You are here

protected function WeatherAccessControlHandler::commonAccessCheck in Weather 8

Same name and namespace in other branches
  1. 2.0.x src/WeatherAccessControlHandler.php \Drupal\weather\WeatherAccessControlHandler::commonAccessCheck()

For all weather entities we do the same access check.

Parameters

\Drupal\Core\Session\AccountInterface $account: The user for which to check access.

Return value

\Drupal\Core\Access\AccessResult|\Drupal\Core\Access\AccessResultAllowed|\Drupal\Core\Access\AccessResultNeutral Access result,

2 calls to WeatherAccessControlHandler::commonAccessCheck()
WeatherAccessControlHandler::checkAccess in src/WeatherAccessControlHandler.php
Performs access checks.
WeatherAccessControlHandler::checkCreateAccess in src/WeatherAccessControlHandler.php
Performs create access checks.

File

src/WeatherAccessControlHandler.php, line 40

Class

WeatherAccessControlHandler
Access controller for weather entities.

Namespace

Drupal\weather

Code

protected function commonAccessCheck(AccountInterface $account, EntityInterface $entity = NULL) {

  // Allow everything for administrators.
  if ($account
    ->hasPermission('administer site configuration')) {
    return AccessResult::allowed();
  }

  // If user can administer own weather block - allow only some entities.
  $entityTypesAllowed = [
    'weather_display',
    'weather_display_place',
  ];
  if ($account
    ->hasPermission('administer custom weather block') && in_array($this->entityTypeId, $entityTypesAllowed)) {

    // In case we updating entity.
    if ($entity instanceof EntityInterface) {
      $typeFieldName = $this->entityTypeId == 'weather_display' ? 'type' : 'display_type';
      $ownerFieldName = $this->entityTypeId == 'weather_display' ? 'number' : 'display_number';
      $type = $entity->{$typeFieldName}->value;
      $owner = $entity->{$ownerFieldName}->value;
      return AccessResult::allowedIf($type == WeatherDisplayInterface::USER_TYPE && $owner == $account
        ->id());
    }
    return AccessResult::allowed();
  }
  return AccessResult::neutral();
}