TeamAccessHandler.php in Apigee Edge 8
File
modules/apigee_edge_teams/src/Entity/TeamAccessHandler.php
View source
<?php
namespace Drupal\apigee_edge_teams\Entity;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Entity\EntityAccessControlHandler;
use Drupal\Core\Entity\EntityHandlerInterface;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityTypeInterface;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\Core\Session\AccountInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
final class TeamAccessHandler extends EntityAccessControlHandler implements EntityHandlerInterface {
private $developerStorage;
public function __construct(EntityTypeInterface $entity_type, EntityTypeManagerInterface $entity_type_manager) {
parent::__construct($entity_type);
$this->developerStorage = $entity_type_manager
->getStorage('developer');
}
public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
return new static($entity_type, $container
->get('entity_type.manager'));
}
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
$result = parent::checkAccess($entity, $operation, $account);
if ($result
->isNeutral()) {
$permissions = [
"{$operation} any {$entity->getEntityTypeId()}",
];
if ($this->entityType
->getAdminPermission()) {
$permissions[] = $this->entityType
->getAdminPermission();
}
$result = AccessResult::allowedIfHasPermissions($account, $permissions, 'OR');
if ($result
->isNeutral() && $operation === 'view') {
if ($account
->isAuthenticated()) {
$developer = $this->developerStorage
->load($account
->getEmail());
if ($developer && in_array($entity
->id(), $developer
->getCompanies())) {
$result = AccessResult::allowed();
$result
->addCacheableDependency($entity);
$result
->addCacheableDependency($developer);
}
}
}
}
return $result;
}
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
$result = parent::checkCreateAccess($account, $context, $entity_bundle);
if ($result
->isNeutral()) {
$permissions = [
"create {$this->entityType->id()}",
];
if ($this->entityType
->getAdminPermission()) {
$permissions[] = $this->entityType
->getAdminPermission();
}
$result = AccessResult::allowedIfHasPermissions($account, $permissions, 'OR');
}
return $result;
}
}