public function MediaLibraryFieldWidgetOpener::checkAccess in Drupal 10
Same name and namespace in other branches
- 8 core/modules/media_library/src/MediaLibraryFieldWidgetOpener.php \Drupal\media_library\MediaLibraryFieldWidgetOpener::checkAccess()
- 9 core/modules/media_library/src/MediaLibraryFieldWidgetOpener.php \Drupal\media_library\MediaLibraryFieldWidgetOpener::checkAccess()
File
- core/
modules/ media_library/ src/ MediaLibraryFieldWidgetOpener.php, line 42
Class
- MediaLibraryFieldWidgetOpener
- The media library opener for field widgets.
Namespace
Drupal\media_libraryCode
public function checkAccess(MediaLibraryState $state, AccountInterface $account) {
$parameters = $state
->getOpenerParameters() + [
'entity_id' => NULL,
];
// Forbid access if any of the required parameters are missing.
foreach ([
'entity_type_id',
'bundle',
'field_name',
] as $key) {
if (empty($parameters[$key])) {
return AccessResult::forbidden("{$key} parameter is missing.")
->addCacheableDependency($state);
}
}
$entity_type_id = $parameters['entity_type_id'];
$bundle = $parameters['bundle'];
$field_name = $parameters['field_name'];
// Since we defer to a field to determine access, ensure we are dealing with
// a fieldable entity type.
$entity_type = $this->entityTypeManager
->getDefinition($entity_type_id);
if (!$entity_type
->entityClassImplements(FieldableEntityInterface::class)) {
throw new \LogicException("The media library can only be opened by fieldable entities.");
}
$storage = $this->entityTypeManager
->getStorage($entity_type_id);
$access_handler = $this->entityTypeManager
->getAccessControlHandler($entity_type_id);
if (!empty($parameters['revision_id'])) {
$entity = $storage
->loadRevision($parameters['revision_id']);
$entity_access = $access_handler
->access($entity, 'update', $account, TRUE);
}
elseif ($parameters['entity_id']) {
$entity = $storage
->load($parameters['entity_id']);
$entity_access = $access_handler
->access($entity, 'update', $account, TRUE);
}
else {
$entity_access = $access_handler
->createAccess($bundle, $account, [], TRUE);
}
// If entity-level access is denied, there's no point in continuing.
if (!$entity_access
->isAllowed()) {
if ($entity_access instanceof RefinableCacheableDependencyInterface) {
$entity_access
->addCacheableDependency($state);
}
return $entity_access;
}
// If the entity has not been loaded, create it in memory now.
if (!isset($entity)) {
$values = [];
if ($bundle_key = $entity_type
->getKey('bundle')) {
$values[$bundle_key] = $bundle;
}
/** @var \Drupal\Core\Entity\FieldableEntityInterface $entity */
$entity = $storage
->create($values);
}
$items = $entity
->get($field_name);
$field_definition = $items
->getFieldDefinition();
// Check that the field is an entity reference, or subclass of it, since we
// need to check the target_type setting.
if (!$items instanceof EntityReferenceFieldItemList) {
throw new \LogicException('Expected the media library to be opened by an entity reference field.');
}
if ($field_definition
->getFieldStorageDefinition()
->getSetting('target_type') !== 'media') {
throw new \LogicException('Expected the media library to be opened by an entity reference field that target media items.');
}
$field_access = $access_handler
->fieldAccess('edit', $field_definition, $account, $items, TRUE);
$access = $entity_access
->andIf($field_access);
if ($access instanceof RefinableCacheableDependencyInterface) {
$access
->addCacheableDependency($state);
}
return $access;
}