You are here

Home » API reference » User Revision 8 » UserRevisionAccessCheck.php » UserRevisionAccessCheck

public function UserRevisionAccessCheck::checkAccess in User Revision 8

Checks user revision access.

Parameters

\Drupal\node\NodeInterface $node: The node to check.

\Drupal\Core\Session\AccountInterface $account: A user object representing the user for whom the operation is to be performed.

string $op: (optional) The specific operation being checked. Defaults to 'view.'

Return value

bool TRUE if the operation may be performed, FALSE otherwise.

1 call to UserRevisionAccessCheck::checkAccess()
UserRevisionAccessCheck::access in src/Access/UserRevisionAccessCheck.php
Checks routing access for the user revision.

File

src/Access/UserRevisionAccessCheck.php, line 91

Class

UserRevisionAccessCheck
Provides an access checker for user revisions.

Namespace

Drupal\user_revision\Access

Code

public function checkAccess(UserInterface $user, AccountInterface $account, $op = 'view') {
  $map = array(
    'view' => 'view all user revisions',
    'update' => 'revert all user revisions',
    'delete' => 'delete all user revisions',
  );
  $own_map = array(
    'view' => 'view own user revisions',
    'update' => 'revert own user revisions',
    'delete' => 'delete own user revisions',
  );
  if (!$user || !isset($map[$op]) || !isset($own_map[$op])) {

    // If there was no user to check against, or the $op was not one of the
    // supported ones, we return access denied.
    return FALSE;
  }

  // Perform basic permission checks first.
  if (!$account
    ->hasPermission($map[$op]) && !($account
    ->id() == $user
    ->id() && $account
    ->hasPermission($own_map[$op]))) {
    return FALSE;
  }

  // Check minimal revisions count
  if (user_revision_count($user) < 2) {
    return FALSE;
  }

  // There should be at least two revisions. If the vid of the given node
  // and the vid of the default revision differ, then we already have two
  // different revisions so there is no need for a separate database check.
  // Also, if you try to revert to or delete the default revision, that's
  // not good.
  if ($user
    ->isDefaultRevision() && ($op == 'update' || $op == 'delete')) {
    return FALSE;
  }
  return $user
    ->access($op, $account);
}