You are here

function content_moderation_entity_access in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/content_moderation/content_moderation.module \content_moderation_entity_access()

Implements hook_entity_access().

Entities should be viewable if unpublished and the user has the appropriate permission. This permission is therefore effectively mandatory for any user that wants to moderate things.

File

core/modules/content_moderation/content_moderation.module, line 217
Contains content_moderation.module.

Code

function content_moderation_entity_access(EntityInterface $entity, $operation, AccountInterface $account) {

  /** @var \Drupal\content_moderation\ModerationInformationInterface $moderation_info */
  $moderation_info = Drupal::service('content_moderation.moderation_information');
  $access_result = NULL;
  if ($operation === 'view') {
    $access_result = $entity instanceof EntityPublishedInterface && !$entity
      ->isPublished() ? AccessResult::allowedIfHasPermission($account, 'view any unpublished content') : AccessResult::neutral();
    $access_result
      ->addCacheableDependency($entity);
  }
  elseif ($operation === 'update' && $moderation_info
    ->isModeratedEntity($entity) && $entity->moderation_state) {

    /** @var \Drupal\content_moderation\StateTransitionValidation $transition_validation */
    $transition_validation = \Drupal::service('content_moderation.state_transition_validation');
    $valid_transition_targets = $transition_validation
      ->getValidTransitions($entity, $account);
    $access_result = $valid_transition_targets ? AccessResult::neutral() : AccessResult::forbidden('No valid transitions exist for given account.');
    $access_result
      ->addCacheableDependency($entity);
    $workflow = $moderation_info
      ->getWorkflowForEntity($entity);
    $access_result
      ->addCacheableDependency($workflow);

    // The state transition validation service returns a list of transitions
    // based on the user's permission to use them.
    $access_result
      ->cachePerPermissions();
  }

  // Do not allow users to delete the state that is configured as the default
  // state for the workflow.
  if ($entity instanceof WorkflowInterface) {
    $configuration = $entity
      ->getTypePlugin()
      ->getConfiguration();
    if (!empty($configuration['default_moderation_state']) && $operation === sprintf('delete-state:%s', $configuration['default_moderation_state'])) {
      return AccessResult::forbidden()
        ->addCacheableDependency($entity);
    }
  }
  return $access_result;
}