You are here

Home » API reference » Opigno Moxtra 3.x » MeetingAccessControlHandler.php » MeetingAccessControlHandler

protected function MeetingAccessControlHandler::checkAccess in Opigno Moxtra 3.x

Same name and namespace in other branches
  1. 8 src/MeetingAccessControlHandler.php \Drupal\opigno_moxtra\MeetingAccessControlHandler::checkAccess()

Performs access checks.

This method is supposed to be overwritten by extending classes that do their own custom access checking.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.

\Drupal\Core\Session\AccountInterface $account: The user for which to check access.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

Overrides EntityAccessControlHandler::checkAccess

File

src/MeetingAccessControlHandler.php, line 20

Class

MeetingAccessControlHandler
Access controller for the opigno_moxtra_meeting entity.

Namespace

Drupal\opigno_moxtra

Code

protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
  if ($account
    ->hasPermission('manage group content in any group')) {
    return AccessResult::allowed();
  }

  /** @var \Drupal\opigno_moxtra\MeetingInterface $entity */
  switch ($operation) {
    case 'view':
      $members = $entity
        ->getMembersIds();
      if (!empty($members)) {

        // Deny access if the meeting has a members restriction
        // and the user is not a member of the meeting.
        if (!in_array($account
          ->id(), $members)) {
          $training = $entity
            ->getTraining();
          if (empty($members) && isset($training) && $training
            ->getMember($account) !== FALSE) {
            return AccessResult::allowed();
          }
          return AccessResult::forbidden();
        }
        else {
          return AccessResult::allowed();
        }
      }
      else {

        // Deny access if the meeting hasn't a members restricton
        // and the user is not a member of the related training.
        $training = $entity
          ->getTraining();
        if (isset($training) && $training
          ->getMember($account) === FALSE) {
          return AccessResult::forbidden();
        }
      }
      return AccessResult::allowedIfHasPermission($account, 'view meeting entities');
    case 'edit':
      if ($entity
        ->getOwnerId() === $account
        ->id()) {

        // Allow users to edit its own content.
        return AccessResult::allowed();
      }
      return AccessResult::allowedIfHasPermission($account, 'edit meeting entities');
    case 'delete':
      if ($entity
        ->getOwnerId() === $account
        ->id()) {

        // Allow users to delete its own content.
        return AccessResult::allowed();
      }
      return AccessResult::allowedIfHasPermission($account, 'delete meeting entities');
  }
  return AccessResult::allowed();
}