protected function MenuLinkContentAccessControlHandler::checkAccess in Drupal 8
Same name and namespace in other branches
- 9 core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php \Drupal\menu_link_content\MenuLinkContentAccessControlHandler::checkAccess()
Performs access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.
string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
Overrides EntityAccessControlHandler::checkAccess
File
- core/
modules/ menu_link_content/ src/ MenuLinkContentAccessControlHandler.php, line 50
Class
- MenuLinkContentAccessControlHandler
- Defines the access control handler for the user entity type.
Namespace
Drupal\menu_link_contentCode
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
switch ($operation) {
case 'view':
// There is no direct viewing of a menu link, but still for purposes of
// content_translation we need a generic way to check access.
return AccessResult::allowedIfHasPermission($account, 'administer menu');
case 'update':
if (!$account
->hasPermission('administer menu')) {
return AccessResult::neutral("The 'administer menu' permission is required.")
->cachePerPermissions();
}
else {
// Assume that access is allowed.
$access = AccessResult::allowed()
->cachePerPermissions()
->addCacheableDependency($entity);
/** @var \Drupal\menu_link_content\MenuLinkContentInterface $entity */
// If the link is routed determine whether the user has access unless
// they have the 'link to any page' permission.
if (!$account
->hasPermission('link to any page') && ($url_object = $entity
->getUrlObject()) && $url_object
->isRouted()) {
$link_access = $this->accessManager
->checkNamedRoute($url_object
->getRouteName(), $url_object
->getRouteParameters(), $account, TRUE);
$access = $access
->andIf($link_access);
}
return $access;
}
case 'delete':
return AccessResult::allowedIfHasPermission($account, 'administer menu')
->andIf(AccessResult::allowedIf(!$entity
->isNew())
->addCacheableDependency($entity));
default:
return parent::checkAccess($entity, $operation, $account);
}
}