protected function BlockContentAccessControlHandler::checkAccess in Drupal 9
Same name and namespace in other branches
- 8 core/modules/block_content/src/BlockContentAccessControlHandler.php \Drupal\block_content\BlockContentAccessControlHandler::checkAccess()
- 10 core/modules/block_content/src/BlockContentAccessControlHandler.php \Drupal\block_content\BlockContentAccessControlHandler::checkAccess()
Performs access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.
string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
Overrides EntityAccessControlHandler::checkAccess
File
- core/
modules/ block_content/ src/ BlockContentAccessControlHandler.php, line 56
Class
- BlockContentAccessControlHandler
- Defines the access control handler for the custom block entity type.
Namespace
Drupal\block_contentCode
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($operation === 'view') {
$access = AccessResult::allowedIf($entity
->isPublished())
->orIf(AccessResult::allowedIfHasPermission($account, 'administer blocks'));
}
else {
$access = parent::checkAccess($entity, $operation, $account);
}
// Add the entity as a cacheable dependency because access will at least be
// determined by whether the block is reusable.
$access
->addCacheableDependency($entity);
/** @var \Drupal\block_content\BlockContentInterface $entity */
if ($entity
->isReusable() === FALSE) {
if (!$entity instanceof DependentAccessInterface) {
throw new \LogicException("Non-reusable block entities must implement \\Drupal\\block_content\\Access\\DependentAccessInterface for access control.");
}
$dependency = $entity
->getAccessDependency();
if (empty($dependency)) {
// If an access dependency has not been set let modules set one.
$event = new BlockContentGetDependencyEvent($entity);
$this->eventDispatcher
->dispatch($event, BlockContentEvents::BLOCK_CONTENT_GET_DEPENDENCY);
$dependency = $event
->getAccessDependency();
if (empty($dependency)) {
return AccessResult::forbidden("Non-reusable blocks must set an access dependency for access control.");
}
}
/** @var \Drupal\Core\Entity\EntityInterface $dependency */
$access = $access
->andIf($dependency
->access($operation, $account, TRUE));
}
return $access;
}