class AssetInjectorAccessControlHandler in Asset Injector 8.2
Defines the access control handler for the asset_injector entity types.
Hierarchy
- class \Drupal\Core\Entity\EntityHandlerBase uses DependencySerializationTrait, StringTranslationTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
- class \Drupal\asset_injector\AssetInjectorAccessControlHandler implements EntityHandlerInterface uses ConditionAccessResolverTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
Expanded class hierarchy of AssetInjectorAccessControlHandler
See also
\Drupal\asset_injector\Entity\AssetInjectorCss
File
- src/
AssetInjectorAccessControlHandler.php, line 25
Namespace
Drupal\asset_injectorView source
class AssetInjectorAccessControlHandler extends EntityAccessControlHandler implements EntityHandlerInterface {
use ConditionAccessResolverTrait;
/**
* The plugin context handler.
*
* @var \Drupal\Core\Plugin\Context\ContextHandlerInterface
*/
protected $contextHandler;
/**
* The context manager service.
*
* @var \Drupal\Core\Plugin\Context\ContextRepositoryInterface
*/
protected $contextRepository;
/**
* {@inheritdoc}
*/
public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
return new static($entity_type, $container
->get('context.handler'), $container
->get('context.repository'));
}
/**
* Constructs the asset_injector access control handler instance.
*
* @param \Drupal\Core\Entity\EntityTypeInterface $entity_type
* The entity type definition.
* @param \Drupal\Core\Plugin\Context\ContextHandlerInterface $context_handler
* The ContextHandler for applying contexts to conditions properly.
* @param \Drupal\Core\Plugin\Context\ContextRepositoryInterface $context_repository
* The lazy context repository service.
*/
public function __construct(EntityTypeInterface $entity_type, ContextHandlerInterface $context_handler, ContextRepositoryInterface $context_repository) {
parent::__construct($entity_type);
$this->contextHandler = $context_handler;
$this->contextRepository = $context_repository;
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
// "View" operation is used as an indicator that the asset will be added
// to the page. This doesn't restrict access to view the asset via the url.
if ($operation != 'view') {
return parent::checkAccess($entity, $operation, $account);
}
/** @var \Drupal\asset_injector\AssetInjectorInterface $entity */
// Don't grant access to disabled assets.
if (!$entity
->status()) {
return AccessResult::forbidden()
->addCacheableDependency($entity);
}
else {
$conditions = [];
foreach ($entity
->getConditionsCollection() as $condition_id => $condition) {
// We'll resolve current_theme conditions in another method.
// @see resolveThemeConditions().
if ($condition_id == 'current_theme') {
continue;
}
if ($condition instanceof ContextAwarePluginInterface) {
try {
$contexts = $this->contextRepository
->getRuntimeContexts(array_values($condition
->getContextMapping()));
$this->contextHandler
->applyContextMapping($condition, $contexts);
} catch (ContextException $e) {
}
}
$conditions[$condition_id] = $condition;
}
$logic = $entity->conditions_require_all || empty($conditions) ? 'and' : 'or';
$conditions_allowed = $this
->resolveConditions($conditions, $logic);
$themes_allowed = $this
->resolveThemeConditions($entity);
// Since we split the themes out into their own method, we have to do
// logic to check if it satisfies both options.
if ($entity
->getConditionsCollection()
->has('current_theme')) {
$access = AccessResult::forbidden();
if ($logic == 'and' && ($conditions_allowed && $themes_allowed) || $logic == 'or' && ($conditions_allowed || $themes_allowed)) {
$access = AccessResult::allowed();
}
}
else {
// No current theme so we can just check normal conditions.
$access = $conditions_allowed ? AccessResult::allowed() : AccessResult::forbidden();
}
$this
->mergeCacheabilityFromConditions($access, $conditions);
// Ensure that access is evaluated again when the asset changes.
return $access
->addCacheableDependency($entity);
}
}
/**
* Resolve only current_theme condition plugins.
*
* @param \Drupal\asset_injector\AssetInjectorInterface $entity
* The asset with theme conditions.
*
* @return bool
* If the theme condition resolves true or not.
