use Drupal\Core\Entity\EntityStorageInterface;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\Core\Routing\Access\AccessInterface;
+use Drupal\Core\Routing\RouteMatchInterface;
use Drupal\Core\Session\AccountInterface;
-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Routing\Route;
/**
protected $accessCache = array();
/**
- * The request stack.
+ * The currently active route match object.
*
- * @var \Symfony\Component\HttpFoundation\RequestStack
+ * @var \Drupal\Core\Routing\RouteMatchInterface
*/
- protected $requestStack;
+ protected $routeMatch;
/**
* Creates a new EntityRevisionRouteAccessChecker instance.
*
* @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
* The entity manager.
- * @param \Symfony\Component\HttpFoundation\RequestStack $request_stack
- * The request stack.
+ * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
+ * The currently active route match object.
*/
- public function __construct(EntityTypeManagerInterface $entity_type_manager, RequestStack $request_stack) {
+ public function __construct(EntityTypeManagerInterface $entity_type_manager, RouteMatchInterface $route_match) {
$this->entityTypeManager = $entity_type_manager;
- $this->requestStack = $request_stack;
+ $this->routeMatch = $route_match;
}
/**
* {@inheritdoc}
*/
- public function access(Route $route, AccountInterface $account, Request $request = NULL) {
- if (empty($request)) {
- $request = $this->requestStack->getCurrentRequest();
+ public function access(Route $route, AccountInterface $account, RouteMatchInterface $route_match = NULL) {
+ if (empty($route_match)) {
+ $route_match = $this->routeMatch;
}
$operation = $route->getRequirement('_entity_access_revision');
- list(, $operation) = explode('.', $operation, 2);
+ list($entity_type_id, $operation) = explode('.', $operation, 2);
if ($operation === 'list') {
- $_entity = $request->attributes->get('_entity', $request->attributes->get($route->getOption('entity_type_id')));
+ $_entity = $route_match->getParameter($entity_type_id);
return AccessResult::allowedIf($this->checkAccess($_entity, $account, $operation))->cachePerPermissions();
}
else {
- $_entity_revision = $request->attributes->get('_entity_revision');
+ $_entity_revision = $route_match->getParameter($entity_type_id . '_revision');
return AccessResult::allowedIf($_entity_revision && $this->checkAccess($_entity_revision, $account, $operation))->cachePerPermissions();
}
}
$cid = $entity->getRevisionId() . ':' . $langcode . ':' . $account->id() . ':' . $operation;
if (!isset($this->accessCache[$cid])) {
+ $admin_permission = $entity_type->getAdminPermission();
+
// Perform basic permission checks first.
- if (!$account->hasPermission($map[$operation]) && !$account->hasPermission($type_map[$operation]) && !$account->hasPermission('administer nodes')) {
+ if (!$account->hasPermission($map[$operation]) && !$account->hasPermission($type_map[$operation]) && ($admin_permission && !$account->hasPermission($admin_permission))) {
$this->accessCache[$cid] = FALSE;
return FALSE;
}
$this->accessCache[$cid] = TRUE;
}
else {
+ // Entity access handlers are generally not aware of the "list" operation.
+ $operation = $operation == 'list' ? 'view' : $operation;
// First check the access to the default revision and finally, if the
// node passed in is not the default revision then access to that, too.
$this->accessCache[$cid] = $entity_access->access($entity_storage->load($entity->id()), $operation, $account) && ($entity->isDefaultRevision() || $entity_access->access($entity, $operation, $account));