You are here

Home » API reference » Token Content Access 8 » TcaCommerceProductAccessControlHandler.php » TcaCommerceProductAccessControlHandler

public function TcaCommerceProductAccessControlHandler::access in Token Content Access 8

Same name and namespace in other branches
  1. 2.0.x modules/tca_commerce_product/src/TcaCommerceProductAccessControlHandler.php \Drupal\tca_commerce_product\TcaCommerceProductAccessControlHandler::access()

Checks access to an operation on a given entity or entity translation.

Use \Drupal\Core\Entity\EntityAccessControlHandlerInterface::createAccess() to check access to create an entity.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The operation access should be checked for. Usually one of "view", "view label", "update" or "delete".

\Drupal\Core\Session\AccountInterface $account: (optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.

bool $return_as_object: (optional) Defaults to FALSE.

Return value

bool|\Drupal\Core\Access\AccessResultInterface The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".

Overrides EntityAccessControlHandler::access

File

modules/tca_commerce_product/src/TcaCommerceProductAccessControlHandler.php, line 18

Class

TcaCommerceProductAccessControlHandler
Extended access control handler for node entity.

Namespace

Drupal\tca_commerce_product

Code

public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE) {

  // Allow users without the permission "access content"
  // to 'view' the commerce_product by providing URL token.
  $access = parent::access($entity, $operation, $account, $return_as_object);
  if ($operation === 'view' && $entity
    ->get('tca_active')
    ->getString()) {

    // Compare token from URL with commerce_product token.
    $token_match = $entity
      ->get('tca_token')
      ->getString() === $this
      ->getRequestStack()
      ->getCurrentRequest()
      ->get('tca');
    return $token_match ? AccessResultAllowed::allowed() : $access;
  }
  return $access;
}