You are here

class GroupOwnsContentAccessCheck in Group 8

Same name and namespace in other branches
  1. 2.0.x src/Access/GroupOwnsContentAccessCheck.php \Drupal\group\Access\GroupOwnsContentAccessCheck

Determines access to routes based on whether a piece of group content belongs to the group that was also specified in the route.

Hierarchy

Expanded class hierarchy of GroupOwnsContentAccessCheck

1 string reference to 'GroupOwnsContentAccessCheck'
group.services.yml in ./group.services.yml
group.services.yml
1 service uses GroupOwnsContentAccessCheck
access_check.group.owns_content in ./group.services.yml
Drupal\group\Access\GroupOwnsContentAccessCheck

File

src/Access/GroupOwnsContentAccessCheck.php, line 17

Namespace

Drupal\group\Access
View source
class GroupOwnsContentAccessCheck implements AccessInterface {

  /**
   * Checks access.
   *
   * @param \Symfony\Component\Routing\Route $route
   *   The route to check against.
   * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
   *   The parametrized route.
   * @param \Drupal\Core\Session\AccountInterface $account
   *   The account to check access for.
   *
   * @return \Drupal\Core\Access\AccessResultInterface
   *   The access result.
   */
  public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account) {
    $must_own_content = $route
      ->getRequirement('_group_owns_content') === 'TRUE';

    // Don't interfere if no group or group content was specified.
    $parameters = $route_match
      ->getParameters();
    if (!$parameters
      ->has('group') || !$parameters
      ->has('group_content')) {
      return AccessResult::neutral();
    }

    // Don't interfere if the group isn't a real group.
    $group = $parameters
      ->get('group');
    if (!$group instanceof GroupInterface) {
      return AccessResult::neutral();
    }

    // Don't interfere if the group content isn't a real group content entity.
    $group_content = $parameters
      ->get('group_content');
    if (!$group_content instanceof GroupContentInterface) {
      return AccessResult::neutral();
    }

    // If we have a group and group content, see if the owner matches.
    $group_owns_content = $group_content
      ->getGroup()
      ->id() == $group
      ->id();

    // Only allow access if the group content is owned by the group and
    // _group_owns_content is set to TRUE or the other way around.
    return AccessResult::allowedIf($group_owns_content xor !$must_own_content);
  }

}

Members