function webform_node_node_access in Webform 6.x
Same name and namespace in other branches
- 8.5 modules/webform_node/webform_node.module \webform_node_node_access()
Implements hook_node_access().
1 call to webform_node_node_access()
- WebformNodeAccess::checkAccess in modules/
webform_node/ src/ Access/ WebformNodeAccess.php - Check whether the user can access a node's webform and/or submission.
File
- modules/
webform_node/ webform_node.module, line 51 - Provides a webform content type which allows webforms to be integrated into a website as nodes.
Code
function webform_node_node_access(NodeInterface $node, $operation, AccountInterface $account) {
if (strpos($operation, 'webform_submission_') !== 0) {
return AccessResult::neutral();
}
else {
/** @var \Drupal\webform\WebformEntityReferenceManagerInterface $entity_reference_manager */
$entity_reference_manager = \Drupal::service('webform.entity_reference_manager');
// Check that the node has a webform field that has been populated.
$webform = $entity_reference_manager
->getWebform($node);
if (!$webform) {
return AccessResult::forbidden();
}
// Check administer webform submissions.
if ($account
->hasPermission('administer webform submission')) {
return AccessResult::allowed();
}
// Change access to ANY submission.
$operation = str_replace('webform_submission_', '', $operation);
$any_permission = "{$operation} webform submissions any node";
if ($account
->hasPermission($any_permission)) {
return AccessResult::allowed();
}
// Change access to submission associated with the node's webform.
$own_permission = "{$operation} webform submissions own node";
if ($account
->hasPermission($own_permission) && $node
->getOwnerId() === $account
->id()) {
return AccessResult::allowed();
}
return AccessResult::neutral();
}
}