You are here

public function CommentFieldItemList::access in Comment Permissions 8

Checks data value access.

Parameters

string $operation: The operation to be performed.

\Drupal\Core\Session\AccountInterface $account: (optional) The user for which to check access, or NULL to check access for the current user. Defaults to NULL.

bool $return_as_object: (optional) Defaults to FALSE.

Return value

bool|\Drupal\Core\Access\AccessResultInterface The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".

Overrides CommentFieldItemList::access

File

src/CommentFieldItemList.php, line 19

Class

CommentFieldItemList
Overrides CommentFieldItemList class.

Namespace

Drupal\comment_perm

Code

public function access($operation = 'view', AccountInterface $account = NULL, $return_as_object = FALSE) {
  $account = $account ?: \Drupal::currentUser();
  $comment_type = $this
    ->getFieldDefinition()
    ->getSettings()['comment_type'];
  if ($operation === 'edit') {

    // Only users with administer comments permission can edit the comment
    // status field.
    $result = AccessResult::allowedIf($this
      ->accessAdministerComment($account, $comment_type));
    return $return_as_object ? $result : $result
      ->isAllowed();
  }
  if ($operation === 'view') {

    // Only users with "post comments" or "access comments" permission can
    // view the field value. The formatter,
    // Drupal\comment\Plugin\Field\FieldFormatter\CommentDefaultFormatter,
    // takes care of showing the thread and form based on individual
    // permissions, so if a user only has ‘post comments’ access, only the
    // form will be shown and not the comments.
    $result = AccessResult::allowedIf($this
      ->accessComment($account, $comment_type))
      ->orIf(AccessResult::allowedIf($this
      ->accessPostComment($account, $comment_type)));
    return $return_as_object ? $result : $result
      ->isAllowed();
  }
  return parent::access($operation, $account, $return_as_object);
}