class AccessManager in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/lib/Drupal/Core/Access/AccessManager.php \Drupal\Core\Access\AccessManager
Attaches access check services to routes and runs them on request.
Hierarchy
- class \Drupal\Core\Access\AccessManager implements AccessManagerInterface
Expanded class hierarchy of AccessManager
See also
\Drupal\Tests\Core\Access\AccessManagerTest
1 file declares its use of AccessManager
- AccessManagerTest.php in core/
tests/ Drupal/ Tests/ Core/ Access/ AccessManagerTest.php - Contains \Drupal\Tests\Core\Access\AccessManagerTest.
1 string reference to 'AccessManager'
- core.services.yml in core/
core.services.yml - core/core.services.yml
1 service uses AccessManager
File
- core/
lib/ Drupal/ Core/ Access/ AccessManager.php, line 26 - Contains \Drupal\Core\Access\AccessManager.
Namespace
Drupal\Core\AccessView source
class AccessManager implements AccessManagerInterface {
/**
* The route provider.
*
* @var \Drupal\Core\Routing\RouteProviderInterface
*/
protected $routeProvider;
/**
* The paramconverter manager.
*
* @var \Drupal\Core\ParamConverter\ParamConverterManagerInterface
*/
protected $paramConverterManager;
/**
* The access arguments resolver.
*
* @var \Drupal\Core\Access\AccessArgumentsResolverFactoryInterface
*/
protected $argumentsResolverFactory;
/**
* The current user.
*
* @var \Drupal\Core\Session\AccountInterface
*/
protected $currentUser;
/**
* The check provider.
*
* @var \Drupal\Core\Access\CheckProviderInterface
*/
protected $checkProvider;
/**
* Constructs a AccessManager instance.
*
* @param \Drupal\Core\Routing\RouteProviderInterface $route_provider
* The route provider.
* @param \Drupal\Core\ParamConverter\ParamConverterManagerInterface $paramconverter_manager
* The param converter manager.
* @param \Drupal\Core\Access\AccessArgumentsResolverFactoryInterface $arguments_resolver_factory
* The access arguments resolver.
* @param \Drupal\Core\Session\AccountInterface $current_user
* The current user.
* @param CheckProviderInterface $check_provider
*/
public function __construct(RouteProviderInterface $route_provider, ParamConverterManagerInterface $paramconverter_manager, AccessArgumentsResolverFactoryInterface $arguments_resolver_factory, AccountInterface $current_user, CheckProviderInterface $check_provider) {
$this->routeProvider = $route_provider;
$this->paramConverterManager = $paramconverter_manager;
$this->argumentsResolverFactory = $arguments_resolver_factory;
$this->currentUser = $current_user;
$this->checkProvider = $check_provider;
}
/**
* {@inheritdoc}
*/
public function checkNamedRoute($route_name, array $parameters = array(), AccountInterface $account = NULL, $return_as_object = FALSE) {
try {
$route = $this->routeProvider
->getRouteByName($route_name, $parameters);
// ParamConverterManager relies on the route name and object being
// available from the parameters array.
$parameters[RouteObjectInterface::ROUTE_NAME] = $route_name;
$parameters[RouteObjectInterface::ROUTE_OBJECT] = $route;
$upcasted_parameters = $this->paramConverterManager
->convert($parameters + $route
->getDefaults());
$route_match = new RouteMatch($route_name, $route, $upcasted_parameters, $parameters);
return $this
->check($route_match, $account, NULL, $return_as_object);
} catch (RouteNotFoundException $e) {
// Cacheable until extensions change.
$result = AccessResult::forbidden()
->addCacheTags([
'config:core.extension',
]);
return $return_as_object ? $result : $result
->isAllowed();
} catch (ParamNotConvertedException $e) {
// Uncacheable because conversion of the parameter may not have been
// possible due to dynamic circumstances.
$result = AccessResult::forbidden()
->setCacheMaxAge(0);
return $return_as_object ? $result : $result
->isAllowed();
}
}
/**
* {@inheritdoc}
*/
public function checkRequest(Request $request, AccountInterface $account = NULL, $return_as_object = FALSE) {
$route_match = RouteMatch::createFromRequest($request);
return $this
->check($route_match, $account, $request, $return_as_object);
}
/**
* {@inheritdoc}
*/
public function check(RouteMatchInterface $route_match, AccountInterface $account = NULL, Request $request = NULL, $return_as_object = FALSE) {
if (!isset($account)) {
$account = $this->currentUser;
}
$route = $route_match
->getRouteObject();
$checks = $route
->getOption('_access_checks') ?: array();
// Filter out checks which require the incoming request.
if (!isset($request)) {
$checks = array_diff($checks, $this->checkProvider
->getChecksNeedRequest());
}
$result = AccessResult::neutral();
if (!empty($checks)) {
$arguments_resolver = $this->argumentsResolverFactory
->getArgumentsResolver($route_match, $account, $request);
if (!$checks) {
return AccessResult::neutral();
}
$result = AccessResult::allowed();
foreach ($checks as $service_id) {
$result = $result
->andIf($this
->performCheck($service_id, $arguments_resolver));
}
}
return $return_as_object ? $result : $result
->isAllowed();
}
/**
* Performs the specified access check.
*
* @param string $service_id
* The access check service ID to use.
* @param \Drupal\Component\Utility\ArgumentsResolverInterface $arguments_resolver
* The parametrized arguments resolver instance.
*
* @return \Drupal\Core\Access\AccessResultInterface
* The access result.
*
* @throws \Drupal\Core\Access\AccessException
* Thrown when the access check returns an invalid value.
*/
protected function performCheck($service_id, ArgumentsResolverInterface $arguments_resolver) {
$callable = $this->checkProvider
->loadCheck($service_id);
$arguments = $arguments_resolver
->getArguments($callable);
/** @var \Drupal\Core\Access\AccessResultInterface $service_access **/
$service_access = call_user_func_array($callable, $arguments);
if (!$service_access instanceof AccessResultInterface) {
throw new AccessException("Access error in {$service_id}. Access services must return an object that implements AccessResultInterface.");
}
return $service_access;
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
AccessManager:: |
protected | property | The access arguments resolver. | |
AccessManager:: |
protected | property | The check provider. | |
AccessManager:: |
protected | property | The current user. | |
AccessManager:: |
protected | property | The paramconverter manager. | |
AccessManager:: |
protected | property | The route provider. | |
AccessManager:: |
public | function |
Checks a route against applicable access check services. Overrides AccessManagerInterface:: |
|
AccessManager:: |
public | function |
Checks a named route with parameters against applicable access check services. Overrides AccessManagerInterface:: |
|
AccessManager:: |
public | function |
Execute access checks against the incoming request. Overrides AccessManagerInterface:: |
|
AccessManager:: |
protected | function | Performs the specified access check. | |
AccessManager:: |
public | function | Constructs a AccessManager instance. |