* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
+ if ($account->hasPermission('administer taxonomy')) {
+ return AccessResult::allowed()->cachePerPermissions();
+ }
+
switch ($operation) {
case 'view':
- return AccessResult::allowedIfHasPermission($account, 'access content');
+ $access_result = AccessResult::allowedIf($account->hasPermission('access content') && $entity->isPublished())
+ ->cachePerPermissions()
+ ->addCacheableDependency($entity);
+ if (!$access_result->isAllowed()) {
+ $access_result->setReason("The 'access content' permission is required and the taxonomy term must be published.");
+ }
+ return $access_result;
case 'update':
- return AccessResult::allowedIfHasPermissions($account, ["edit terms in {$entity->bundle()}", 'administer taxonomy'], 'OR');
+ if ($account->hasPermission("edit terms in {$entity->bundle()}")) {
+ return AccessResult::allowed()->cachePerPermissions();
+ }
+
+ return AccessResult::neutral()->setReason("The following permissions are required: 'edit terms in {$entity->bundle()}' OR 'administer taxonomy'.");
case 'delete':
- return AccessResult::allowedIfHasPermissions($account, ["delete terms in {$entity->bundle()}", 'administer taxonomy'], 'OR');
+ if ($account->hasPermission("delete terms in {$entity->bundle()}")) {
+ return AccessResult::allowed()->cachePerPermissions();
+ }
+
+ return AccessResult::neutral()->setReason("The following permissions are required: 'delete terms in {$entity->bundle()}' OR 'administer taxonomy'.");
default:
// No opinion.
- return AccessResult::neutral();
+ return AccessResult::neutral()->cachePerPermissions();
}
}
projects / yaffs-website / blobdiff