class ContactPageAccess in Drupal 8
Same name and namespace in other branches
- 9 core/modules/contact/src/Access/ContactPageAccess.php \Drupal\contact\Access\ContactPageAccess
Access check for contact_personal_page route.
Hierarchy
- class \Drupal\contact\Access\ContactPageAccess implements AccessInterface
Expanded class hierarchy of ContactPageAccess
1 string reference to 'ContactPageAccess'
- contact.services.yml in core/
modules/ contact/ contact.services.yml - core/modules/contact/contact.services.yml
1 service uses ContactPageAccess
- access_check.contact_personal in core/
modules/ contact/ contact.services.yml - Drupal\contact\Access\ContactPageAccess
File
- core/
modules/ contact/ src/ Access/ ContactPageAccess.php, line 15
Namespace
Drupal\contact\AccessView source
class ContactPageAccess implements AccessInterface {
/**
* The contact settings config object.
*
* @var \Drupal\Core\Config\ConfigFactoryInterface
*/
protected $configFactory;
/**
* The user data service.
*
* @var \Drupal\user\UserDataInterface
*/
protected $userData;
/**
* Constructs a ContactPageAccess instance.
*
* @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
* The config factory.
* @param \Drupal\user\UserDataInterface $user_data
* The user data service.
*/
public function __construct(ConfigFactoryInterface $config_factory, UserDataInterface $user_data) {
$this->configFactory = $config_factory;
$this->userData = $user_data;
}
/**
* Checks access to the given user's contact page.
*
* @param \Drupal\user\UserInterface $user
* The user being contacted.
* @param \Drupal\Core\Session\AccountInterface $account
* The currently logged in account.
*
* @return \Drupal\Core\Access\AccessResultInterface
* The access result.
*/
public function access(UserInterface $user, AccountInterface $account) {
$contact_account = $user;
// Anonymous users cannot have contact forms.
if ($contact_account
->isAnonymous()) {
return AccessResult::forbidden();
}
// Users may not contact themselves by default, hence this requires user
// granularity for caching.
$access = AccessResult::neutral()
->cachePerUser();
if ($account
->id() == $contact_account
->id()) {
return $access;
}
// User administrators should always have access to personal contact forms.
$permission_access = AccessResult::allowedIfHasPermission($account, 'administer users');
if ($permission_access
->isAllowed()) {
return $access
->orIf($permission_access);
}
// If requested user has been blocked, do not allow users to contact them.
$access
->addCacheableDependency($contact_account);
if ($contact_account
->isBlocked()) {
return $access;
}
// Forbid access if the requested user has disabled their contact form.
$account_data = $this->userData
->get('contact', $contact_account
->id(), 'enabled');
if (isset($account_data) && !$account_data) {
return $access;
}
// If the requested user did not save a preference yet, deny access if the
// configured default is disabled.
$contact_settings = $this->configFactory
->get('contact.settings');
$access
->addCacheableDependency($contact_settings);
if (!isset($account_data) && !$contact_settings
->get('user_default_enabled')) {
return $access;
}
return $access
->orIf(AccessResult::allowedIfHasPermission($account, 'access user contact forms'));
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
ContactPageAccess:: |
protected | property | The contact settings config object. | |
ContactPageAccess:: |
protected | property | The user data service. | |
ContactPageAccess:: |
public | function | Checks access to the given user's contact page. | |
ContactPageAccess:: |
public | function | Constructs a ContactPageAccess instance. |