You are here

Home » API reference » Payment 8.2 » PaymentMethodConfigurationAccessControlHandler.php » PaymentMethodConfigurationAccessControlHandler

protected function PaymentMethodConfigurationAccessControlHandler::checkAccess in Payment 8.2

Performs access checks.

This method is supposed to be overwritten by extending classes that do their own custom access checking.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.

\Drupal\Core\Session\AccountInterface $account: The user for which to check access.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

Overrides EntityAccessControlHandler::checkAccess

File

src/Entity/PaymentMethodConfiguration/PaymentMethodConfigurationAccessControlHandler.php, line 41

Class

PaymentMethodConfigurationAccessControlHandler
Checks access for payment method configurations.

Namespace

Drupal\payment\Entity\PaymentMethodConfiguration

Code

protected function checkAccess(EntityInterface $payment_method_configuration, $operation, AccountInterface $account) {

  /** @var \Drupal\payment\Entity\PaymentMethodConfigurationInterface $payment_method_configuration */
  if ($operation == 'enable') {
    return AccessResult::allowedIf(!$payment_method_configuration
      ->status())
      ->andIf($this
      ->access($payment_method_configuration, 'update', $account, TRUE))
      ->addCacheableDependency($payment_method_configuration);
  }
  elseif ($operation == 'disable') {
    return AccessResult::allowedIf($payment_method_configuration
      ->status())
      ->andIf($this
      ->access($payment_method_configuration, 'update', $account, TRUE))
      ->addCacheableDependency($payment_method_configuration);
  }
  elseif ($operation == 'duplicate') {
    return $this
      ->createAccess($payment_method_configuration
      ->bundle(), $account, [], TRUE)
      ->andIf($this
      ->access($payment_method_configuration, 'view', $account, TRUE));
  }
  else {
    $permission_prefix = 'payment.payment_method_configuration.' . $operation;
    return AccessResult::allowedIfHasPermission($account, $permission_prefix . '.any')
      ->orIf(AccessResult::allowedIfHasPermission($account, $permission_prefix . '.own')
      ->andIf(AccessResult::allowedIf($account
      ->id() == $payment_method_configuration
      ->getOwnerId())
      ->addCacheableDependency($payment_method_configuration)));
  }
}