ShipmentAccessControlHandler.php in Commerce Shipping 8.2
File
src/ShipmentAccessControlHandler.php
View source
<?php
namespace Drupal\commerce_shipping;
use Drupal\commerce_shipping\Entity\ShipmentInterface;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Entity\EntityAccessControlHandler as CoreEntityAccessControlHandler;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Session\AccountInterface;
class ShipmentAccessControlHandler extends CoreEntityAccessControlHandler {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($account
->hasPermission($this->entityType
->getAdminPermission())) {
return AccessResult::allowed()
->cachePerPermissions();
}
assert($entity instanceof ShipmentInterface);
$order = $entity
->getOrder();
if (!$order) {
return AccessResult::forbidden()
->addCacheableDependency($entity);
}
if ($operation === 'view') {
$result = $order
->access('view', $account, TRUE);
}
else {
$bundle = $entity
->bundle();
$result = AccessResult::allowedIfHasPermission($account, "manage {$bundle} commerce_shipment");
}
return $result;
}
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return AccessResult::allowedIfHasPermissions($account, [
$this->entityType
->getAdminPermission(),
"manage {$entity_bundle} commerce_shipment",
], 'OR');
}
}