You are here

protected function LPResultAccessControlHandler::checkAccess in Opigno Learning path 3.x

Same name and namespace in other branches
  1. 8 src/LPResultAccessControlHandler.php \Drupal\opigno_learning_path\LPResultAccessControlHandler::checkAccess()

Entity access control. checkAccess is called with the $operation as defined in the routing.yml file.

Overrides EntityAccessControlHandler::checkAccess

File

src/LPResultAccessControlHandler.php, line 24

Class

LPResultAccessControlHandler
Access control handler for the learning_path_result entity.

Namespace

Drupal\opigno_learning_path

Code

protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {

  /** @var \Drupal\opigno_learning_path\Entity\LPResult $entity */

  /** @var \Drupal\group\Entity\Group $group */
  $group = $entity
    ->getLearningPath();
  $is_owner = $entity
    ->getUserId() == $account
    ->id();
  if (empty($group) || !is_object($group)) {
    return AccessResult::neutral();
  }
  if ($group
    ->getGroupType()
    ->id() !== 'learning_path') {
    throw new AccessException('LPResult associated with wrong group type!');
  }
  switch ($operation) {
    case 'view':

      // Allow user to view their own results.
      return AccessResult::allowedIf($is_owner && $group
        ->hasPermission('view own results', $account) || $group
        ->hasPermission('view all results', $account));
    case 'edit':
      return AccessResult::allowedIf($is_owner && $group
        ->hasPermission('edit own results', $account) || $group
        ->hasPermission('edit all results', $account));
    case 'delete':
      return AccessResult::allowedIf($is_owner && $group
        ->hasPermission('delete own results', $account) || $group
        ->hasPermission('delete all results', $account));
  }

  // Unknown operation, return neutral
  // (will be denied if all access control handlers return neutral).
  return AccessResult::neutral();
}