protected function FileAccessControlHandler::checkFieldAccess in Drupal 8
Same name and namespace in other branches
- 9 core/modules/file/src/FileAccessControlHandler.php \Drupal\file\FileAccessControlHandler::checkFieldAccess()
Default field access as determined by this access control handler.
Parameters
string $operation: The operation access should be checked for. Usually one of "view" or "edit".
\Drupal\Core\Field\FieldDefinitionInterface $field_definition: The field definition.
\Drupal\Core\Session\AccountInterface $account: The user session for which to check access.
\Drupal\Core\Field\FieldItemListInterface $items: (optional) The field values for which to check access, or NULL if access is checked for the field definition, without any specific value available. Defaults to NULL.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
Overrides EntityAccessControlHandler::checkFieldAccess
File
- core/
modules/ file/ src/ FileAccessControlHandler.php, line 97
Class
- FileAccessControlHandler
- Provides a File access control handler.
Namespace
Drupal\fileCode
protected function checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL) {
// Deny access to fields that should only be set on file creation, and
// "status" which should only be changed based on a file's usage.
$create_only_fields = [
'uri',
'filemime',
'filesize',
];
// The operation is 'edit' when the entity is being created or updated.
// Determine if the entity is being updated by checking if it is new.
$field_name = $field_definition
->getName();
if ($operation === 'edit' && $items && ($entity = $items
->getEntity()) && !$entity
->isNew() && in_array($field_name, $create_only_fields, TRUE)) {
return AccessResult::forbidden();
}
// Regardless of whether the entity exists access should be denied to the
// status field as this is managed via other APIs, for example:
// - \Drupal\file\FileUsage\FileUsageBase::add()
// - \Drupal\file\Plugin\EntityReferenceSelection\FileSelection::createNewEntity()
if ($operation === 'edit' && $field_name === 'status') {
return AccessResult::forbidden();
}
return parent::checkFieldAccess($operation, $field_definition, $account, $items);
}