You are here

Home » API reference » Token Content Access 2.0.x » TcaAccessCheck.php

class TcaAccessCheck in Token Content Access 2.0.x

Same name and namespace in other branches
  1. 8 src/Access/TcaAccessCheck.php \Drupal\tca\Access\TcaAccessCheck

Token Content Access access check.

Hierarchy

Expanded class hierarchy of TcaAccessCheck

1 string reference to 'TcaAccessCheck'
tca.services.yml in ./tca.services.yml
tca.services.yml
1 service uses TcaAccessCheck
tca.tca_access_check in ./tca.services.yml
Drupal\tca\Access\TcaAccessCheck

File

src/Access/TcaAccessCheck.php, line 16

Namespace

Drupal\tca\Access
View source 
class TcaAccessCheck implements AccessInterface {

  /**
   * Drupal\Core\Entity\EntityTypeManager definition.
   *
   * @var Drupal\Core\Entity\EntityTypeManager
   */
  protected $entityTypeManager = NULL;

  /**
   * Drupal\tca\Plugin\TcaPluginManager definition.
   *
   * @var Drupal\tca\Plugin\TcaPluginManager
   */
  protected $tcaPluginManager = NULL;

  /**
   * Drupal\tca\TcaSettingsManager definition.
   *
   * @var Drupal\tca\TcaSettingsManager
   */
  protected $tcaSettingsManager = NULL;

  /**
   * Constructor.
   */
  public function __construct(EntityTypeManagerInterface $entity_type_manager, TcaPluginManager $tca_plugin_manager, TcaSettingsManager $tca_settings_manager) {
    $this->entityTypeManager = $entity_type_manager;
    $this->tcaPluginManager = $tca_plugin_manager;
    $this->tcaSettingsManager = $tca_settings_manager;
  }

  /**
   * Checks access to the node add page for the node type.
   *
   * @param \Drupal\Core\Entity\EntityInterface $entity
   *   The entity.
   * @param string $user_token
   *   The TCA token.
   * @param \Drupal\Core\Session\AccountInterface $account
   *   The account.
   *
   * @return \Drupal\Core\Access\AccessResult
   *   A \Drupal\Core\Access\AccessInterface value.
   */
  public function access(EntityInterface $entity, $user_token, AccountInterface $account = NULL) {
    $neutral = AccessResult::neutral()
      ->addCacheableDependency($entity)
      ->addCacheContexts([
      'url.path',
    ]);
    $entity_type_id = $entity
      ->getEntityTypeId();
    $entity_id = $entity
      ->id();
    $affected_types = $this->tcaPluginManager
      ->loadSupportedEntityTypes();
    $affected_bundle_types = $this->tcaPluginManager
      ->loadSupportedBundleEntityTypes();
    if (!$account) {
      $account = \Drupal::currentUser();
    }
    $bypass_permitted = $account
      ->hasPermission('tca bypass ' . $entity_type_id);

    // If user has bypass permission or entity is not alowed for TCA, exit.
    if ($bypass_permitted || !in_array($entity_type_id, $affected_types) && !in_array($entity_type_id, $affected_bundle_types)) {
      return $neutral;
    }
    $entity_type = $this->entityTypeManager
      ->getStorage($entity_type_id)
      ->getEntityType();

    // TRUE if an entity such as node_type.
    $is_entity_bundle = $this
      ->isEntityBundle($entity);
    $bundle = $entity
      ->bundle();
    $tca_bundle_settings = NULL;
    $tca_settings = NULL;
    $active = NULL;
    $token = NULL;

    // TCA for entity bundles such as node_type.
    if ($is_entity_bundle) {

      // Load TCA settings for entity.
      $tca_settings = $this->tcaSettingsManager
        ->loadSettingsAsConfig($entity_type_id, $entity_id);
      $active = $tca_settings
        ->get('active');
      $token = $tca_settings
        ->get('token');
      $public = $tca_settings
        ->get('public');
    }
    else {
      $bundle_entity_type_id = $entity_type
        ->getBundleEntityType() ?: $entity_type_id;
      $bundle_entity_id = $entity
        ->getEntityType()
        ->getBundleEntityType() ? $entity
        ->bundle() : NULL;

      // Load TCA settings for entity bundle.
      $tca_bundle_settings = $this->tcaSettingsManager
        ->loadSettingsAsConfig($bundle_entity_type_id, $bundle_entity_id);

      // If the form is about to be attached to an entity,
      // but the bundle isn't allowed to be overridden, exit.
      if (!$tca_bundle_settings
        ->get('active')) {
        return $neutral;
      }

      // Load TCA settings for entity.
      $tca_settings = $this->tcaSettingsManager
        ->loadSettingsAsConfig($entity_type_id, $entity_id);
      $active = $tca_settings
        ->get('active');
      $token = $tca_settings
        ->get('token');
      $public = $tca_settings
        ->get('public');
    }

    // If TCA is not active, exit.
    if (!$active) {
      return $neutral;
    }

    // If an entity has TCA enabled and token doesnt match up, then explicitly
    // deny access.
    if (!$user_token || $token != $user_token) {
      return AccessResult::forbidden()
        ->addCacheableDependency($entity)
        ->addCacheContexts([
        'url.path',
      ]);
    }
    elseif ($public && $token == $user_token) {
      return AccessResult::allowed()
        ->addCacheableDependency($entity)
        ->addCacheContexts([
        'url.path',
      ]);
    }
    return $neutral;
  }

  /**
   * TODO.
   */
  protected function isEntityBundle($entity) {
    return is_subclass_of($entity, 'Drupal\\Core\\Config\\Entity\\ConfigEntityBundleBase');
  }

}

Members

Namesort descending Modifiers Type Description Overrides
TcaAccessCheck::$entityTypeManager protected property Drupal\Core\Entity\EntityTypeManager definition.
TcaAccessCheck::$tcaPluginManager protected property Drupal\tca\Plugin\TcaPluginManager definition.
TcaAccessCheck::$tcaSettingsManager protected property Drupal\tca\TcaSettingsManager definition.
TcaAccessCheck::access public function Checks access to the node add page for the node type.
TcaAccessCheck::isEntityBundle protected function TODO.
TcaAccessCheck::__construct public function Constructor.