YamlFormEntityAccessControlHandler.php in YAML Form 8
File
src/YamlFormEntityAccessControlHandler.php
View source
<?php
namespace Drupal\yamlform;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Entity\EntityAccessControlHandler;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Session\AccountInterface;
class YamlFormEntityAccessControlHandler extends EntityAccessControlHandler {
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
if ($account
->hasPermission('create yamlform')) {
return AccessResult::allowed()
->cachePerPermissions();
}
else {
return parent::checkCreateAccess($account, $context, $entity_bundle);
}
}
public function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($operation == 'view') {
return AccessResult::allowed();
}
$uid = $entity
->getOwnerId();
$is_owner = $account
->isAuthenticated() && $account
->id() == $uid;
if ($account
->isAuthenticated()) {
switch ($operation) {
case 'update':
if ($account
->hasPermission('edit any yamlform') || $account
->hasPermission('edit own yamlform') && $is_owner) {
return AccessResult::allowed()
->cachePerPermissions()
->cachePerUser()
->addCacheableDependency($entity);
}
break;
case 'duplicate':
if ($entity
->isTemplate() || ($account
->hasPermission('edit any yamlform') || $account
->hasPermission('edit own yamlform') && $is_owner)) {
return AccessResult::allowed()
->cachePerPermissions()
->cachePerUser()
->addCacheableDependency($entity);
}
break;
case 'delete':
if ($account
->hasPermission('delete any yamlform') || $account
->hasPermission('delete own yamlform') && $is_owner) {
return AccessResult::allowed()
->cachePerPermissions()
->cachePerUser()
->addCacheableDependency($entity);
}
break;
}
}
if (strpos($operation, 'submission_') === 0) {
if ($operation == 'submission_view_any' && $account
->hasPermission('view any yamlform submission')) {
return AccessResult::allowed();
}
if ($operation == 'submission_page' && $entity
->isTemplate() && !$entity
->access('create')) {
return AccessResult::forbidden()
->cachePerPermissions()
->cachePerUser()
->addCacheableDependency($entity);
}
if ($this
->checkAccess($entity, 'update', $account)
->isAllowed() || $entity
->checkAccessRules(str_replace('submission_', '', $operation), $account)) {
return AccessResult::allowed()
->cachePerPermissions()
->cachePerUser()
->addCacheableDependency($entity);
}
}
return parent::checkAccess($entity, $operation, $account);
}
}