You are here

public function TcaAccessCheck::access in Token Content Access 2.0.x

Same name and namespace in other branches
  1. 8 src/Access/TcaAccessCheck.php \Drupal\tca\Access\TcaAccessCheck::access()

Checks access to the node add page for the node type.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity.

string $user_token: The TCA token.

\Drupal\Core\Session\AccountInterface $account: The account.

Return value

\Drupal\Core\Access\AccessResult A \Drupal\Core\Access\AccessInterface value.

File

src/Access/TcaAccessCheck.php, line 65

Class

TcaAccessCheck
Token Content Access access check.

Namespace

Drupal\tca\Access

Code

public function access(EntityInterface $entity, $user_token, AccountInterface $account = NULL) {
  $neutral = AccessResult::neutral()
    ->addCacheableDependency($entity)
    ->addCacheContexts([
    'url.path',
  ]);
  $entity_type_id = $entity
    ->getEntityTypeId();
  $entity_id = $entity
    ->id();
  $affected_types = $this->tcaPluginManager
    ->loadSupportedEntityTypes();
  $affected_bundle_types = $this->tcaPluginManager
    ->loadSupportedBundleEntityTypes();
  if (!$account) {
    $account = \Drupal::currentUser();
  }
  $bypass_permitted = $account
    ->hasPermission('tca bypass ' . $entity_type_id);

  // If user has bypass permission or entity is not alowed for TCA, exit.
  if ($bypass_permitted || !in_array($entity_type_id, $affected_types) && !in_array($entity_type_id, $affected_bundle_types)) {
    return $neutral;
  }
  $entity_type = $this->entityTypeManager
    ->getStorage($entity_type_id)
    ->getEntityType();

  // TRUE if an entity such as node_type.
  $is_entity_bundle = $this
    ->isEntityBundle($entity);
  $bundle = $entity
    ->bundle();
  $tca_bundle_settings = NULL;
  $tca_settings = NULL;
  $active = NULL;
  $token = NULL;

  // TCA for entity bundles such as node_type.
  if ($is_entity_bundle) {

    // Load TCA settings for entity.
    $tca_settings = $this->tcaSettingsManager
      ->loadSettingsAsConfig($entity_type_id, $entity_id);
    $active = $tca_settings
      ->get('active');
    $token = $tca_settings
      ->get('token');
    $public = $tca_settings
      ->get('public');
  }
  else {
    $bundle_entity_type_id = $entity_type
      ->getBundleEntityType() ?: $entity_type_id;
    $bundle_entity_id = $entity
      ->getEntityType()
      ->getBundleEntityType() ? $entity
      ->bundle() : NULL;

    // Load TCA settings for entity bundle.
    $tca_bundle_settings = $this->tcaSettingsManager
      ->loadSettingsAsConfig($bundle_entity_type_id, $bundle_entity_id);

    // If the form is about to be attached to an entity,
    // but the bundle isn't allowed to be overridden, exit.
    if (!$tca_bundle_settings
      ->get('active')) {
      return $neutral;
    }

    // Load TCA settings for entity.
    $tca_settings = $this->tcaSettingsManager
      ->loadSettingsAsConfig($entity_type_id, $entity_id);
    $active = $tca_settings
      ->get('active');
    $token = $tca_settings
      ->get('token');
    $public = $tca_settings
      ->get('public');
  }

  // If TCA is not active, exit.
  if (!$active) {
    return $neutral;
  }

  // If an entity has TCA enabled and token doesnt match up, then explicitly
  // deny access.
  if (!$user_token || $token != $user_token) {
    return AccessResult::forbidden()
      ->addCacheableDependency($entity)
      ->addCacheContexts([
      'url.path',
    ]);
  }
  elseif ($public && $token == $user_token) {
    return AccessResult::allowed()
      ->addCacheableDependency($entity)
      ->addCacheContexts([
      'url.path',
    ]);
  }
  return $neutral;
}