You are here

Home » API reference » Search API Saved Searches 8 » SavedSearchAccessControlHandler.php » SavedSearchAccessControlHandler

protected function SavedSearchAccessControlHandler::checkAccess in Search API Saved Searches 8

Performs access checks.

This method is supposed to be overwritten by extending classes that do their own custom access checking.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.

\Drupal\Core\Session\AccountInterface $account: The user for which to check access.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

Overrides EntityAccessControlHandler::checkAccess

File

src/Entity/SavedSearchAccessControlHandler.php, line 105

Class

SavedSearchAccessControlHandler
Provides access checking for saved searches.

Namespace

Drupal\search_api_saved_searches\Entity

Code

protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {

  /** @var \Drupal\search_api_saved_searches\SavedSearchInterface $entity */
  $access = parent::checkAccess($entity, $operation, $account);
  if (!$access
    ->isAllowed()) {
    if (!$entity
      ->getOwner()
      ->isAnonymous()) {
      $is_owner = $account
        ->id() == $entity
        ->getOwnerId();
      $owner_access = AccessResult::allowedIf($is_owner)
        ->addCacheableDependency($account);
    }
    else {
      $token = $this
        ->getRequestStack()
        ->getCurrentRequest()->query
        ->get('token');
      $token_match = $token === $entity
        ->getAccessToken($operation);
      $owner_access = AccessResult::allowedIf($token_match)
        ->addCacheContexts([
        'url.query_args:token',
      ]);
    }
    $owner_access
      ->andIf($this
      ->checkBundleAccess($account, $entity
      ->bundle()));
    $access = $access
      ->orIf($owner_access);
  }
  return $access;
}