function webform_access_webform_submission_access in Webform 6.x
Same name and namespace in other branches
- 8.5 modules/webform_access/webform_access.module \webform_access_webform_submission_access()
Implements hook_ENTITY_TYPE_access() for webform_submission entities.
File
- modules/
webform_access/ webform_access.module, line 204 - Provides webform access controls for webform nodes.
Code
function webform_access_webform_submission_access(WebformSubmissionInterface $webform_submission, $operation, AccountInterface $account) {
if (!in_array($operation, [
'view',
'update',
'delete',
])) {
return AccessResult::neutral();
}
$webform = $webform_submission
->getWebform();
$source_entity = $webform_submission
->getSourceEntity([
'webform_submission',
]);
if (!$source_entity) {
return AccessResult::neutral();
}
/** @var \Drupal\webform_access\WebformAccessGroupStorageInterface $webform_access_group */
$webform_access_group_storage = \Drupal::entityTypeManager()
->getStorage('webform_access_group');
$webform_access_groups = $webform_access_group_storage
->loadByEntities($webform, $source_entity, $account);
if (empty($webform_access_groups)) {
return AccessResult::neutral();
}
foreach ($webform_access_groups as $webforn_access_group) {
$permissions = $webforn_access_group
->get('permissions');
if (in_array('administer', $permissions) || in_array($operation . '_any', $permissions) || in_array($operation . '_own', $permissions) && $webform_submission
->getOwnerId() === $account
->id()) {
return AccessResult::allowed()
->cachePerUser()
->addCacheableDependency($webforn_access_group);
}
}
// No opinion.
return AccessResult::neutral();
}