You are here

public function OverridesSectionStorage::access in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/layout_builder/src/Plugin/SectionStorage/OverridesSectionStorage.php \Drupal\layout_builder\Plugin\SectionStorage\OverridesSectionStorage::access()
  2. 9 core/modules/layout_builder/src/Plugin/SectionStorage/OverridesSectionStorage.php \Drupal\layout_builder\Plugin\SectionStorage\OverridesSectionStorage::access()

File

core/modules/layout_builder/src/Plugin/SectionStorage/OverridesSectionStorage.php, line 339

Class

OverridesSectionStorage
Defines the 'overrides' section storage type.

Namespace

Drupal\layout_builder\Plugin\SectionStorage

Code

public function access($operation, AccountInterface $account = NULL, $return_as_object = FALSE) {
  if ($account === NULL) {
    $account = $this->currentUser;
  }
  $entity = $this
    ->getEntity();

  // Create an access result that will allow access to the layout if one of
  // these conditions applies:
  // 1. The user can configure any layouts.
  $any_access = AccessResult::allowedIfHasPermission($account, 'configure any layout');

  // 2. The user can configure layouts on all items of the bundle type.
  $bundle_access = AccessResult::allowedIfHasPermission($account, "configure all {$entity->bundle()} {$entity->getEntityTypeId()} layout overrides");

  // 3. The user can configure layouts items of this bundle type they can edit
  //    AND the user has access to edit this entity.
  $edit_only_bundle_access = AccessResult::allowedIfHasPermission($account, "configure editable {$entity->bundle()} {$entity->getEntityTypeId()} layout overrides");
  $edit_only_bundle_access = $edit_only_bundle_access
    ->andIf($entity
    ->access('update', $account, TRUE));
  $result = $any_access
    ->orIf($bundle_access)
    ->orIf($edit_only_bundle_access);

  // Access also depends on the default being enabled.
  $result = $result
    ->andIf($this
    ->getDefaultSectionStorage()
    ->access($operation, $account, TRUE));
  $result = $this
    ->handleTranslationAccess($result, $operation, $account);
  return $return_as_object ? $result : $result
    ->isAllowed();
}