*
* @throws \Drupal\Component\Plugin\Exception\PluginException
*/
protected function resolveThemeConditions(AssetInjectorInterface $entity) {
$conditions = $entity
->getConditionsCollection();
$theme_conditions = [];
// If no current theme condition, return true.
if (!$conditions
->has('current_theme')) {
return TRUE;
}
/** @var \Drupal\system\Plugin\Condition\CurrentThemeCondition $theme_condition */
$theme_condition = $conditions
->get('current_theme');
$config = $theme_condition
->getConfig();
foreach ($config['theme'] as $theme) {
$new_theme_conditions = clone $theme_condition;
$new_theme_conditions
->setConfig('theme', $theme);
$conditions
->set("current_theme_{$theme}", $new_theme_conditions);
$theme_conditions[] = $new_theme_conditions;
}
$logic = $config['negate'] ? 'and' : 'or';
return $this
->resolveConditions($theme_conditions, $logic);
}
/**
* Merges cacheable metadata from conditions onto the access result object.
*
* @param \Drupal\Core\Access\AccessResult $access
* The access result object.
* @param \Drupal\Core\Condition\ConditionInterface[] $conditions
* List of conditions.
*/
protected function mergeCacheabilityFromConditions(AccessResult $access, array $conditions) {
foreach ($conditions as $condition) {
if ($condition instanceof CacheableDependencyInterface) {
$access
->addCacheTags($condition
->getCacheTags());
$access
->addCacheContexts($condition
->getCacheContexts());
$access
->setCacheMaxAge(Cache::mergeMaxAges($access
->getCacheMaxAge(), $condition
->getCacheMaxAge()));
}
}
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
AssetInjectorAccessControlHandler:: |
protected | property | The plugin context handler. | |
|
AssetInjectorAccessControlHandler:: |
protected | property | The context manager service. | |
|
AssetInjectorAccessControlHandler:: |
protected | function |
Performs access checks. Overrides EntityAccessControlHandler:: |
|
|
AssetInjectorAccessControlHandler:: |
public static | function |
Instantiates a new instance of this entity handler. Overrides EntityHandlerInterface:: |
|
|
AssetInjectorAccessControlHandler:: |
protected | function | Merges cacheable metadata from conditions onto the access result object. | |
|
AssetInjectorAccessControlHandler:: |
protected | function | Resolve only current_theme condition plugins. | |
|
AssetInjectorAccessControlHandler:: |
public | function |
Constructs the asset_injector access control handler instance. Overrides EntityAccessControlHandler:: |
|
|
ConditionAccessResolverTrait:: |
protected | function | Resolves the given conditions based on the condition logic ('and'/'or'). | |
|
DependencySerializationTrait:: |
protected | property | An array of entity type IDs keyed by the property name of their storages. | |
|
DependencySerializationTrait:: |
protected | property | An array of service IDs keyed by property name used for serialization. | |
|
DependencySerializationTrait:: |
public | function | 1 | |
|
DependencySerializationTrait:: |
public | function | 2 | |
|
EntityAccessControlHandler:: |
protected | property | Stores calculated access check results. | |
|
EntityAccessControlHandler:: |
protected | property | Information about the entity type. | |
|
EntityAccessControlHandler:: |
protected | property | The entity type ID of the access control handler instance. | |
|
EntityAccessControlHandler:: |
protected | property | Allows to grant access to just the labels. | 5 |
|
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface:: |
1 |
|
EntityAccessControlHandler:: |
protected | function | Performs create access checks. | 14 |
|
EntityAccessControlHandler:: |
protected | function | Default field access as determined by this access control handler. | 4 |
|
EntityAccessControlHandler:: |
public | function |
Checks access to create an entity. Overrides EntityAccessControlHandlerInterface:: |
1 |
|
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface:: |
|
|
EntityAccessControlHandler:: |
protected | function | Tries to retrieve a previously cached access value from the static cache. | |
|
EntityAccessControlHandler:: |
protected | function | Loads the current account object, if it does not exist yet. | |
|
EntityAccessControlHandler:: |
protected | function | We grant access to the entity if both of these conditions are met: | |
|
EntityAccessControlHandler:: |
public | function |
Clears all cached access checks. Overrides EntityAccessControlHandlerInterface:: |
|
|
EntityAccessControlHandler:: |
protected | function | Statically caches whether the given user has access. | |
|
EntityHandlerBase:: |
protected | property | The module handler to invoke hooks on. | 2 |
|
EntityHandlerBase:: |
protected | function | Gets the module handler. | 2 |
|
EntityHandlerBase:: |
public | function | Sets the module handler for this handler. | |
|
StringTranslationTrait:: |
protected | property | The string translation service. | 1 |
|
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
|
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
|
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
|
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
|
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. |