public function EntityAccess::workspaceAccess in Workspace 8
Hook bridge.
Parameters
\Drupal\multiversion\Entity\WorkspaceInterface $workspace:
string $operation:
\Drupal\Core\Session\AccountInterface $account:
Return value
\Drupal\Core\Access\AccessResult
See also
File
- src/
EntityAccess.php, line 123
Class
- EntityAccess
- Service wrapper for hooks relating to entity access control.
Namespace
Drupal\workspaceCode
public function workspaceAccess(WorkspaceInterface $workspace, $operation, AccountInterface $account) {
$operations = [
'view' => [
'any' => 'view_any_workspace',
'own' => 'view_own_workspace',
],
'update' => [
'any' => 'edit_any_workspace',
'own' => 'edit_own_workspace',
],
'delete' => [
'any' => 'delete_any_workspace',
'own' => 'delete_own_workspace',
],
];
$route = \Drupal::request()->attributes
->get('_route');
// The default workspace is always viewable, no matter what.
$result = AccessResult::allowedIf($operation == 'view' && $workspace
->id() == $this->defaultWorkspaceId)
->orIf(AccessResult::allowedIf($route == 'system.cron'))
->orIf(AccessResult::allowedIf($route == 'system.run_cron'))
->orIf(AccessResult::allowedIf($route == '<none>'))
->orIf(AccessResult::allowedIfHasPermission($account, $operations[$operation]['any']))
->orIf(AccessResult::allowedIf($workspace
->getOwnerId() == $account
->id())
->andIf(AccessResult::allowedIfHasPermission($account, $operations[$operation]['own'])))
->orIf(AccessResult::allowedIfHasPermission($account, $operation . '_workspace_' . $workspace
->id()))
->orIf(AccessResult::forbiddenIf($operation == 'delete' && in_array($workspace
->id(), [
$this->workspaceManager
->getActiveWorkspaceId(),
$this->defaultWorkspaceId,
])));
return $result;
}