protected function WeatherAccessControlHandler::commonAccessCheck in Weather 8
Same name and namespace in other branches
- 2.0.x src/WeatherAccessControlHandler.php \Drupal\weather\WeatherAccessControlHandler::commonAccessCheck()
For all weather entities we do the same access check.
Parameters
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
Return value
\Drupal\Core\Access\AccessResult|\Drupal\Core\Access\AccessResultAllowed|\Drupal\Core\Access\AccessResultNeutral Access result,
2 calls to WeatherAccessControlHandler::commonAccessCheck()
- WeatherAccessControlHandler::checkAccess in src/
WeatherAccessControlHandler.php - Performs access checks.
- WeatherAccessControlHandler::checkCreateAccess in src/
WeatherAccessControlHandler.php - Performs create access checks.
File
- src/
WeatherAccessControlHandler.php, line 40
Class
- WeatherAccessControlHandler
- Access controller for weather entities.
Namespace
Drupal\weatherCode
protected function commonAccessCheck(AccountInterface $account, EntityInterface $entity = NULL) {
// Allow everything for administrators.
if ($account
->hasPermission('administer site configuration')) {
return AccessResult::allowed();
}
// If user can administer own weather block - allow only some entities.
$entityTypesAllowed = [
'weather_display',
'weather_display_place',
];
if ($account
->hasPermission('administer custom weather block') && in_array($this->entityTypeId, $entityTypesAllowed)) {
// In case we updating entity.
if ($entity instanceof EntityInterface) {
$typeFieldName = $this->entityTypeId == 'weather_display' ? 'type' : 'display_type';
$ownerFieldName = $this->entityTypeId == 'weather_display' ? 'number' : 'display_number';
$type = $entity->{$typeFieldName}->value;
$owner = $entity->{$ownerFieldName}->value;
return AccessResult::allowedIf($type == WeatherDisplayInterface::USER_TYPE && $owner == $account
->id());
}
return AccessResult::allowed();
}
return AccessResult::neutral();
}