SubscriberAccessControlHandler.php in Simplenews 3.x
File
src/SubscriberAccessControlHandler.php
View source
<?php
namespace Drupal\simplenews;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityAccessControlHandler;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\Field\FieldItemListInterface;
use Drupal\Core\Session\AccountInterface;
class SubscriberAccessControlHandler extends EntityAccessControlHandler {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($account
->hasPermission('administer simplenews subscriptions')) {
return AccessResult::allowed()
->cachePerPermissions();
}
if ($operation != 'delete' && $entity
->getUserId()) {
return AccessResult::allowedIf($entity
->getUserId() == $account
->id())
->andIf(AccessResult::allowedIfHasPermission($account, 'subscribe to newsletters'))
->addCacheableDependency($entity);
}
if ($operation == 'view') {
return AccessResult::allowedIfHasPermission($account, 'view simplenews subscriptions');
}
return AccessResult::neutral();
}
protected function checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL) {
if ($field_definition
->getName() == 'mail' && $operation == 'view') {
if ($account
->hasPermission('administer simplenews subscriptions') || $account
->hasPermission('view simplenews subscriptions')) {
return AccessResult::allowed()
->cachePerPermissions();
}
if ($account
->isAuthenticated() && $items && ($entity = $items
->getEntity()) && $entity
->getUserId() == $account
->id()) {
return AccessResult::allowed()
->addCacheableDependency($entity);
}
return AccessResult::neutral();
}
if ($operation == 'edit') {
switch ($field_definition
->getName()) {
case 'uid':
return AccessResult::forbidden();
case 'status':
case 'created':
return AccessResult::allowedIfHasPermission($account, 'administer simplenews subscriptions');
case 'mail':
case 'langcode':
if ($items && ($entity = $items
->getEntity()) && $entity
->getUserId()) {
return AccessResult::forbidden();
}
break;
}
}
return parent::checkFieldAccess($operation, $field_definition, $account, $items);
}
}