public function NodeAccessControlHandler::access in Drupal 10
Same name and namespace in other branches
- 8 core/modules/node/src/NodeAccessControlHandler.php \Drupal\node\NodeAccessControlHandler::access()
- 9 core/modules/node/src/NodeAccessControlHandler.php \Drupal\node\NodeAccessControlHandler::access()
Checks access to an operation on a given entity or entity translation.
Use \Drupal\Core\Entity\EntityAccessControlHandlerInterface::createAccess() to check access to create an entity.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.
string $operation: The operation access should be checked for. Usually one of "view", "view label", "update" or "delete".
\Drupal\Core\Session\AccountInterface $account: (optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.
bool $return_as_object: (optional) Defaults to FALSE.
Return value
bool|\Drupal\Core\Access\AccessResultInterface The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".
Overrides EntityAccessControlHandler::access
1 call to NodeAccessControlHandler::access()
- NodeAccessControlHandler::checkAccess in core/
modules/ node/ src/ NodeAccessControlHandler.php - Performs access checks.
File
- core/
modules/ node/ src/ NodeAccessControlHandler.php, line 89
Class
- NodeAccessControlHandler
- Defines the access control handler for the node entity type.
Namespace
Drupal\nodeCode
public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE) {
$account = $this
->prepareUser($account);
// Only bypass if not a revision operation, to retain compatibility.
if ($account
->hasPermission('bypass node access') && !isset(static::REVISION_OPERATION_MAP[$operation])) {
$result = AccessResult::allowed()
->cachePerPermissions();
return $return_as_object ? $result : $result
->isAllowed();
}
if (!$account
->hasPermission('access content')) {
$result = AccessResult::forbidden("The 'access content' permission is required.")
->cachePerPermissions();
return $return_as_object ? $result : $result
->isAllowed();
}
$result = parent::access($entity, $operation, $account, TRUE)
->cachePerPermissions();
return $return_as_object ? $result : $result
->isAllowed();
}