You are here

protected function EntityAccessChecker::checkRevisionViewAccess in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkRevisionViewAccess()
  2. 9 core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkRevisionViewAccess()

Checks access to the given revision entity.

This should only be called for non-default revisions.

There is no standardized API for revision access checking in Drupal core and this method shims that missing API.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The revised entity for which to check access.

\Drupal\Core\Session\AccountInterface $account: (optional) The account with which access should be checked. Defaults to the current user.

Return value

\Drupal\Core\Access\AccessResultInterface|\Drupal\Core\Access\AccessResultReasonInterface The access check result.

File

core/modules/jsonapi/src/Access/EntityAccessChecker.php, line 193

Class

EntityAccessChecker
Checks access to entities.

Namespace

Drupal\jsonapi\Access

Code

protected function checkRevisionViewAccess(EntityInterface $entity, AccountInterface $account) {
  assert($entity instanceof RevisionableInterface);
  assert(!$entity
    ->isDefaultRevision(), 'It is not necessary to check revision access when the entity is the default revision.');
  $entity_type = $entity
    ->getEntityType();
  $access = $entity
    ->access('view all revisions', $account, TRUE);

  // Apply content_moderation's additional access logic.
  // @see \Drupal\content_moderation\Access\LatestRevisionCheck::access()
  if ($entity_type
    ->getLinkTemplate('latest-version') && $entity
    ->isLatestRevision() && isset($this->latestRevisionCheck)) {

    // The latest revision access checker only expects to be invoked by the
    // routing system, which makes it necessary to fake a route match.
    $routes = $this->router
      ->getRouteCollection();
    $resource_type = $this->resourceTypeRepository
      ->get($entity
      ->getEntityTypeId(), $entity
      ->bundle());
    $route_name = sprintf('jsonapi.%s.individual', $resource_type
      ->getTypeName());
    $route = $routes
      ->get($route_name);
    $route
      ->setOption('_content_moderation_entity_type', 'entity');
    $route_match = new RouteMatch($route_name, $route, [
      'entity' => $entity,
    ], [
      'entity' => $entity
        ->uuid(),
    ]);
    $moderation_access_result = $this->latestRevisionCheck
      ->access($route, $route_match, $account);
    $access = $access
      ->andIf($moderation_access_result);
  }
  return $access;
}