You are here

public function EntityAccessControlHandler::createAccess in Drupal 9

Same name and namespace in other branches
  1. 8 core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php \Drupal\Core\Entity\EntityAccessControlHandler::createAccess()
  2. 10 core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php \Drupal\Core\Entity\EntityAccessControlHandler::createAccess()

Checks access to create an entity.

Parameters

string $entity_bundle: (optional) The bundle of the entity. Required if the entity supports bundles, defaults to NULL otherwise.

\Drupal\Core\Session\AccountInterface $account: (optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.

array $context: (optional) An array of key-value pairs to pass additional context when needed.

bool $return_as_object: (optional) Defaults to FALSE.

Return value

bool|\Drupal\Core\Access\AccessResultInterface The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".

Overrides EntityAccessControlHandlerInterface::createAccess

1 method overrides EntityAccessControlHandler::createAccess()
NodeAccessControlHandler::createAccess in core/modules/node/src/NodeAccessControlHandler.php
Checks access to create an entity.

File

core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php, line 228

Class

EntityAccessControlHandler
Defines a default implementation for entity access control handler.

Namespace

Drupal\Core\Entity

Code

public function createAccess($entity_bundle = NULL, AccountInterface $account = NULL, array $context = [], $return_as_object = FALSE) {
  $account = $this
    ->prepareUser($account);
  $context += [
    'entity_type_id' => $this->entityTypeId,
    'langcode' => LanguageInterface::LANGCODE_DEFAULT,
  ];
  $cid = $entity_bundle ? 'create:' . $entity_bundle : 'create';
  if (($access = $this
    ->getCache($cid, 'create', $context['langcode'], $account)) !== NULL) {

    // Cache hit, no work necessary.
    return $return_as_object ? $access : $access
      ->isAllowed();
  }

  // Invoke hook_entity_create_access() and hook_ENTITY_TYPE_create_access().
  // Hook results take precedence over overridden implementations of
  // EntityAccessControlHandler::checkCreateAccess(). Entities that have
  // checks that need to be done before the hook is invoked should do so by
  // overriding this method.
  // We grant access to the entity if both of these conditions are met:
  // - No modules say to deny access.
  // - At least one module says to grant access.
  $access = array_merge($this
    ->moduleHandler()
    ->invokeAll('entity_create_access', [
    $account,
    $context,
    $entity_bundle,
  ]), $this
    ->moduleHandler()
    ->invokeAll($this->entityTypeId . '_create_access', [
    $account,
    $context,
    $entity_bundle,
  ]));
  $return = $this
    ->processAccessHookResults($access);

  // Also execute the default access check except when the access result is
  // already forbidden, as in that case, it can not be anything else.
  if (!$return
    ->isForbidden()) {
    $return = $return
      ->orIf($this
      ->checkCreateAccess($account, $context, $entity_bundle));
  }
  $result = $this
    ->setCache($return, $cid, 'create', $context['langcode'], $account);
  return $return_as_object ? $result : $result
    ->isAllowed();
}