public function OgAccess::userAccessGroupContentEntityOperation in Organic groups 8
Checks access for entity operations on group content in a specific group.
This checks if the user has permission to perform the requested operation on the given group content entity according to the user's membership status in the given group. It also passes through ::userAccess() to check for any' of the special cases, such as being the root user, having global permission to administer all groups, etc.
The access result can be altered by implementing an event listener for GroupContentEntityOperationAccessEventInterface::EVENT_NAME.
For access to be granted, at least one of the above checks should grant access, and none of the event listeners should deny access. A neutral result is returned only if all checks are neutral or if the passed in entity is not group content.
Parameters
string $operation: The entity operation, such as "create", "update" or "delete".
\Drupal\Core\Entity\EntityInterface $group_entity: The group entity, to retrieve the permissions from.
\Drupal\Core\Entity\EntityInterface $group_content_entity: The group content entity for which access to the entity operation is requested.
\Drupal\Core\Session\AccountInterface|null $user: Optional user for which to check access. If omitted, the currently logged in user will be used.
Return value
\Drupal\Core\Access\AccessResultInterface The access result object.
Overrides OgAccessInterface::userAccessGroupContentEntityOperation
1 call to OgAccess::userAccessGroupContentEntityOperation()
- OgAccess::userAccessEntityOperation in src/
OgAccess.php - Checks whether a user can perform an operation on a given entity.
File
- src/
OgAccess.php, line 310
Class
- OgAccess
- The service that determines if users have access to groups and group content.
Namespace
Drupal\ogCode
public function userAccessGroupContentEntityOperation(string $operation, EntityInterface $group_entity, EntityInterface $group_content_entity, ?AccountInterface $user = NULL) : AccessResultInterface {
// Default to the current user.
$user = $user ?: $this->accountProxy
->getAccount();
$event = new GroupContentEntityOperationAccessEvent($operation, $group_entity, $group_content_entity, $user);
// @todo This doesn't really vary by user but by the user's roles inside of
// the group. We should create a cache context for OgRole entities.
// @see https://github.com/amitaibu/og/issues/219
$event
->addCacheableDependency($group_content_entity);
if ($user
->id() == $this->accountProxy
->id()) {
$event
->addCacheContexts([
'user',
]);
}
$this->dispatcher
->dispatch(GroupContentEntityOperationAccessEvent::EVENT_NAME, $event);
return $event
->getAccessResult();
}