protected function PaymentMethodProfileFormatter::checkAccess in Commerce Core 8.2
Checks access to the given entity.
By default, entity 'view' access is checked. However, a subclass can choose to exclude certain items from entity access checking by immediately granting access.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity to check.
Return value
\Drupal\Core\Access\AccessResult A cacheable access result.
Overrides EntityReferenceFormatterBase::checkAccess
File
- modules/
payment/ src/ Plugin/ Field/ FieldFormatter/ PaymentMethodProfileFormatter.php, line 44
Class
- PaymentMethodProfileFormatter
- Plugin implementation of the 'commerce_payment_method_profile' formatter.
Namespace
Drupal\commerce_payment\Plugin\Field\FieldFormatterCode
protected function checkAccess(EntityInterface $entity) {
/** @var \Drupal\commerce_order\Entity\OrderInterface $order */
$order = $this->currentRouteMatch
->getParameter('commerce_order');
// Defer to the parent method if the order could not be fetched from the
// current route or if it doesn't reference a payment method.
if (!$order || $order
->get('payment_method')
->isEmpty() || !$order
->get('payment_method')->entity) {
return parent::checkAccess($entity);
}
/** @var \Drupal\commerce_payment\Entity\PaymentMethodInterface $payment_method */
$payment_method = $order
->get('payment_method')->entity;
// Allow access if the billing profile belongs to the payment method
// referenced by the order being viewed.
return AccessResult::allowedIf($payment_method
->getBillingProfile()
->id() == $entity
->id())
->addCacheableDependency($order);
}