class WebformSubmissionAccessControlHandler in Webform 6.x
Same name and namespace in other branches
- 8.5 src/WebformSubmissionAccessControlHandler.php \Drupal\webform\WebformSubmissionAccessControlHandler
Defines the access control handler for the webform submission entity type.
Hierarchy
- class \Drupal\Core\Entity\EntityHandlerBase uses DependencySerializationTrait, StringTranslationTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
- class \Drupal\webform\WebformSubmissionAccessControlHandler implements EntityHandlerInterface
- class \Drupal\Core\Entity\EntityAccessControlHandler implements EntityAccessControlHandlerInterface
Expanded class hierarchy of WebformSubmissionAccessControlHandler
See also
\Drupal\webform\Entity\WebformSubmission.
File
- src/
WebformSubmissionAccessControlHandler.php, line 18
Namespace
Drupal\webformView source
class WebformSubmissionAccessControlHandler extends EntityAccessControlHandler implements EntityHandlerInterface {
/**
* Webform access rules manager service.
*
* @var \Drupal\webform\WebformAccessRulesManagerInterface
*/
protected $accessRulesManager;
/**
* The current request.
*
* @var \Symfony\Component\HttpFoundation\Request
*/
protected $request;
/**
* {@inheritdoc}
*/
public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
$instance = new static($entity_type);
$instance->accessRulesManager = $container
->get('webform.access_rules_manager');
$instance->request = $container
->get('request_stack')
->getCurrentRequest();
return $instance;
}
/**
* {@inheritdoc}
*/
public function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\webform\WebformSubmissionInterface $entity */
// Check 'administer webform' permission.
if ($account
->hasPermission('administer webform')) {
return WebformAccessResult::allowed();
}
// Check 'administer webform submission' permission.
if ($account
->hasPermission('administer webform submission')) {
return WebformAccessResult::allowed();
}
// Check webform 'update' permission.
if ($entity
->getWebform()
->access('update', $account)) {
return WebformAccessResult::allowed($entity, TRUE);
}
// Check view and delete operations token access.
if (($operation === 'view' || $operation === 'delete') && $entity
->getWebform()
->getSetting('token_' . $operation)) {
$token = $this->request->query
->get('token');
if ($token === $entity
->getToken()) {
return WebformAccessResult::allowed($entity)
->addCacheContexts([
'url.query_args:token',
]);
}
}
// Check 'any' or 'own' webform submission permissions.
$operations = [
'view' => 'view',
'update' => 'edit',
'delete' => 'delete',
];
if (isset($operations[$operation])) {
$action = $operations[$operation];
// Check operation any.
if ($account
->hasPermission("{$action} any webform submission")) {
return WebformAccessResult::allowed();
}
// Check operation own.
if ($account
->hasPermission("{$action} own webform submission") && $entity
->isOwner($account)) {
return WebformAccessResult::allowed($entity, TRUE);
}
}
// Check other operations.
switch ($operation) {
case 'duplicate':
// Check for 'create' or 'update' access.
return WebformAccessResult::allowedIf($entity
->access('create', $account) || $entity
->access('update', $account));
case 'resend':
// Check for 'update any submission' access.
return WebformAccessResult::allowedIf($entity
->getWebform()
->access('submission_update_any', $account));
}
// Check webform access rules.
$webform_access = $this->accessRulesManager
->checkWebformSubmissionAccess($operation, $account, $entity);
if ($webform_access
->isAllowed()) {
return $webform_access;
}
return parent::checkAccess($entity, $operation, $account);
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
DependencySerializationTrait:: |
protected | property | ||
DependencySerializationTrait:: |
protected | property | ||
DependencySerializationTrait:: |
public | function | 2 | |
DependencySerializationTrait:: |
public | function | 2 | |
EntityAccessControlHandler:: |
protected | property | Stores calculated access check results. | |
EntityAccessControlHandler:: |
protected | property | Information about the entity type. | |
EntityAccessControlHandler:: |
protected | property | The entity type ID of the access control handler instance. | |
EntityAccessControlHandler:: |
protected | property | Allows to grant access to just the labels. | 5 |
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface:: |
1 |
EntityAccessControlHandler:: |
protected | function | Performs create access checks. | 14 |
EntityAccessControlHandler:: |
protected | function | Default field access as determined by this access control handler. | 4 |
EntityAccessControlHandler:: |
public | function |
Checks access to create an entity. Overrides EntityAccessControlHandlerInterface:: |
1 |
EntityAccessControlHandler:: |
public | function |
Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface:: |
|
EntityAccessControlHandler:: |
protected | function | Tries to retrieve a previously cached access value from the static cache. | |
EntityAccessControlHandler:: |
protected | function | Loads the current account object, if it does not exist yet. | |
EntityAccessControlHandler:: |
protected | function | We grant access to the entity if both of these conditions are met: | |
EntityAccessControlHandler:: |
public | function |
Clears all cached access checks. Overrides EntityAccessControlHandlerInterface:: |
|
EntityAccessControlHandler:: |
protected | function | Statically caches whether the given user has access. | |
EntityAccessControlHandler:: |
public | function | Constructs an access control handler instance. | 6 |
EntityHandlerBase:: |
protected | property | The module handler to invoke hooks on. | 5 |
EntityHandlerBase:: |
protected | function | Gets the module handler. | 5 |
EntityHandlerBase:: |
public | function | Sets the module handler for this handler. | |
StringTranslationTrait:: |
protected | property | The string translation service. | 4 |
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. | |
WebformSubmissionAccessControlHandler:: |
protected | property | Webform access rules manager service. | |
WebformSubmissionAccessControlHandler:: |
protected | property | The current request. | |
WebformSubmissionAccessControlHandler:: |
public | function |
Performs access checks. Overrides EntityAccessControlHandler:: |
|
WebformSubmissionAccessControlHandler:: |
public static | function |
Instantiates a new instance of this entity handler. Overrides EntityHandlerInterface:: |