public static function WebformNodeAccess::checkAccess in Webform 6.x
Same name and namespace in other branches
- 8.5 modules/webform_node/src/Access/WebformNodeAccess.php \Drupal\webform_node\Access\WebformNodeAccess::checkAccess()
Check whether the user can access a node's webform and/or submission.
Parameters
string $operation: Operation being performed.
string $entity_access: Entity access rule that needs to be checked.
\Drupal\node\NodeInterface $node: A node.
\Drupal\webform\WebformSubmissionInterface $webform_submission: A webform submission.
\Drupal\Core\Session\AccountInterface $account: Run access checks for this account.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
5 calls to WebformNodeAccess::checkAccess()
- WebformNodeAccess::checkWebformAccess in modules/
webform_node/ src/ Access/ WebformNodeAccess.php - Check whether the user can access a node's webform.
- WebformNodeAccess::checkWebformDraftsAccess in modules/
webform_node/ src/ Access/ WebformNodeAccess.php - Check whether the user can access a node's webform drafts.
- WebformNodeAccess::checkWebformResultsAccess in modules/
webform_node/ src/ Access/ WebformNodeAccess.php - Check whether the user can access a node's webform results.
- WebformNodeAccess::checkWebformSubmissionAccess in modules/
webform_node/ src/ Access/ WebformNodeAccess.php - Check whether the user can access a node's webform submission.
- WebformShareAccess::checkNodeAccess in modules/
webform_share/ src/ Access/ WebformShareAccess.php - Check whether the webform node can be shared.
File
- modules/
webform_node/ src/ Access/ WebformNodeAccess.php, line 180
Class
- WebformNodeAccess
- Defines the custom access control handler for the webform node.
Namespace
Drupal\webform_node\AccessCode
public static function checkAccess($operation, $entity_access, NodeInterface $node, WebformSubmissionInterface $webform_submission = NULL, AccountInterface $account = NULL) {
/** @var \Drupal\webform\WebformEntityReferenceManagerInterface $entity_reference_manager */
$entity_reference_manager = \Drupal::service('webform.entity_reference_manager');
$webform = $entity_reference_manager
->getWebform($node);
// Check that the node has a valid webform reference.
if (!$webform) {
return AccessResult::forbidden();
}
// Check that the webform submission was created via the webform node.
if ($webform_submission) {
$source_node = $webform_submission
->getSourceEntity();
if (!$source_node || $source_node
->id() !== $node
->id()) {
return AccessResult::forbidden();
}
}
// Determine if this is a group node.
$is_group_node = \Drupal::moduleHandler()
->moduleExists('webform_group') && \Drupal::entityTypeManager()
->getStorage('group_content')
->loadByEntity($node);
// Check the node operation.
if (!$operation) {
$result = AccessResult::neutral();
}
elseif ($is_group_node && strpos($operation, 'webform_submission_') === 0) {
// For group nodes, we need to bypass node access checking for
// 'webform_submission_*' operations which trigger access forbidden.
// @see group_entity_access()
// @see https://www.drupal.org/project/webform/issues/3132204
// @todo Add Webform node group permission provider w/ submission perms.
$result = webform_node_node_access($node, $operation, $account);
}
else {
$result = $node
->access($operation, $account, TRUE);
}
// Check entity access.
if ($entity_access) {
// Check entity access for the webform.
if (strpos($entity_access, 'webform.') === 0) {
$result = $result
->orIf($webform
->access(str_replace('webform.', '', $entity_access), $account, TRUE));
}
// Check entity access for the webform submission.
if (strpos($entity_access, 'webform_submission.') === 0) {
$result = $result
->orIf($webform_submission
->access(str_replace('webform_submission.', '', $entity_access), $account, TRUE));
}
}
return $result;
}