You are here

Home » API reference » Apigee Edge 8 » apigee_edge.module

function apigee_edge_entity_access in Apigee Edge 8

Implements hook_entity_access().

File

./apigee_edge.module, line 532
Copyright 2018 Google Inc.

Code

function apigee_edge_entity_access(EntityInterface $entity, $operation, AccountInterface $account) {
  if (!$entity
    ->getEntityType()
    ->entityClassImplements(AppInterface::class) || !in_array($operation, [
    'revoke_api_key',
    'delete_api_key',
  ])) {
    return AccessResult::neutral();
  }

  /** @var \Drupal\apigee_edge\Entity\AppInterface $entity **/
  $approved_credentials = array_filter($entity
    ->getCredentials(), function (AppCredentialInterface $credential) {
    return $credential
      ->getStatus() === AppCredentialInterface::STATUS_APPROVED;
  });

  // Prevent revoking/deleting the only active key.
  if (count($approved_credentials) <= 1) {
    $action = $operation === "revoke_api_key" ? "revoke" : "delete";
    return AccessResult::forbidden("You cannot {$action} the only active key.");
  }
}