You are here

public function EntityAccessCheck::access in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/lib/Drupal/Core/Entity/EntityAccessCheck.php \Drupal\Core\Entity\EntityAccessCheck::access()

Checks access to the entity operation on the given route.

The value of the '_entity_access' key must be in the pattern 'entity_type.operation.' The entity type must match the {entity_type} parameter in the route pattern. This will check a node for 'update' access:


pattern: '/foo/{node}/bar'
requirements:
  _entity_access: 'node.update'

Available operations are 'view', 'update', 'create', and 'delete'.

Parameters

\Symfony\Component\Routing\Route $route: The route to check against.

\Drupal\Core\Routing\RouteMatchInterface $route_match: The parametrized route

\Drupal\Core\Session\AccountInterface $account: The currently logged in account.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

File

core/lib/Drupal/Core/Entity/EntityAccessCheck.php, line 44
Contains \Drupal\Core\Entity\EntityAccessCheck.

Class

EntityAccessCheck
Provides a generic access checker for entities.

Namespace

Drupal\Core\Entity

Code

public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account) {

  // Split the entity type and the operation.
  $requirement = $route
    ->getRequirement('_entity_access');
  list($entity_type, $operation) = explode('.', $requirement);

  // If there is valid entity of the given entity type, check its access.
  $parameters = $route_match
    ->getParameters();
  if ($parameters
    ->has($entity_type)) {
    $entity = $parameters
      ->get($entity_type);
    if ($entity instanceof EntityInterface) {
      return $entity
        ->access($operation, $account, TRUE);
    }
  }

  // No opinion, so other access checks should decide if access should be
  // allowed or not.
  return AccessResult::neutral();
}