class EntityAccessHelper in Open Social 8.9
Same name and namespace in other branches
- 8 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 8.2 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 8.3 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 8.4 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 8.5 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 8.6 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 8.7 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 8.8 modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 10.3.x modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 10.0.x modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 10.1.x modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
- 10.2.x modules/custom/entity_access_by_field/src/EntityAccessHelper.php \Drupal\entity_access_by_field\EntityAccessHelper
Helper class for checking entity access.
Hierarchy
- class \Drupal\entity_access_by_field\EntityAccessHelper
Expanded class hierarchy of EntityAccessHelper
2 files declare their use of EntityAccessHelper
- EntityAccessTest.php in modules/
custom/ entity_access_by_field/ tests/ src/ Unit/ EntityAccessTest.php - entity_access_by_field.module in modules/
custom/ entity_access_by_field/ entity_access_by_field.module - Entity Access By Field module file.
File
- modules/
custom/ entity_access_by_field/ src/ EntityAccessHelper.php, line 15
Namespace
Drupal\entity_access_by_fieldView source
class EntityAccessHelper {
/**
* Array with values which need to be ignored.
*
* @todo Add group to ignored values (when outsider role is working).
*
* @return array
* An array containing a list of values to ignore.
*/
public static function getIgnoredValues() {
return [];
}
/**
* NodeAccessCheck for given operation, node and user account.
*/
public static function nodeAccessCheck(NodeInterface $node, $op, AccountInterface $account) {
if ($op === 'view') {
// Check published status.
if (isset($node->status) && $node->status->value == NODE_NOT_PUBLISHED) {
$unpublished_own = $account
->hasPermission('view own unpublished content');
if ($node
->getOwnerId() !== $account
->id() || $node
->getOwnerId() === $account
->id() && !$unpublished_own) {
return 1;
}
}
$field_definitions = $node
->getFieldDefinitions();
/* @var \Drupal\Core\Field\FieldConfigInterface $field_definition */
foreach ($field_definitions as $field_name => $field_definition) {
if ($field_definition
->getType() === 'entity_access_field') {
$field_values = $node
->get($field_name)
->getValue();
if (!empty($field_values)) {
foreach ($field_values as $field_value) {
if (isset($field_value['value'])) {
if (in_array($field_value['value'], EntityAccessHelper::getIgnoredValues())) {
return 0;
}
$permission_label = $field_definition
->id() . ':' . $field_value['value'];
// When content is posted in a group and the account does not
// have permission we return Access::ignore.
if ($field_value['value'] === 'group') {
// Don't look no further.
if ($account
->hasPermission('manage all groups')) {
return 0;
}
if (!$account
->hasPermission('view ' . $permission_label . ' content')) {
// Lets verify if we are a member for flexible groups.
$groups = GroupContent::loadByEntity($node);
if (!empty($groups)) {
$group = reset($groups)
->getGroup();
if ($group instanceof Group && !$group
->getMember($account) && $group
->getGroupType()
->id() === 'flexible_group') {
return 1;
}
}
return 0;
}
}
if ($account
->hasPermission('view ' . $permission_label . ' content')) {
return 2;
}
if ($account
->id() !== 0 && $account
->id() === $node
->getOwnerId()) {
return 2;
}
}
}
}
$access = FALSE;
}
}
if (isset($access) && $access === FALSE) {
return 1;
}
}
return 0;
}
/**
* Gets the Entity access for the given node.
*/
public static function getEntityAccessResult(NodeInterface $node, $op, AccountInterface $account) {
$access = EntityAccessHelper::nodeAccessCheck($node, $op, $account);
$moduleHandler = \Drupal::service('module_handler');
// If the social_event_invite module is enabled and a person got invited
// then allow access to view the node.
// Todo:: Come up with a better solution for this code.
if ($moduleHandler
->moduleExists('social_event_invite')) {
if ($op == 'view') {
$conditions = [
'field_account' => $account
->id(),
'field_event' => $node
->id(),
];
// Load the current Event enrollments so we can check duplicates.
$storage = \Drupal::entityTypeManager()
->getStorage('event_enrollment');
$enrollments = $storage
->loadByProperties($conditions);
if ($enrollment = array_pop($enrollments)) {
if ($enrollment->field_request_or_invite_status && (int) $enrollment->field_request_or_invite_status->value !== EventEnrollmentInterface::REQUEST_OR_INVITE_DECLINED && (int) $enrollment->field_request_or_invite_status->value !== EventEnrollmentInterface::INVITE_INVALID_OR_EXPIRED) {
$access = 2;
}
}
}
}
switch ($access) {
case 2:
return AccessResult::allowed()
->cachePerPermissions()
->addCacheableDependency($node);
case 1:
return AccessResult::forbidden();
}
return AccessResult::neutral();
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
EntityAccessHelper:: |
public static | function | Gets the Entity access for the given node. | |
|
EntityAccessHelper:: |
public static | function | Array with values which need to be ignored. | |
|
EntityAccessHelper:: |
public static | function | NodeAccessCheck for given operation, node and user account. |