5 * Contains paragraphs_type_permissions.module
9 use Drupal\Core\Access\AccessResult;
10 use Drupal\Core\Session\AccountInterface;
11 use Drupal\paragraphs\ParagraphInterface;
12 use Drupal\Core\Routing\RouteMatchInterface;
15 * Implements hook_help().
17 function paragraphs_type_permissions_help($route_name, RouteMatchInterface $route_match) {
18 switch ($route_name) {
19 // Help for the Paragraphs type permissions module.
20 case 'help.page.paragraphs_type_permissions':
22 $output .= '<h3>' . t('About') . '</h3>';
23 $output .= '<p>' . t('The Paragraphs Type permission module allows administrators to configure permissions individually for each <em>Paragraphs type</em>. For more information, see the <a href=":online">online documentation for the Paragraphs module</a>.', [':online' => 'https://www.drupal.org/node/2444881']) . '</p>';
24 $output .= '<h3>' . t('Uses') . '</h3>';
25 $output .= '<dt>' . t('Configuring permissions per Paragraphs type') . '</dt>';
26 $output .= '<dd>' . t('Administrators can configure the permissions to view, create, edit, and delete each <em>Paragraphs type</em> individually on the <a href=":permissions">Permissions page</a>.', [':permissions' => Url::fromRoute('user.admin_permissions')->toString()]) . '</dd>';
33 * Implements hook_ENTITY_TYPE_access() for entity type "paragraph".
35 function paragraphs_type_permissions_paragraph_access(ParagraphInterface $entity, $operation, AccountInterface $account) {
36 $permissions = &drupal_static(__FUNCTION__, array());
38 if (!in_array($operation, array('view', 'update', 'delete'), TRUE)) {
39 // If there was no type to check against, or the $op was not one of the
40 // supported ones, we return access denied.
41 return AccessResult::neutral();
44 // Set static cache id to use the type machine name.
45 $type = $entity->getType();
47 if ($operation == 'view' && !$entity->status->value) {
48 return AccessResult::forbidden();
51 // If we've already checked access for this type, user and op, return from
53 if (isset($permissions[$account->id()][$type][$operation])) {
54 return $permissions[$account->id()][$type][$operation];
57 // If the current user has access to this type/operation, return access
58 // allowed, forbidden otherwise.
59 if ($account->hasPermission('bypass paragraphs type content access') || $account->hasPermission($operation . ' paragraph content ' . $type)) {
60 $permissions[$account->id()][$type][$operation] = AccessResult::allowed()->cachePerPermissions();
63 $permissions[$account->id()][$type][$operation] = AccessResult::forbidden()->cachePerPermissions();
66 return $permissions[$account->id()][$type][$operation];
70 * Implements hook_ENTITY_TYPE_create_access() for entity type "paragraph".
72 function paragraphs_type_permissions_paragraph_create_access(AccountInterface $account = NULL, array $context = array(), $entity_bundle = NULL) {
73 $permissions = &drupal_static(__FUNCTION__, array());
75 // Set static cache id to use the type machine name.
76 $type = $entity_bundle;
79 // If we've already checked access for this type, user and op, return from
81 if (isset($permissions[$account->id()][$type][$op])) {
82 return $permissions[$account->id()][$type][$op];
85 // If the current user has access to this type/op, return access allowed,
86 // forbidden otherwise.
87 if ($account->hasPermission('bypass paragraphs type content access') || $account->hasPermission($op . ' paragraph content ' . $type)) {
88 $permissions[$account->id()][$type][$op] = AccessResult::allowed()->cachePerPermissions();
91 $permissions[$account->id()][$type][$op] = AccessResult::forbidden()->cachePerPermissions();
94 return $permissions[$account->id()][$type][$op];