You are here

Home » API reference » Support Ticketing System 8 » SupportTicketRevisionAccessCheck.php » SupportTicketRevisionAccessCheck

public function SupportTicketRevisionAccessCheck::checkAccess in Support Ticketing System 8

Checks support_ticket revision access.

Parameters

\Drupal\support_ticket\SupportTicketInterface $support_ticket: The support_ticket to check.

\Drupal\Core\Session\AccountInterface $account: A user object representing the user for whom the operation is to be performed.

string $op: (optional) The specific operation being checked. Defaults to 'view.'

Return value

bool TRUE if the operation may be performed, FALSE otherwise.

File

modules/support_ticket/src/Access/SupportTicketRevisionAccessCheck.php, line 100
Contains \Drupal\support_ticket\Access\SupportTicketRevisionAccessCheck.

Class

SupportTicketRevisionAccessCheck
Provides an access checker for support_ticket revisions.

Namespace

Drupal\support_ticket\Access

Code

public function checkAccess(SupportTicketInterface $support_ticket, AccountInterface $account, $op = 'view') {
  $map = array(
    'view' => 'view all revisions',
    'update' => 'revert all revisions',
    'delete' => 'delete all revisions',
  );
  $bundle = $support_ticket
    ->bundle();
  $type_map = array(
    'view' => "view {$bundle} revisions",
    'update' => "revert {$bundle} revisions",
    'delete' => "delete {$bundle} revisions",
  );
  if (!$support_ticket || !isset($map[$op]) || !isset($type_map[$op])) {

    // If there was no support_ticket to check against, or the $op was not one of
    // the supported ones, we return access denied.
    return FALSE;
  }

  // Statically cache access by revision ID, language code, user account ID,
  // and operation.
  $langcode = $support_ticket
    ->language()
    ->getId();
  $cid = $support_ticket
    ->getRevisionId() . ':' . $langcode . ':' . $account
    ->id() . ':' . $op;
  if (!isset($this->access[$cid])) {

    // Perform basic permission checks first.
    if (!$account
      ->hasPermission($map[$op]) && !$account
      ->hasPermission($type_map[$op]) && !$account
      ->hasPermission('administer support tickets')) {
      $this->access[$cid] = FALSE;
      return FALSE;
    }

    // There should be at least two revisions. If the vid of the given
    // support_ticket and the vid of the default revision differ, then we already
    // have two different revisions so there is no need for a separate database
    // check. Also, if you try to revert to or delete the default revision, that's
    // not good.
    if ($support_ticket
      ->isDefaultRevision() && ($this->supportTicketStorage
      ->countDefaultLanguageRevisions($support_ticket) == 1 || $op == 'update' || $op == 'delete')) {
      $this->access[$cid] = FALSE;
    }
    elseif ($account
      ->hasPermission('administer support tickets')) {
      $this->access[$cid] = TRUE;
    }
    else {

      // First check the access to the default revision and finally, if the
      // support_ticket passed in is not the default revision then access to that,
      // too.
      $this->access[$cid] = $this->supportTicketAccess
        ->access($this->supportTicketStorage
        ->load($support_ticket
        ->id()), $op, $account) && ($support_ticket
        ->isDefaultRevision() || $this->supportTicketAccess
        ->access($support_ticket, $op, $account));
    }
  }
  return $this->access[$cid];
}