You are here

Home » API reference » Drupal 8 » NodeRevisionAccessCheck.php » NodeRevisionAccessCheck

public function NodeRevisionAccessCheck::checkAccess in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/node/src/Access/NodeRevisionAccessCheck.php \Drupal\node\Access\NodeRevisionAccessCheck::checkAccess()

Checks node revision access.

Parameters

\Drupal\node\NodeInterface $node: The node to check.

\Drupal\Core\Session\AccountInterface $account: A user object representing the user for whom the operation is to be performed.

string $op: (optional) The specific operation being checked. Defaults to 'view.'

Return value

bool TRUE if the operation may be performed, FALSE otherwise.

File

core/modules/node/src/Access/NodeRevisionAccessCheck.php, line 92

Class

NodeRevisionAccessCheck
Provides an access checker for node revisions.

Namespace

Drupal\node\Access

Code

public function checkAccess(NodeInterface $node, AccountInterface $account, $op = 'view') {
  $map = [
    'view' => 'view all revisions',
    'update' => 'revert all revisions',
    'delete' => 'delete all revisions',
  ];
  $bundle = $node
    ->bundle();
  $type_map = [
    'view' => "view {$bundle} revisions",
    'update' => "revert {$bundle} revisions",
    'delete' => "delete {$bundle} revisions",
  ];
  if (!$node || !isset($map[$op]) || !isset($type_map[$op])) {

    // If there was no node to check against, or the $op was not one of the
    // supported ones, we return access denied.
    return FALSE;
  }

  // Statically cache access by revision ID, language code, user account ID,
  // and operation.
  $langcode = $node
    ->language()
    ->getId();
  $cid = $node
    ->getRevisionId() . ':' . $langcode . ':' . $account
    ->id() . ':' . $op;
  if (!isset($this->access[$cid])) {

    // Perform basic permission checks first.
    if (!$account
      ->hasPermission($map[$op]) && !$account
      ->hasPermission($type_map[$op]) && !$account
      ->hasPermission('administer nodes')) {
      $this->access[$cid] = FALSE;
      return FALSE;
    }

    // If the revisions checkbox is selected for the content type, display the
    // revisions tab.
    $bundle_entity_type = $node
      ->getEntityType()
      ->getBundleEntityType();
    $bundle_entity = \Drupal::entityTypeManager()
      ->getStorage($bundle_entity_type)
      ->load($bundle);
    if ($bundle_entity
      ->shouldCreateNewRevision() && $op === 'view') {
      $this->access[$cid] = TRUE;
    }
    else {

      // There should be at least two revisions. If the vid of the given node
      // and the vid of the default revision differ, then we already have two
      // different revisions so there is no need for a separate database
      // check. Also, if you try to revert to or delete the default revision,
      // that's not good.
      if ($node
        ->isDefaultRevision() && ($this->nodeStorage
        ->countDefaultLanguageRevisions($node) == 1 || $op === 'update' || $op === 'delete')) {
        $this->access[$cid] = FALSE;
      }
      elseif ($account
        ->hasPermission('administer nodes')) {
        $this->access[$cid] = TRUE;
      }
      else {

        // First check the access to the default revision and finally, if the
        // node passed in is not the default revision then check access to
        // that, too.
        $this->access[$cid] = $this->nodeAccess
          ->access($this->nodeStorage
          ->load($node
          ->id()), $op, $account) && ($node
          ->isDefaultRevision() || $this->nodeAccess
          ->access($node, $op, $account));
      }
    }
  }
  return $this->access[$cid];
}