You are here

Home » API reference » Commerce Invoice 8.2 » InvoiceAccessControlHandler.php » InvoiceAccessControlHandler

protected function InvoiceAccessControlHandler::checkAccess in Commerce Invoice 8.2

Performs access checks.

This method is supposed to be overwritten by extending classes that do their own custom access checking.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.

\Drupal\Core\Session\AccountInterface $account: The user for which to check access.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

Overrides EntityAccessControlHandlerBase::checkAccess

File

src/InvoiceAccessControlHandler.php, line 18

Class

InvoiceAccessControlHandler
Controls access based on the Invoice entity permissions.

Namespace

Drupal\commerce_invoice

Code

protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
  $account = $this
    ->prepareUser($account);

  /** @var \Drupal\Core\Access\AccessResult $result */
  $result = parent::checkAccess($entity, $operation, $account);

  /** @var \Drupal\commerce_invoice\Entity\InvoiceInterface $entity */
  if ($result
    ->isNeutral() && $operation === 'view') {
    if ($account
      ->id() == $entity
      ->getCustomerId()) {
      $result = AccessResult::allowedIfHasPermissions($account, [
        'view own commerce_invoice',
      ]);
      $result = $result
        ->cachePerUser()
        ->addCacheableDependency($entity);
    }
  }
  return $result;
}