You are here

Home » API reference » Permissions by Term 8.2 » PermissionsByEntityKernelEventSubscriber.php » PermissionsByEntityKernelEventSubscriber

public function PermissionsByEntityKernelEventSubscriber::onKernelRequest in Permissions by Term 8.2

Same name and namespace in other branches
  1. 8 modules/permissions_by_entity/src/EventSubscriber/PermissionsByEntityKernelEventSubscriber.php \Drupal\permissions_by_entity\EventSubscriber\PermissionsByEntityKernelEventSubscriber::onKernelRequest()

Callback method for the KernelEvents::REQUEST event.

Parameters

\Symfony\Component\HttpKernel\Event\GetResponseEvent $event: The event instance.

File

modules/permissions_by_entity/src/EventSubscriber/PermissionsByEntityKernelEventSubscriber.php, line 83

Class

PermissionsByEntityKernelEventSubscriber
Class PermissionsByEntityKernelEventSubscriber.

Namespace

Drupal\permissions_by_entity\EventSubscriber

Code

public function onKernelRequest(GetResponseEvent $event) {

  // Only act on the master request.
  if ($event
    ->getRequestType() !== HttpKernelInterface::MASTER_REQUEST) {
    return;
  }

  // Get the current request from the event.
  $request = $event
    ->getRequest();

  // Get the entity.

  /** @var \Drupal\Core\Entity\FieldableEntityInterface $entity */
  $entity = NULL;
  if ($request->attributes
    ->has('node')) {
    $entity = $request->attributes
      ->get('node');
  }
  elseif ($request->attributes
    ->has('_entity')) {
    $entity = $request->attributes
      ->get('_entity');
  }

  // If there is no entity abort here.
  if (!$entity instanceof FieldableEntityInterface) {
    return;
  }

  // If we already checked this entity, we do nothing.
  if ($this->checkedEntityCache
    ->isChecked($entity)) {
    return;
  }

  // Add this entity to the cache.
  $this->checkedEntityCache
    ->add($entity);

  // Check if the current user is allowed to access this entity.
  if ($entity && $entity instanceof FieldableEntityInterface && $this->accessChecker
    ->isAccessControlled($entity) && !$this->accessChecker
    ->isAccessAllowed($entity)) {

    // If the current user is not allowed to access this entity,
    // we throw an AccessDeniedHttpException.
    throw new AccessDeniedHttpException($this->translation
      ->translate('You are not allowed to view content of this entity type.'));
  }
}