class EntityAccess in Workspace 8.2
Same name and namespace in other branches
- 8 src/EntityAccess.php \Drupal\workspace\EntityAccess
Service wrapper for hooks relating to entity access control.
@internal
Hierarchy
- class \Drupal\workspace\EntityAccess implements ContainerInjectionInterface uses StringTranslationTrait
Expanded class hierarchy of EntityAccess
1 file declares its use of EntityAccess
- workspace.module in ./
workspace.module - Provides full-site preview functionality for content staging.
File
- src/
EntityAccess.php, line 18
Namespace
Drupal\workspaceView source
class EntityAccess implements ContainerInjectionInterface {
use StringTranslationTrait;
/**
* The entity type manager service.
*
* @var \Drupal\Core\Entity\EntityTypeManagerInterface
*/
protected $entityTypeManager;
/**
* The workspace manager service.
*
* @var \Drupal\workspace\WorkspaceManagerInterface
*/
protected $workspaceManager;
/**
* Constructs a new EntityAccess instance.
*
* @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
* The entity type manager service.
* @param \Drupal\workspace\WorkspaceManagerInterface $workspace_manager
* The workspace manager service.
*/
public function __construct(EntityTypeManagerInterface $entity_type_manager, WorkspaceManagerInterface $workspace_manager) {
$this->entityTypeManager = $entity_type_manager;
$this->workspaceManager = $workspace_manager;
}
/**
* {@inheritdoc}
*/
public static function create(ContainerInterface $container) {
return new static($container
->get('entity_type.manager'), $container
->get('workspace.manager'));
}
/**
* Implements a hook bridge for hook_entity_access().
*
* @param \Drupal\Core\Entity\EntityInterface $entity
* The entity to check access for.
* @param string $operation
* The operation being performed.
* @param \Drupal\Core\Session\AccountInterface $account
* The user account making the to check access for.
*
* @return \Drupal\Core\Access\AccessResult
* The result of the access check.
*
* @see hook_entity_access()
*/
public function entityOperationAccess(EntityInterface $entity, $operation, AccountInterface $account) {
// Workspaces themselves are handled by their own access handler and we
// should not try to do any access checks for entity types that can not
// belong to a workspace.
if ($entity
->getEntityTypeId() === 'workspace' || !$this->workspaceManager
->isEntityTypeSupported($entity
->getEntityType())) {
return AccessResult::neutral();
}
return $this
->bypassAccessResult($account);
}
/**
* Implements a hook bridge for hook_entity_create_access().
*
* @param \Drupal\Core\Session\AccountInterface $account
* The user account making the to check access for.
* @param array $context
* The context of the access check.
* @param string $entity_bundle
* The bundle of the entity.
*
* @return \Drupal\Core\Access\AccessResult
* The result of the access check.
*
* @see hook_entity_create_access()
*/
public function entityCreateAccess(AccountInterface $account, array $context, $entity_bundle) {
// Workspaces themselves are handled by their own access handler and we
// should not try to do any access checks for entity types that can not
// belong to a workspace.
$entity_type = $this->entityTypeManager
->getDefinition($context['entity_type_id']);
if ($entity_type
->id() === 'workspace' || !$this->workspaceManager
->isEntityTypeSupported($entity_type)) {
return AccessResult::neutral();
}
return $this
->bypassAccessResult($account);
}
/**
* Checks the 'bypass' permissions.
*
* @param \Drupal\Core\Session\AccountInterface $account
* The user account making the to check access for.
*
* @return \Drupal\Core\Access\AccessResult
* The result of the access check.
*/
protected function bypassAccessResult(AccountInterface $account) {
// This approach assumes that the current "global" active workspace is
// correct, i.e. if you're "in" a given workspace then you get ALL THE PERMS
// to ALL THE THINGS! That's why this is a dangerous permission.
$active_workspace = $this->workspaceManager
->getActiveWorkspace();
return AccessResult::allowedIf($active_workspace
->getOwnerId() == $account
->id())
->cachePerUser()
->addCacheableDependency($active_workspace)
->andIf(AccessResult::allowedIfHasPermission($account, 'bypass entity access own workspace'));
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
EntityAccess:: |
protected | property | The entity type manager service. | |
|
EntityAccess:: |
protected | property | The workspace manager service. | |
|
EntityAccess:: |
protected | function | Checks the 'bypass' permissions. | |
|
EntityAccess:: |
public static | function |
Instantiates a new instance of this class. Overrides ContainerInjectionInterface:: |
|
|
EntityAccess:: |
public | function | Implements a hook bridge for hook_entity_create_access(). | |
|
EntityAccess:: |
public | function | Implements a hook bridge for hook_entity_access(). | |
|
EntityAccess:: |
public | function | Constructs a new EntityAccess instance. | |
|
StringTranslationTrait:: |
protected | property | The string translation service. | 1 |
|
StringTranslationTrait:: |
protected | function | Formats a string containing a count of items. | |
|
StringTranslationTrait:: |
protected | function | Returns the number of plurals supported by a given language. | |
|
StringTranslationTrait:: |
protected | function | Gets the string translation service. | |
|
StringTranslationTrait:: |
public | function | Sets the string translation service to use. | 2 |
|
StringTranslationTrait:: |
protected | function | Translates a string to the current language or to a given language. |