class ContactAccessControlHandler in RedHen CRM 8
Access controller for the Contact entity.
Hierarchy
- class \Drupal\Core\Entity\EntityHandlerBase uses DependencySerializationTrait, StringTranslationTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
- class \Drupal\redhen_contact\ContactAccessControlHandler
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
Expanded class hierarchy of ContactAccessControlHandler
See also
\Drupal\redhen_contact\Entity\Contact.
File
- modules/
redhen_contact/ src/ ContactAccessControlHandler.php, line 15
Namespace
Drupal\redhen_contactView source
class ContactAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected $viewLabelOperation = TRUE;
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\redhen_contact\ContactInterface $entity */
// Get Contact bundle.
$entity_bundle = $entity
->getType();
// Check if Contact being accessed is user's own.
$own = $entity
->getOwnerId() == $account
->id();
switch ($operation) {
// @todo split out view label into its own permission.
case 'view label':
case 'view':
// If Contact is active, check "view own" and/or "view active"
// permissions to determine access.
if ($entity
->isActive()) {
// If Contact is user's own, either "view active" or "view own"
// permission is sufficient to grant access.
if ($own) {
$view_access = AccessResult::allowedIfHasPermissions($account, [
'view active contact entities',
'view active ' . $entity_bundle . ' contact',
'view own ' . $entity_bundle . ' contact',
], 'OR');
}
else {
$view_access = AccessResult::allowedIfHasPermissions($account, [
'view active contact entities',
'view active ' . $entity_bundle . ' contact',
], 'OR');
}
}
else {
$view_access = AccessResult::allowedIfHasPermissions($account, [
'view inactive contact entities',
'view inactive ' . $entity_bundle . ' contact',
], 'OR');
}
return $view_access;
case 'update':
// If Contact is active, check "edit own" and/or "edit active"
// permissions to determine access.
if ($entity
->isActive()) {
// If Contact is user's own, either "edit any" or "edit own"
// permission is sufficient to grant access.
if ($own) {
$edit_access = AccessResult::allowedIfHasPermissions($account, [
'edit contact entities',
'edit any ' . $entity_bundle . ' contact',
'edit own ' . $entity_bundle . ' contact',
], 'OR');
}
}
// If Contact is inactive or not user's own, user needs "edit any"
// permission to have access.
if (!isset($edit_access)) {
$edit_access = AccessResult::allowedIfHasPermissions($account, [
'edit contact entities',
'edit any ' . $entity_bundle . ' contact',
], 'OR');
}
return $edit_access;
case 'delete':
// If Contact is active, check "delete own" and/or "delete active"
// permissions to determine access.
if ($entity
->isActive()) {
// If Contact is user's own, either "delete any" or "delete own"
// permission is sufficient to grant access.
if ($own) {
$delete_access = AccessResult::allowedIfHasPermissions($account, [
'delete contact entities',
'delete any ' . $entity_bundle . ' contact',
'delete own ' . $entity_bundle . ' contact',
], 'OR');
}
}
// If Contact is inactive or not user's own, user needs "delete any"
// permission to have access.
if (!isset($delete_access)) {
$delete_access = AccessResult::allowedIfHasPermissions($account, [
'delete contact entities',
'delete any ' . $entity_bundle . ' contact',
], 'OR');
}
return $delete_access;
}
// Unknown operation, no opinion.
return AccessResult::neutral();
}
/**
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
// If there is only one redhen_contact bundle, set $entity_bundle to it
// since ContactAddController::add returns the add form for the solitary
// bundle instead of a bundle select form if there is only one.
if (!$entity_bundle) {
$types = \Drupal::entityTypeManager()
->getStorage('redhen_contact_type')
->loadMultiple();
if ($types && count($types) == 1) {
$entity_bundle = array_keys($types)[0];
}
}
return AccessResult::allowedIfHasPermissions($account, [
'add contact entities',
'add ' . $entity_bundle . ' contact',
], 'OR');
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
ContactAccessControlHandler:: |
protected | property |
Allows to grant access to just the labels. Overrides EntityAccessControlHandler:: |
|
|
ContactAccessControlHandler:: |
protected | function |
Performs access checks. Overrides EntityAccessControlHandler:: |
|
|
ContactAccessControlHandler:: |
protected | function |
Performs create access checks. Overrides EntityAccessControlHandler:: |
|
|
DependencySerializationTrait:: |
protected | property | An array of entity type IDs keyed by the property name of their storages. | |
|
DependencySerializationTrait:: |
protected | property | An array of service IDs keyed by property name used for serialization. | |
|
DependencySerializationTrait:: |
public | function | 1 | |
|
DependencySerializationTrait:: |
public | function | 2 | |
|
EntityAccessControlHandler:: |
protected | property | Stores calculated access check results. | |
|
EntityAccessControlHandler:: |
protected | property | Information about the entity type. | |
|
EntityAccessControlHandler:: |
protected | property | The entity type ID of the access control handler instance. | |
|
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface:: |
1 |
|
EntityAccessControlHandler:: |
protected | function | Default field access as determined by this access control handler. | 4 |
|
EntityAccessControlHandler:: |
public | function |
Checks access to create an entity. Overrides EntityAccessControlHandlerInterface:: |
1 |
|
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface:: |
|
|
EntityAccessControlHandler:: |
protected | function | Tries to retrieve a previously cached access value from the static cache. | |
|
EntityAccessControlHandler:: |
protected | function | Loads the current account object, if it does not exist yet. | |
|
EntityAccessControlHandler:: |
protected | function | We grant access to the entity if both of these conditions are met: | |
|
EntityAccessControlHandler:: |
public | function |
Clears all cached access checks. Overrides EntityAccessControlHandlerInterface:: |
|
|
EntityAccessControlHandler:: |
protected | function | Statically caches whether the given user has access. | |
|
EntityAccessControlHandler:: |
public | function | Constructs an access control handler instance. | 5 |
|
EntityHandlerBase:: |
protected | property | The module handler to invoke hooks on. | 2 |
|
EntityHandlerBase:: |
protected | function | Gets the module handler. | 2 |
|
EntityHandlerBase:: |
public | function | Sets the module handler for this handler. | |
|
StringTranslationTrait:: |
protected | property | The string translation service. | 1 |
|
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
|
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
|
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
|
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
|
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. |