function forum_access_comment_access in Forum Access 8

Implements hook_ENTITY_TYPE_access() for comment entities.

@inheritdoc

File

./forum_access.module, line 295

Contains forum_access.module.

Code

function forum_access_comment_access(EntityInterface $entity, $operation, AccountInterface $account) {

  // Get parent entity of comment.
  $parent = $entity
    ->get('entity_id')
    ->first()
    ->get('entity')
    ->getTarget()
    ->getValue();
  if (!($parent
    ->getEntityTypeId() == 'node' && $parent
    ->bundle() == 'forum')) {
    return AccessResult::neutral();
  }
  if ($account
    ->hasPermission('administer comments')) {
    return AccessResult::neutral();
  }
  module_load_include('inc', 'forum_access', 'includes/forum_access.common');
  if ($tid = forum_access_get_tid($parent)) {

    // Disallow if user has no access to view.
    if (!forum_access_access('view', $tid)) {
      return AccessResult::forbidden();
    }
    $comment_author = $entity
      ->get('uid')
      ->first()
      ->get('entity')
      ->getTarget()
      ->getValue();

    // Check if user is author of comment.
    $is_author = $account
      ->id() == $comment_author
      ->id();
    if ($operation == 'view' && forum_access_access('view', $tid)) {
      return AccessResult::allowed();
    }
    elseif ($operation == 'update' && (forum_access_access('update', $tid) || $account
      ->hasPermission('edit any forum content') || $is_author && $account
      ->hasPermission('edit own forum content'))) {
      return AccessResult::allowed();
    }
    elseif ($operation == 'delete' && (forum_access_access('delete', $tid) || $account
      ->hasPermission('delete any forum content') || $is_author && $account
      ->hasPermission('delete own forum content'))) {
      return AccessResult::allowed();
    }
    elseif ($operation == 'approve' && (forum_access_access('update', $tid) || forum_access_access('delete', $tid))) {
      return AccessResult::allowed();
    }
  }
  return AccessResult::forbidden();
}