PollAccessControlHandler.php in Poll 8
File
src/PollAccessControlHandler.php
View source
<?php
namespace Drupal\poll;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Entity\EntityAccessControlHandler;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\Field\FieldItemListInterface;
use Drupal\Core\Session\AccountInterface;
class PollAccessControlHandler extends EntityAccessControlHandler {
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return AccessResult::allowedIfHasPermissions($account, [
'create polls',
'administer polls',
], 'OR');
}
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($operation == 'view') {
return AccessResult::allowedIfHasPermission($account, 'access polls');
}
elseif ($operation == 'update' && !$account
->isAnonymous() && $account
->id() == $entity
->get('uid')->target_id) {
return AccessResult::allowedIfHasPermissions($account, [
'edit own polls',
'administer polls',
], 'OR');
}
return parent::checkAccess($entity, $operation, $account);
}
protected function checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL) {
$restricted_fields = [
'uid',
];
if ($operation === 'edit' && in_array($field_definition
->getName(), $restricted_fields, TRUE)) {
return AccessResult::allowedIfHasPermission($account, 'administer polls');
}
return parent::checkFieldAccess($operation, $field_definition, $account, $items);
}
}
