)->cachePerUser();
  45       }
  46       else {
  47         $result = AccessResult::allowedIfHasPermissions($account, [
  48           "view {$entity->getEntityTypeId()}",
  49           "view {$entity->bundle()} {$entity->getEntityTypeId()}",
  50         ], 'OR');
  51       }
  52     }
  53     else {
  54       $result = parent::checkEntityOwnerPermissions($entity, $operation, $account);
  55     }
  56
  57     return $result;
  58   }
  59
  60 }