protected function ActivityAccessControlHandler::checkAccess in Open Social 10.2.x

Same name and namespace in other branches

8.9 modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
8 modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
8.2 modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
8.3 modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
8.4 modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
8.5 modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
8.6 modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
8.7 modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
8.8 modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
10.3.x modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
10.0.x modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()
10.1.x modules/custom/activity_creator/src/ActivityAccessControlHandler.php \Drupal\activity_creator\ActivityAccessControlHandler::checkAccess()

Performs access checks.

This method is supposed to be overwritten by extending classes that do their own custom access checking.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.

\Drupal\Core\Session\AccountInterface $account: The user for which to check access.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

Overrides EntityAccessControlHandler::checkAccess

File

modules/custom/activity_creator/src/ActivityAccessControlHandler.php, line 56

Class

ActivityAccessControlHandler: Access controller for the Activity entity.

Namespace

Drupal\activity_creator

Code

protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {

  /** @var \Drupal\activity_creator\ActivityInterface $entity */
  switch ($operation) {
    case 'view':
      $recipient = $entity
        ->getRecipient();
      if ($recipient === NULL) {

        // This is simple, the message is not specific for group / user.
        // So we should check, does the user have permission to view entity?
        return $this
          ->returnAccessRelatedObject($entity, $operation, $account);
      }
      $recipient_type = $recipient['0']['target_type'];
      if ($recipient_type === 'user') {
        $recipient_id = $recipient['0']['target_id'];

        // If it is personalised, lets check recipient id vs account id.
        if ($this
          ->checkIfPersonalNotification($entity) === TRUE) {
          return AccessResult::allowedIf($account
            ->id() === $recipient_id);
        }

        // Lets fallback to the related object access permission.
        return $this
          ->returnAccessRelatedObject($entity, $operation, $account);
      }
      return AccessResult::allowedIfHasPermission($account, 'view all published activity entities');
    case 'update':
      return AccessResult::allowedIfHasPermission($account, 'edit activity entities');
    case 'delete':
      return AccessResult::allowedIfHasPermission($account, 'delete activity entities');
  }

  // Unknown operation, no opinion.
  return AccessResult::neutral();
}

You are here