MenuLinkContentAccessControlHandler.php in Drupal 9

Same filename and directory in other branches

8 core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php

Namespace

File

core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php

View source

<?php

namespace Drupal\menu_link_content;

use Drupal\Core\Access\AccessResult;
use Drupal\Core\Access\AccessManagerInterface;
use Drupal\Core\Entity\EntityAccessControlHandler;
use Drupal\Core\Entity\EntityHandlerInterface;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityTypeInterface;
use Drupal\Core\Session\AccountInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;

/**
 * Defines the access control handler for the menu link content entity type.
 */
class MenuLinkContentAccessControlHandler extends EntityAccessControlHandler implements EntityHandlerInterface {

  /**
   * The access manager to check routes by name.
   *
   * @var \Drupal\Core\Access\AccessManagerInterface
   */
  protected $accessManager;

  /**
   * Creates a new MenuLinkContentAccessControlHandler.
   *
   * @param \Drupal\Core\Entity\EntityTypeInterface $entity_type
   *   The entity type definition.
   * @param \Drupal\Core\Access\AccessManagerInterface $access_manager
   *   The access manager to check routes by name.
   */
  public function __construct(EntityTypeInterface $entity_type, AccessManagerInterface $access_manager) {
    parent::__construct($entity_type);
    $this->accessManager = $access_manager;
  }

  /**
   * {@inheritdoc}
   */
  public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
    return new static($entity_type, $container
      ->get('access_manager'));
  }

  /**
   * {@inheritdoc}
   */
  protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
    switch ($operation) {
      case 'view':

        // There is no direct viewing of a menu link, but still for purposes of
        // content_translation we need a generic way to check access.
        return AccessResult::allowedIfHasPermission($account, 'administer menu');
      case 'update':
        if (!$account
          ->hasPermission('administer menu')) {
          return AccessResult::neutral("The 'administer menu' permission is required.")
            ->cachePerPermissions();
        }
        else {

          // Assume that access is allowed.
          $access = AccessResult::allowed()
            ->cachePerPermissions()
            ->addCacheableDependency($entity);

          /** @var \Drupal\menu_link_content\MenuLinkContentInterface $entity */

          // If the link is routed determine whether the user has access unless
          // they have the 'link to any page' permission.
          if (!$account
            ->hasPermission('link to any page') && ($url_object = $entity
            ->getUrlObject()) && $url_object
            ->isRouted()) {
            $link_access = $this->accessManager
              ->checkNamedRoute($url_object
              ->getRouteName(), $url_object
              ->getRouteParameters(), $account, TRUE);
            $access = $access
              ->andIf($link_access);
          }
          return $access;
        }
      case 'delete':
        return AccessResult::allowedIfHasPermission($account, 'administer menu')
          ->andIf(AccessResult::allowedIf(!$entity
          ->isNew())
          ->addCacheableDependency($entity));
      default:
        return parent::checkAccess($entity, $operation, $account);
    }
  }

}

Classes

Name	Description
MenuLinkContentAccessControlHandler	Defines the access control handler for the menu link content entity type.

You are here

MenuLinkContentAccessControlHandler.php in Drupal 9

Namespace

File

Classes

API Navigation