You are here

class EntityAccessControlHandler in Entity API 8

Controls access based on the generic entity permissions.

Hierarchy

Expanded class hierarchy of EntityAccessControlHandler

See also

\Drupal\entity\UncacheableEntityPermissionProvider

1 file declares its use of EntityAccessControlHandler
EntityAccessControlHandlerTest.php in tests/src/Unit/EntityAccessControlHandlerTest.php

File

src/EntityAccessControlHandler.php, line 16

Namespace

Drupal\entity
View source
class EntityAccessControlHandler extends EntityAccessControlHandlerBase {

  /**
   * {@inheritdoc}
   */
  public function __construct(EntityTypeInterface $entity_type) {
    parent::__construct($entity_type);
    if (!$entity_type
      ->hasHandlerClass('permission_provider') || !is_a($entity_type
      ->getHandlerClass('permission_provider'), EntityPermissionProvider::class, TRUE)) {
      throw new \Exception('\\Drupal\\entity\\EntityAccessControlHandler requires the \\Drupal\\entity\\EntityPermissionProvider permission provider.');
    }
  }

  /**
   * {@inheritdoc}
   */
  protected function checkEntityOwnerPermissions(EntityInterface $entity, $operation, AccountInterface $account) {

    /** @var \Drupal\user\EntityOwnerInterface $entity */
    if ($operation === 'view') {
      if ($entity instanceof EntityPublishedInterface && !$entity
        ->isPublished()) {
        if ($account
          ->id() != $entity
          ->getOwnerId()) {

          // There's no permission for viewing other user's unpublished entity.
          return AccessResult::neutral()
            ->cachePerUser();
        }
        $permissions = [
          "view own unpublished {$entity->getEntityTypeId()}",
        ];
        $result = AccessResult::allowedIfHasPermissions($account, $permissions)
          ->cachePerUser();
      }
      else {
        $result = AccessResult::allowedIfHasPermissions($account, [
          "view {$entity->getEntityTypeId()}",
          "view {$entity->bundle()} {$entity->getEntityTypeId()}",
        ], 'OR');
      }
    }
    else {
      $result = parent::checkEntityOwnerPermissions($entity, $operation, $account);
    }
    return $result;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
EntityAccessControlHandler::$accessCache protected property Stores calculated access check results.
EntityAccessControlHandler::$entityType protected property Information about the entity type.
EntityAccessControlHandler::$entityTypeId protected property The entity type ID of the access control handler instance.
EntityAccessControlHandler::$viewLabelOperation protected property Allows to grant access to just the labels. 5
EntityAccessControlHandler::access public function Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface::access 1
EntityAccessControlHandler::checkEntityOwnerPermissions protected function Checks the entity operation and bundle permissions, with owners. Overrides EntityAccessControlHandlerBase::checkEntityOwnerPermissions
EntityAccessControlHandler::checkFieldAccess protected function Default field access as determined by this access control handler. 4
EntityAccessControlHandler::createAccess public function Checks access to create an entity. Overrides EntityAccessControlHandlerInterface::createAccess 1
EntityAccessControlHandler::fieldAccess public function Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface::fieldAccess
EntityAccessControlHandler::getCache protected function Tries to retrieve a previously cached access value from the static cache.
EntityAccessControlHandler::prepareUser protected function Loads the current account object, if it does not exist yet.
EntityAccessControlHandler::processAccessHookResults protected function We grant access to the entity if both of these conditions are met:
EntityAccessControlHandler::resetCache public function Clears all cached access checks. Overrides EntityAccessControlHandlerInterface::resetCache
EntityAccessControlHandler::setCache protected function Statically caches whether the given user has access.
EntityAccessControlHandler::__construct public function Constructs an access control handler instance. Overrides EntityAccessControlHandler::__construct
EntityAccessControlHandlerBase::checkAccess protected function Performs access checks. Overrides EntityAccessControlHandler::checkAccess
EntityAccessControlHandlerBase::checkCreateAccess protected function Performs create access checks. Overrides EntityAccessControlHandler::checkCreateAccess
EntityAccessControlHandlerBase::checkEntityPermissions protected function Checks the entity operation and bundle permissions.
EntityHandlerBase::$moduleHandler protected property The module handler to invoke hooks on. 2
EntityHandlerBase::moduleHandler protected function Gets the module handler. 2
EntityHandlerBase::setModuleHandler public function Sets the module handler for this handler.
StringTranslationTrait::$stringTranslation protected property The string translation service. 1
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.