function webform_access_webform_access in Webform 6.x
Same name and namespace in other branches
- 8.5 modules/webform_access/webform_access.module \webform_access_webform_access()
Implements hook_ENTITY_TYPE_access() for webform entities.
File
- modules/
webform_access/ webform_access.module, line 161 - Provides webform access controls for webform nodes.
Code
function webform_access_webform_access(WebformInterface $webform, $operation, AccountInterface $account) {
// Prevent recursion when a webform is being passed as the source entity
// via the URL.
// @see \Drupal\webform\Plugin\WebformSourceEntity\QueryStringWebformSourceEntity::getSourceEntity
if (\Drupal::request()->query
->get('source_entity_type') === 'webform') {
return AccessResult::neutral();
}
/** @var \Drupal\webform\WebformRequestInterface $request_handler */
$request_handler = \Drupal::service('webform.request');
$source_entity = $request_handler
->getCurrentSourceEntity([
'webform_submission',
]);
if (!$source_entity) {
return AccessResult::neutral();
}
/** @var \Drupal\webform_access\WebformAccessGroupStorageInterface $webform_access_group */
$webform_access_group_storage = \Drupal::entityTypeManager()
->getStorage('webform_access_group');
$webform_access_groups = $webform_access_group_storage
->loadByEntities($webform, $source_entity, $account);
if (empty($webform_access_groups)) {
return AccessResult::neutral();
}
$permission = str_replace('submission_', '', $operation);
foreach ($webform_access_groups as $webforn_access_group) {
$permissions = $webforn_access_group
->get('permissions');
if (in_array('administer', $permissions) || in_array($permission, $permissions)) {
return AccessResult::allowed()
->cachePerUser()
->addCacheableDependency($webforn_access_group);
}
}
// No opinion.
return AccessResult::neutral();
}