class DomainAccessManager in Domain Access 8
Checks the access status of entities based on domain settings.
@TODO: It is possible that this class may become a subclass of the DomainElementManager, however, the use-case is separate as far as I can tell.
Hierarchy
- class \Drupal\domain_access\DomainAccessManager implements DomainAccessManagerInterface
Expanded class hierarchy of DomainAccessManager
1 string reference to 'DomainAccessManager'
- domain_access.services.yml in domain_access/
domain_access.services.yml - domain_access/domain_access.services.yml
1 service uses DomainAccessManager
File
- domain_access/
src/ DomainAccessManager.php, line 19
Namespace
Drupal\domain_accessView source
class DomainAccessManager implements DomainAccessManagerInterface {
/**
* The domain negotiator.
*
* @var \Drupal\domain\DomainNegotiatorInterface
*/
protected $negotiator;
/**
* The Drupal module handler.
*
* @var \Drupal\Core\Extension\ModuleHandlerInterface
*/
protected $moduleHandler;
/**
* The entity type manager.
*
* @var \Drupal\Core\Entity\EntityTypeManagerInterface
*/
protected $entityTypeManager;
/**
* The domain storage.
*
* @var \Drupal\domain\DomainStorageInterface
*/
protected $domainStorage;
/**
* Constructs a DomainAccessManager object.
*
* @param \Drupal\domain\DomainNegotiatorInterface $negotiator
* The domain negotiator.
* @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
* The Drupal module handler.
* @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
* The entity type manager.
*/
public function __construct(DomainNegotiatorInterface $negotiator, ModuleHandlerInterface $module_handler, EntityTypeManagerInterface $entity_type_manager) {
$this->negotiator = $negotiator;
$this->moduleHandler = $module_handler;
$this->entityTypeManager = $entity_type_manager;
$this->domainStorage = $entity_type_manager
->getStorage('domain');
}
/**
* {@inheritdoc}
*/
public static function getAccessValues(FieldableEntityInterface $entity, $field_name = DomainAccessManagerInterface::DOMAIN_ACCESS_FIELD) {
// @TODO: static cache.
$list = [];
// @TODO In tests, $entity is returning NULL.
if (is_null($entity)) {
return $list;
}
// Get the values of an entity.
$values = $entity
->hasField($field_name) ? $entity
->get($field_name) : NULL;
// Must be at least one item.
if (!empty($values)) {
foreach ($values as $item) {
if ($target = $item
->getValue()) {
if ($domain = \Drupal::entityTypeManager()
->getStorage('domain')
->load($target['target_id'])) {
$list[$domain
->id()] = $domain
->getDomainId();
}
}
}
}
return $list;
}
/**
* {@inheritdoc}
*/
public static function getAllValue(FieldableEntityInterface $entity) {
return $entity
->hasField(DomainAccessManagerInterface::DOMAIN_ACCESS_ALL_FIELD) ? $entity
->get(DomainAccessManagerInterface::DOMAIN_ACCESS_ALL_FIELD)->value : NULL;
}
/**
* {@inheritdoc}
*/
public function checkEntityAccess(FieldableEntityInterface $entity, AccountInterface $account) {
$entity_domains = $this
->getAccessValues($entity);
$user = \Drupal::entityTypeManager()
->getStorage('user')
->load($account
->id());
if (!empty($this
->getAllValue($user)) && !empty($entity_domains)) {
return TRUE;
}
$user_domains = $this
->getAccessValues($user);
return (bool) (!empty(array_intersect($entity_domains, $user_domains)));
}
/**
* {@inheritdoc}
*/
public static function getDefaultValue(FieldableEntityInterface $entity, FieldDefinitionInterface $definition) {
$item = [];
if (!$entity
->isNew()) {
// If set, ensure we do not drop existing data.
foreach (self::getAccessValues($entity) as $id) {
$item[] = $id;
}
}
elseif ($entity
->getFieldDefinition(DomainAccessManagerInterface::DOMAIN_ACCESS_FIELD)
->isRequired()) {
/** @var \Drupal\domain\DomainInterface $active */
if ($active = \Drupal::service('domain.negotiator')
->getActiveDomain()) {
$item[0]['target_uuid'] = $active
->uuid();
}
}
return $item;
}
/**
* {@inheritdoc}
*/
public function hasDomainPermissions(AccountInterface $account, DomainInterface $domain, array $permissions, $conjunction = 'AND') {
// Assume no access.
$access = FALSE;
// In the case of multiple AND permissions, assume access and then deny if
// any check fails.
if ($conjunction == 'AND' && !empty($permissions)) {
$access = TRUE;
foreach ($permissions as $permission) {
if (!($permission_access = $account
->hasPermission($permission))) {
$access = FALSE;
break;
}
}
}
else {
foreach ($permissions as $permission) {
if ($permission_access = $account
->hasPermission($permission)) {
$access = TRUE;
break;
}
}
}
// Validate that the user is assigned to the domain. If not, deny.
$user = \Drupal::entityTypeManager()
->getStorage('user')
->load($account
->id());
$allowed = $this
->getAccessValues($user);
if (!isset($allowed[$domain
->id()]) && empty($this
->getAllValue($user))) {
$access = FALSE;
}
return $access;
}
/**
* {@inheritdoc}
*/
public function getContentUrls(FieldableEntityInterface $entity) {
$list = [];
$processed = FALSE;
$domains = $this
->getAccessValues($entity);
if ($this->moduleHandler
->moduleExists('domain_source')) {
$source = domain_source_get($entity);
if (isset($domains[$source])) {
unset($domains['source']);
}
if (!empty($source)) {
$list[] = $source;
}
$processed = TRUE;
}
$list = array_merge($list, array_keys($domains));
$domains = $this->domainStorage
->loadMultiple($list);
$urls = [];
foreach ($domains as $domain) {
$options['domain_target_id'] = $domain
->id();
$url = $entity
->toUrl('canonical', $options);
if ($processed) {
$urls[$domain
->id()] = $url
->toString();
}
else {
$urls[$domain
->id()] = $domain
->buildUrl($url
->toString());
}
}
return $urls;
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
DomainAccessManager:: |
protected | property | The domain storage. | |
|
DomainAccessManager:: |
protected | property | The entity type manager. | |
|
DomainAccessManager:: |
protected | property | The Drupal module handler. | |
|
DomainAccessManager:: |
protected | property | The domain negotiator. | |
|
DomainAccessManager:: |
public | function |
Compare the entity values against a user's account assignments. Overrides DomainAccessManagerInterface:: |
|
|
DomainAccessManager:: |
public static | function |
Get the domain access field values from an entity. Overrides DomainAccessManagerInterface:: |
|
|
DomainAccessManager:: |
public static | function |
Get the all affiliates field values from an entity. Overrides DomainAccessManagerInterface:: |
|
|
DomainAccessManager:: |
public | function |
Get all possible URLs pointing to an entity. Overrides DomainAccessManagerInterface:: |
|
|
DomainAccessManager:: |
public static | function |
Get the default field value for an entity. Overrides DomainAccessManagerInterface:: |
|
|
DomainAccessManager:: |
public | function |
Checks that a user belongs to the domain and has a set of permissions. Overrides DomainAccessManagerInterface:: |
|
|
DomainAccessManager:: |
public | function | Constructs a DomainAccessManager object. | |
|
DomainAccessManagerInterface:: |
constant | The name of the all affiliates field. | ||
|
DomainAccessManagerInterface:: |
constant | The name of the node access control field. |