class SubscriptionAccessControlHandler in Mailing List 8
Access controller for the subscription entity.
Hierarchy
- class \Drupal\Core\Entity\EntityHandlerBase uses DependencySerializationTrait, StringTranslationTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
- class \Drupal\mailing_list\SubscriptionAccessControlHandler
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
Expanded class hierarchy of SubscriptionAccessControlHandler
See also
\Drupal\mailing_list\Entity\Subscription.
File
- src/
SubscriptionAccessControlHandler.php, line 17
Namespace
Drupal\mailing_listView source
class SubscriptionAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\mailing_list\SubscriptionInterface $entity */
// Subscriptions administrators have global access.
if ($account
->hasPermission('administer mailing list subscriptions')) {
return AccessResult::allowed()
->cachePerPermissions();
}
// Treat view label operation as view.
if ($operation == 'view label') {
$operation = 'view';
}
$list_id = $entity
->getListId();
// Inactive subscription access.
if (!$entity
->isActive() && !$account
->hasPermission("access inactive {$list_id} mailing list subscriptions")) {
return AccessResult::forbidden();
}
// Subscription owner check.
$is_owner = $account
->id() == $entity
->getOwnerId();
if ($account
->isAnonymous() || !$is_owner) {
// Check for session grants.
$is_owner = \Drupal::service('mailing_list.manager')
->hasSessionAccess($entity);
}
// Access allowed if user has unrestricted access or is the owner and can
// subscribe to such mailing list.
if ($account
->hasPermission("{$operation} any {$list_id} mailing list subscriptions") || $is_owner && $account
->hasPermission("subscribe to {$list_id} mailing list")) {
return AccessResult::allowed();
}
// Unknown operation, no opinion.
return AccessResult::neutral();
}
/**
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return AccessResult::allowedIf($account
->hasPermission('administer mailing list subscriptions') || $account
->hasPermission("subscribe to {$entity_bundle} mailing list"))
->cachePerPermissions();
}
/**
* {@inheritdoc}
*/
protected function checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL) {
if ($operation == 'edit') {
// Only users with the administer nodes permission can edit administrative
// fields.
$administrative_fields = [
'uid',
'created',
'status',
];
if (in_array($field_definition
->getName(), $administrative_fields, TRUE)) {
return AccessResult::allowedIfHasPermission($account, 'administer mailing list subscriptions');
}
}
return parent::checkFieldAccess($operation, $field_definition, $account, $items);
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
DependencySerializationTrait:: |
protected | property | An array of entity type IDs keyed by the property name of their storages. | |
|
DependencySerializationTrait:: |
protected | property | An array of service IDs keyed by property name used for serialization. | |
|
DependencySerializationTrait:: |
public | function | 1 | |
|
DependencySerializationTrait:: |
public | function | 2 | |
|
EntityAccessControlHandler:: |
protected | property | Stores calculated access check results. | |
|
EntityAccessControlHandler:: |
protected | property | Information about the entity type. | |
|
EntityAccessControlHandler:: |
protected | property | The entity type ID of the access control handler instance. | |
|
EntityAccessControlHandler:: |
protected | property | Allows to grant access to just the labels. | 5 |
|
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface:: |
1 |
|
EntityAccessControlHandler:: |
public | function |
Checks access to create an entity. Overrides EntityAccessControlHandlerInterface:: |
1 |
|
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface:: |
|
|
EntityAccessControlHandler:: |
protected | function | Tries to retrieve a previously cached access value from the static cache. | |
|
EntityAccessControlHandler:: |
protected | function | Loads the current account object, if it does not exist yet. | |
|
EntityAccessControlHandler:: |
protected | function | We grant access to the entity if both of these conditions are met: | |
|
EntityAccessControlHandler:: |
public | function |
Clears all cached access checks. Overrides EntityAccessControlHandlerInterface:: |
|
|
EntityAccessControlHandler:: |
protected | function | Statically caches whether the given user has access. | |
|
EntityAccessControlHandler:: |
public | function | Constructs an access control handler instance. | 5 |
|
EntityHandlerBase:: |
protected | property | The module handler to invoke hooks on. | 2 |
|
EntityHandlerBase:: |
protected | function | Gets the module handler. | 2 |
|
EntityHandlerBase:: |
public | function | Sets the module handler for this handler. | |
|
StringTranslationTrait:: |
protected | property | The string translation service. | 1 |
|
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
|
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
|
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
|
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
|
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. | |
|
SubscriptionAccessControlHandler:: |
protected | function |
Performs access checks. Overrides EntityAccessControlHandler:: |
|
|
SubscriptionAccessControlHandler:: |
protected | function |
Performs create access checks. Overrides EntityAccessControlHandler:: |
|
|
SubscriptionAccessControlHandler:: |
protected | function |
Default field access as determined by this access control handler. Overrides EntityAccessControlHandler:: |