ProductAttributeValueAccessControlHandler.php in Commerce Core 8.2
File
modules/product/src/ProductAttributeValueAccessControlHandler.php
View source
<?php
namespace Drupal\commerce_product;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Entity\EntityAccessControlHandler as CoreEntityAccessControlHandler;
use Drupal\Core\Entity\EntityHandlerInterface;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityTypeInterface;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\Core\Session\AccountInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
class ProductAttributeValueAccessControlHandler extends CoreEntityAccessControlHandler implements EntityHandlerInterface {
protected $entityTypeManager;
public function __construct(EntityTypeInterface $entity_type, EntityTypeManagerInterface $entity_type_manager) {
parent::__construct($entity_type);
$this->entityTypeManager = $entity_type_manager;
}
public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
return new static($entity_type, $container
->get('entity_type.manager'));
}
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($account
->hasPermission($this->entityType
->getAdminPermission())) {
return AccessResult::allowed()
->cachePerPermissions();
}
if ($operation == 'view') {
$result = AccessResult::allowedIfHasPermission($account, 'access content');
}
else {
$result = $entity
->getAttribute()
->access('update', $account, TRUE);
}
return $result;
}
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
if ($account
->hasPermission($this->entityType
->getAdminPermission())) {
return AccessResult::allowed()
->cachePerPermissions();
}
$product_attribute_storage = $this->entityTypeManager
->getStorage('commerce_product_attribute');
$product_attribute = $product_attribute_storage
->create([
'id' => $entity_bundle,
]);
$result = $product_attribute
->access('update', $account, TRUE);
return $result;
}
}