final class TeamInvitationAccessControlHandler in Apigee Edge 8
Access controller handler for team_invitation.
Hierarchy
- class \Drupal\Core\Entity\EntityHandlerBase uses DependencySerializationTrait, StringTranslationTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
- class \Drupal\entity\EntityAccessControlHandlerBase
- class \Drupal\entity\EntityAccessControlHandler
- class \Drupal\apigee_edge_teams\Entity\TeamInvitationAccessControlHandler implements EntityHandlerInterface
- class \Drupal\entity\EntityAccessControlHandler
- class \Drupal\entity\EntityAccessControlHandlerBase
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
Expanded class hierarchy of TeamInvitationAccessControlHandler
File
- modules/
apigee_edge_teams/ src/ Entity/ TeamInvitationAccessControlHandler.php, line 35
Namespace
Drupal\apigee_edge_teams\EntityView source
final class TeamInvitationAccessControlHandler extends EntityAccessControlHandler implements EntityHandlerInterface {
/**
* The team permissions handler.
*
* @var \Drupal\apigee_edge_teams\TeamPermissionHandlerInterface
*/
protected $teamPermissionHandler;
/**
* TeamInvitationAccessControlHandler constructor.
*
* @param \Drupal\Core\Entity\EntityTypeInterface $entity_type
* The entity type.
* @param \Drupal\apigee_edge_teams\TeamPermissionHandlerInterface $team_permission_handler
* The team permissions handler.
*/
public function __construct(EntityTypeInterface $entity_type, TeamPermissionHandlerInterface $team_permission_handler) {
parent::__construct($entity_type);
$this->teamPermissionHandler = $team_permission_handler;
}
/**
* {@inheritdoc}
*/
public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
return new static($entity_type, $container
->get('apigee_edge_teams.team_permissions'));
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\apigee_edge_teams\Entity\TeamInvitation $entity */
$account = $this
->prepareUser($account);
// Check if team exists.
if (!$entity
->getTeam()) {
return AccessResult::forbidden('Team does not exist.')
->addCacheableDependency($entity);
}
// Access is allowed if the user can accept invitation and the invitation
// is pending.
if ($entity
->isPending() && $operation === 'accept') {
return AccessResult::allowedIf($account
->getEmail() == $entity
->getRecipient())
->andIf(AccessResult::allowedIfHasPermissions($account, [
'accept own team invitation',
'accept any team invitation',
], 'OR'))
->addCacheableDependency($entity)
->cachePerUser();
}
// Access is allowed if the user can decline invitation and the invitation
// is pending.
if ($entity
->isPending() && $operation === 'decline') {
return AccessResult::allowedIf($account
->getEmail() == $entity
->getRecipient())
->andIf(AccessResult::allowedIfHasPermissions($account, [
'decline own team invitation',
'decline any team invitation',
], 'OR'))
->addCacheableDependency($entity)
->cachePerUser();
}
// Access allowed if user can administer team invitations for team or if
// user has permissions to administer all team invitations.
// Note: This is handled at team level permissions.
if ($operation === 'delete' || $operation === "resend") {
return AccessResult::allowedIf(in_array('team_manage_members', $this->teamPermissionHandler
->getDeveloperPermissionsByTeam($entity
->getTeam(), $account)))
->orIf(AccessResult::allowedIfHasPermissions($account, [
'administer team',
'manage team members',
], 'OR'))
->addCacheableDependency($entity)
->cachePerUser();
}
return parent::checkAccess($entity, $operation, $account);
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
DependencySerializationTrait:: |
protected | property | An array of entity type IDs keyed by the property name of their storages. | |
DependencySerializationTrait:: |
protected | property | An array of service IDs keyed by property name used for serialization. | |
DependencySerializationTrait:: |
public | function | 1 | |
DependencySerializationTrait:: |
public | function | 2 | |
EntityAccessControlHandler:: |
protected | property | Stores calculated access check results. | |
EntityAccessControlHandler:: |
protected | property | Information about the entity type. | |
EntityAccessControlHandler:: |
protected | property | The entity type ID of the access control handler instance. | |
EntityAccessControlHandler:: |
protected | property | Allows to grant access to just the labels. | 5 |
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface:: |
1 |
EntityAccessControlHandler:: |
protected | function |
Checks the entity operation and bundle permissions, with owners. Overrides EntityAccessControlHandlerBase:: |
|
EntityAccessControlHandler:: |
protected | function | Default field access as determined by this access control handler. | 4 |
EntityAccessControlHandler:: |
public | function |
Checks access to create an entity. Overrides EntityAccessControlHandlerInterface:: |
1 |
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface:: |
|
EntityAccessControlHandler:: |
protected | function | Tries to retrieve a previously cached access value from the static cache. | |
EntityAccessControlHandler:: |
protected | function | Loads the current account object, if it does not exist yet. | |
EntityAccessControlHandler:: |
protected | function | We grant access to the entity if both of these conditions are met: | |
EntityAccessControlHandler:: |
public | function |
Clears all cached access checks. Overrides EntityAccessControlHandlerInterface:: |
|
EntityAccessControlHandler:: |
protected | function | Statically caches whether the given user has access. | |
EntityAccessControlHandlerBase:: |
protected | function |
Performs create access checks. Overrides EntityAccessControlHandler:: |
|
EntityAccessControlHandlerBase:: |
protected | function | Checks the entity operation and bundle permissions. | |
EntityHandlerBase:: |
protected | property | The module handler to invoke hooks on. | 2 |
EntityHandlerBase:: |
protected | function | Gets the module handler. | 2 |
EntityHandlerBase:: |
public | function | Sets the module handler for this handler. | |
StringTranslationTrait:: |
protected | property | The string translation service. | 1 |
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. | |
TeamInvitationAccessControlHandler:: |
protected | property | The team permissions handler. | |
TeamInvitationAccessControlHandler:: |
protected | function |
Performs access checks. Overrides EntityAccessControlHandlerBase:: |
|
TeamInvitationAccessControlHandler:: |
public static | function |
Instantiates a new instance of this entity handler. Overrides EntityHandlerInterface:: |
|
TeamInvitationAccessControlHandler:: |
public | function |
TeamInvitationAccessControlHandler constructor. Overrides EntityAccessControlHandler:: |