public function WebformEncryptSubmissionAccessControlHandler::checkAccess in Webform Encrypt 8
Performs access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.
string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
Overrides WebformSubmissionAccessControlHandler::checkAccess
File
- src/
WebformEncryptSubmissionAccessControlHandler.php, line 18
Class
Namespace
Drupal\webform_encryptCode
public function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
// Disallow access to update if the user cannot view encrypted values and
// any of the elements are encrypted.
if ($operation === 'update') {
$config = $entity
->getWebform()
->getThirdPartySetting('webform_encrypt', 'element');
$data = $entity
->getData();
foreach ($data as $element_name => $value) {
if (isset($config[$element_name]['encrypt']) && $config[$element_name]['encrypt'] && $account
->hasPermission('view encrypted values') === FALSE) {
return AccessResult::forbidden();
}
}
}
return parent::checkAccess($entity, $operation, $account);
}