protected function QueryAccessHandlerBase::buildEntityOwnerConditions in Entity API 8
Builds the conditions for entities that have an owner.
Parameters
string $operation: The access operation. Usually one of "view", "update", "duplicate", or "delete".
\Drupal\Core\Session\AccountInterface $account: The user for which to restrict access.
Return value
\Drupal\entity\QueryAccess\ConditionGroup|null The conditions, or NULL if the user doesn't have access to any entity.
2 calls to QueryAccessHandlerBase::buildEntityOwnerConditions()
- QueryAccessHandler::buildEntityOwnerConditions in src/
QueryAccess/ QueryAccessHandler.php - Builds the conditions for entities that have an owner.
- QueryAccessHandlerBase::buildConditions in src/
QueryAccess/ QueryAccessHandlerBase.php - Builds the conditions for the given operation and user.
1 method overrides QueryAccessHandlerBase::buildEntityOwnerConditions()
- QueryAccessHandler::buildEntityOwnerConditions in src/
QueryAccess/ QueryAccessHandler.php - Builds the conditions for entities that have an owner.
File
- src/
QueryAccess/ QueryAccessHandlerBase.php, line 196
Class
- QueryAccessHandlerBase
- Provides common logic for query access handlers.
Namespace
Drupal\entity\QueryAccessCode
protected function buildEntityOwnerConditions($operation, AccountInterface $account) {
$entity_type_id = $this->entityType
->id();
$owner_key = $this->entityType
->hasKey('owner') ? $this->entityType
->getKey('owner') : $this->entityType
->getKey('uid');
$bundle_key = $this->entityType
->getKey('bundle');
$conditions = new ConditionGroup('OR');
$conditions
->addCacheContexts([
'user.permissions',
]);
// Any $entity_type permission.
if ($account
->hasPermission("{$operation} any {$entity_type_id}")) {
// The user has full access, no conditions needed.
return $conditions;
}
// Own $entity_type permission.
if ($account
->hasPermission("{$operation} own {$entity_type_id}")) {
$conditions
->addCacheContexts([
'user',
]);
$conditions
->addCondition($owner_key, $account
->id());
}
$bundles = array_keys($this->bundleInfo
->getBundleInfo($entity_type_id));
$bundles_with_any_permission = [];
$bundles_with_own_permission = [];
foreach ($bundles as $bundle) {
if ($account
->hasPermission("{$operation} any {$bundle} {$entity_type_id}")) {
$bundles_with_any_permission[] = $bundle;
}
if ($account
->hasPermission("{$operation} own {$bundle} {$entity_type_id}")) {
$bundles_with_own_permission[] = $bundle;
}
}
// Any $bundle permission.
if ($bundles_with_any_permission) {
$conditions
->addCondition($bundle_key, $bundles_with_any_permission);
}
// Own $bundle permission.
if ($bundles_with_own_permission) {
$conditions
->addCacheContexts([
'user',
]);
$conditions
->addCondition((new ConditionGroup('AND'))
->addCondition($owner_key, $account
->id())
->addCondition($bundle_key, $bundles_with_own_permission));
}
return $conditions
->count() ? $conditions : NULL;
}