You are here

class EntityAccessHelper in Open Social 8

Same name and namespace in other branches
  1. 8.9 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  2. 8.2 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  3. 8.3 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  4. 8.4 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  5. 8.5 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  6. 8.6 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  7. 8.7 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  8. 8.8 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  9. 10.3.x modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  10. 10.0.x modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  11. 10.1.x modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
  12. 10.2.x modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper

Helper class for checking entity access.

Hierarchy

Expanded class hierarchy of EntityAccessHelper

2 files declare their use of EntityAccessHelper
EntityAccessTest.php in modules/custom/entity_access_by_field/tests/src/Unit/EntityAccessTest.php
entity_access_by_field.module in modules/custom/entity_access_by_field/entity_access_by_field.module
Entity Access By Field module file.

File

modules/custom/entity_access_by_field/src/EntityAccessHelper.php, line 12

Namespace

Drupal\entity_access_by_field
View source
class EntityAccessHelper {

  /**
   * Array with values which need to be ignored.
   *
   * @todo Add group to ignored values (when outsider role is working).
   *
   * @return array
   *   An array containing a list of values to ignore.
   */
  public static function getIgnoredValues() {
    return [];
  }

  /**
   * NodeAccessCheck for given operation, node and user account.
   */
  public static function nodeAccessCheck(NodeInterface $node, $op, AccountInterface $account) {
    if ($op === 'view') {

      // Check published status.
      if (isset($node->status) && $node->status->value == NODE_NOT_PUBLISHED) {
        $unpublished_own = $account
          ->hasPermission('view own unpublished content');
        if ($node
          ->getOwnerId() !== $account
          ->id() || $node
          ->getOwnerId() === $account
          ->id() && !$unpublished_own) {
          return 1;
        }
      }
      $field_definitions = $node
        ->getFieldDefinitions();

      /* @var \Drupal\Core\Field\FieldConfigInterface $field_definition */
      foreach ($field_definitions as $field_name => $field_definition) {
        if ($field_definition
          ->getType() === 'entity_access_field') {
          $field_values = $node
            ->get($field_name)
            ->getValue();
          if (!empty($field_values)) {
            foreach ($field_values as $field_value) {
              if (isset($field_value['value'])) {
                if (in_array($field_value['value'], EntityAccessHelper::getIgnoredValues())) {
                  return 0;
                }
                $permission_label = $field_definition
                  ->id() . ':' . $field_value['value'];

                // When content is posted in a group and the account does not
                // have permission we return Access::ignore.
                if ($field_value['value'] === 'group') {
                  if (!$account
                    ->hasPermission('view ' . $permission_label . ' content')) {
                    return 0;
                  }
                }
                if ($account
                  ->hasPermission('view ' . $permission_label . ' content')) {
                  return 2;
                }
                if ($account
                  ->id() !== 0 && $account
                  ->id() === $node
                  ->getOwnerId()) {
                  return 2;
                }
              }
            }
          }
          $access = FALSE;
        }
      }
      if (isset($access) && $access === FALSE) {
        return 1;
      }
    }
    return 0;
  }

  /**
   * Gets the Entity access for the given node.
   */
  public static function getEntityAccessResult(NodeInterface $node, $op, AccountInterface $account) {
    $access = EntityAccessHelper::nodeAccessCheck($node, $op, $account);
    switch ($access) {
      case 2:
        return AccessResult::allowed()
          ->cachePerPermissions()
          ->addCacheableDependency($node);
      case 1:
        return AccessResult::forbidden();
    }
    return AccessResult::neutral();
  }

}

Members

Namesort descending Modifiers Type Description Overrides
EntityAccessHelper::getEntityAccessResult public static function Gets the Entity access for the given node.
EntityAccessHelper::getIgnoredValues public static function Array with values which need to be ignored.
EntityAccessHelper::nodeAccessCheck public static function NodeAccessCheck for given operation, node and user account.