public function CustomAccess::hasFieldAccess in Field Permissions 8.2
Same name and namespace in other branches
- 8 src/Plugin/FieldPermissionType/CustomAccess.php \Drupal\field_permissions\Plugin\FieldPermissionType\CustomAccess::hasFieldAccess()
Determine if access to the field is granted for a given account.
Parameters
string $operation: The operation to check. Either 'view' or 'edit'.
\Drupal\Core\Entity\EntityInterface $entity: The entity the field is attached to.
\Drupal\Core\Session\AccountInterface $account: The user to check access for.
Return value
bool The access result.
Overrides FieldPermissionTypeInterface::hasFieldAccess
File
- src/
Plugin/ FieldPermissionType/ CustomAccess.php, line 30
Class
- CustomAccess
- Defines custom access for fields.
Namespace
Drupal\field_permissions\Plugin\FieldPermissionTypeCode
public function hasFieldAccess($operation, EntityInterface $entity, AccountInterface $account) {
assert(in_array($operation, [
"edit",
"view",
]), 'The operation is either "edit" or "view", "' . $operation . '" given instead.');
$field_name = $this->fieldStorage
->getName();
if ($operation === 'edit' && $entity
->isNew()) {
return $account
->hasPermission('create ' . $field_name);
}
if ($account
->hasPermission($operation . ' ' . $field_name)) {
return TRUE;
}
else {
// User entities don't implement `EntityOwnerInterface`.
if ($entity instanceof UserInterface) {
return $entity
->id() == $account
->id() && $account
->hasPermission($operation . ' own ' . $field_name);
}
elseif ($entity instanceof EntityOwnerInterface) {
return $entity
->getOwnerId() == $account
->id() && $account
->hasPermission($operation . ' own ' . $field_name);
}
}
// Default to deny since access can be explicitly granted (edit field_name),
// even if this entity type doesn't implement the EntityOwnerInterface.
return FALSE;
}