class SupportTicketAccessControlHandler in Support Ticketing System 8
Defines the access control handler for the support_ticket entity type.
Hierarchy
- class \Drupal\Core\Entity\EntityHandlerBase uses DependencySerializationTrait, StringTranslationTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
- class \Drupal\support_ticket\SupportTicketAccessControlHandler implements EntityHandlerInterface
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
Expanded class hierarchy of SupportTicketAccessControlHandler
See also
\Drupal\support_ticket\Entity\SupportTicket
File
- modules/
support_ticket/ src/ SupportTicketAccessControlHandler.php, line 27 - Contains \Drupal\support_ticket\SupportTicketAccessControlHandler.
Namespace
Drupal\support_ticketView source
class SupportTicketAccessControlHandler extends EntityAccessControlHandler implements EntityHandlerInterface {
/**
* {@inheritdoc}
*/
public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
return new static($entity_type);
}
/**
* {@inheritdoc}
*/
public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE) {
$account = $this
->prepareUser($account);
if ($account
->hasPermission('administer support tickets')) {
$result = AccessResult::allowed()
->cachePerPermissions();
return $return_as_object ? $result : $result
->isAllowed();
}
if (!$account
->hasPermission('access support tickets')) {
$result = AccessResult::forbidden()
->cachePerPermissions();
return $return_as_object ? $result : $result
->isAllowed();
}
$result = parent::access($entity, $operation, $account, TRUE)
->cachePerPermissions();
return $return_as_object ? $result : $result
->isAllowed();
}
/**
* {@inheritdoc}
*/
public function createAccess($entity_bundle = NULL, AccountInterface $account = NULL, array $context = array(), $return_as_object = FALSE) {
$account = $this
->prepareUser($account);
if (!$account
->hasPermission('access support tickets')) {
$result = AccessResult::forbidden()
->cachePerPermissions();
return $return_as_object ? $result : $result
->isAllowed();
}
$result = parent::createAccess($entity_bundle, $account, $context, TRUE)
->cachePerPermissions();
return $return_as_object ? $result : $result
->isAllowed();
}
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $support_ticket, $operation, AccountInterface $account) {
/** @var \Drupal\support_ticket\SupportTicketInterface $support_ticket */
// Fetch information from the support_ticket object if possible.
$status = $support_ticket
->isPublished();
$uid = $support_ticket
->getOwnerId();
// Check if authors can view their own unpublished support tickets.
if ($operation === 'view' && !$status && $account
->hasPermission('view own unpublished support tickets') && $account
->isAuthenticated() && $account
->id() == $uid) {
return AccessResult::allowed()
->cachePerPermissions()
->cachePerUser()
->cacheUntilEntityChanges($support_ticket);
}
if ($operation === 'view') {
return AccessResult::allowedIf($status)
->cacheUntilEntityChanges($support_ticket);
}
// No opinion.
return AccessResult::neutral();
}
/**
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return AccessResult::allowedIf($account
->hasPermission('create ' . $entity_bundle . ' ticket'))
->cachePerPermissions();
}
/**
* {@inheritdoc}
*/
protected function checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL) {
// Only users with the administer support tickets permission can edit administrative
// fields.
$administrative_fields = array(
'uid',
'status',
'created',
'locked',
);
if ($operation == 'edit' && in_array($field_definition
->getName(), $administrative_fields, TRUE)) {
return AccessResult::allowedIfHasPermission($account, 'administer support tickets');
}
// No user can change read only fields.
$read_only_fields = array(
'revision_timestamp',
'revision_uid',
);
if ($operation == 'edit' && in_array($field_definition
->getName(), $read_only_fields, TRUE)) {
return AccessResult::forbidden();
}
// Users have access to the revision_log field either if they have
// administrative permissions or if the new revision option is enabled.
if ($operation == 'edit' && $field_definition
->getName() == 'revision_log') {
if ($account
->hasPermission('administer support tickets')) {
return AccessResult::allowed()
->cachePerPermissions();
}
return AccessResult::allowedIf($items
->getEntity()->support_ticket_type->entity
->isNewRevision())
->cachePerPermissions();
}
return parent::checkFieldAccess($operation, $field_definition, $account, $items);
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
DependencySerializationTrait:: |
protected | property | An array of entity type IDs keyed by the property name of their storages. | |
DependencySerializationTrait:: |
protected | property | An array of service IDs keyed by property name used for serialization. | |
DependencySerializationTrait:: |
public | function | 1 | |
DependencySerializationTrait:: |
public | function | 2 | |
EntityAccessControlHandler:: |
protected | property | Stores calculated access check results. | |
EntityAccessControlHandler:: |
protected | property | Information about the entity type. | |
EntityAccessControlHandler:: |
protected | property | The entity type ID of the access control handler instance. | |
EntityAccessControlHandler:: |
protected | property | Allows to grant access to just the labels. | 5 |
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface:: |
|
EntityAccessControlHandler:: |
protected | function | Tries to retrieve a previously cached access value from the static cache. | |
EntityAccessControlHandler:: |
protected | function | Loads the current account object, if it does not exist yet. | |
EntityAccessControlHandler:: |
protected | function | We grant access to the entity if both of these conditions are met: | |
EntityAccessControlHandler:: |
public | function |
Clears all cached access checks. Overrides EntityAccessControlHandlerInterface:: |
|
EntityAccessControlHandler:: |
protected | function | Statically caches whether the given user has access. | |
EntityAccessControlHandler:: |
public | function | Constructs an access control handler instance. | 5 |
EntityHandlerBase:: |
protected | property | The module handler to invoke hooks on. | 2 |
EntityHandlerBase:: |
protected | function | Gets the module handler. | 2 |
EntityHandlerBase:: |
public | function | Sets the module handler for this handler. | |
StringTranslationTrait:: |
protected | property | The string translation service. | 1 |
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. | |
SupportTicketAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandler:: |
|
SupportTicketAccessControlHandler:: |
protected | function |
Performs access checks. Overrides EntityAccessControlHandler:: |
|
SupportTicketAccessControlHandler:: |
protected | function |
Performs create access checks. Overrides EntityAccessControlHandler:: |
|
SupportTicketAccessControlHandler:: |
protected | function |
Default field access as determined by this access control handler. Overrides EntityAccessControlHandler:: |
|
SupportTicketAccessControlHandler:: |
public | function |
Checks access to create an entity. Overrides EntityAccessControlHandler:: |
|
SupportTicketAccessControlHandler:: |
public static | function |
Instantiates a new instance of this entity handler. Overrides EntityHandlerInterface:: |