protected function ProductVariationAccessControlHandler::checkAccess in Commerce Core 8.2
Performs access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.
string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
Overrides EntityAccessControlHandler::checkAccess
File
- modules/
product/ src/ ProductVariationAccessControlHandler.php, line 27
Class
- ProductVariationAccessControlHandler
- Provides an access control handler for product variations.
Namespace
Drupal\commerce_productCode
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($account
->hasPermission($this->entityType
->getAdminPermission())) {
return AccessResult::allowed()
->cachePerPermissions();
}
/** @var \Drupal\commerce_product\Entity\ProductVariationInterface $entity */
$product = $entity
->getProduct();
if (!$product) {
// The product variation is malformed.
return AccessResult::forbidden()
->addCacheableDependency($entity);
}
if ($operation === 'view') {
$result = $product
->access('view', $account, TRUE);
assert($result instanceof AccessResult);
$result
->addCacheableDependency($entity);
}
else {
$bundle = $entity
->bundle();
$result = AccessResult::allowedIfHasPermission($account, "manage {$bundle} commerce_product_variation")
->cachePerPermissions();
}
return $result;
}