You are here

class BlockAccessControlHandler in Zircon Profile 8.0

Same name and namespace in other branches
  1. 8 core/modules/block/src/BlockAccessControlHandler.php \Drupal\block\BlockAccessControlHandler

Defines the access control handler for the block entity type.

Hierarchy

Expanded class hierarchy of BlockAccessControlHandler

See also

\Drupal\block\Entity\Block

File

core/modules/block/src/BlockAccessControlHandler.php, line 31
Contains \Drupal\block\BlockAccessControlHandler.

Namespace

Drupal\block
View source
class BlockAccessControlHandler extends EntityAccessControlHandler implements EntityHandlerInterface {
  use ConditionAccessResolverTrait;

  /**
   * The condition plugin manager.
   *
   * @var \Drupal\Core\Executable\ExecutableManagerInterface
   */
  protected $manager;

  /**
   * The plugin context handler.
   *
   * @var \Drupal\Core\Plugin\Context\ContextHandlerInterface
   */
  protected $contextHandler;

  /**
   * The context manager service.
   *
   * @var \Drupal\Core\Plugin\Context\ContextRepositoryInterface
   */
  protected $contextRepository;

  /**
   * {@inheritdoc}
   */
  public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
    return new static($entity_type, $container
      ->get('plugin.manager.condition'), $container
      ->get('context.handler'), $container
      ->get('context.repository'));
  }

  /**
   * Constructs the block access control handler instance
   *
   * @param \Drupal\Core\Entity\EntityTypeInterface $entity_type
   *   The entity type definition.
   * @param \Drupal\Core\Executable\ExecutableManagerInterface $manager
   *   The ConditionManager for checking visibility of blocks.
   * @param \Drupal\Core\Plugin\Context\ContextHandlerInterface $context_handler
   *   The ContextHandler for applying contexts to conditions properly.
   * @param \Drupal\Core\Plugin\Context\ContextRepositoryInterface $context_repository
   *   The lazy context repository service.
   */
  public function __construct(EntityTypeInterface $entity_type, ExecutableManagerInterface $manager, ContextHandlerInterface $context_handler, ContextRepositoryInterface $context_repository) {
    parent::__construct($entity_type);
    $this->manager = $manager;
    $this->contextHandler = $context_handler;
    $this->contextRepository = $context_repository;
  }

  /**
   * {@inheritdoc}
   */
  protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {

    /** @var \Drupal\block\BlockInterface $entity */
    if ($operation != 'view') {
      return parent::checkAccess($entity, $operation, $account);
    }

    // Don't grant access to disabled blocks.
    if (!$entity
      ->status()) {
      return AccessResult::forbidden()
        ->cacheUntilEntityChanges($entity);
    }
    else {
      $conditions = [];
      $missing_context = FALSE;
      foreach ($entity
        ->getVisibilityConditions() as $condition_id => $condition) {
        if ($condition instanceof ContextAwarePluginInterface) {
          try {
            $contexts = $this->contextRepository
              ->getRuntimeContexts(array_values($condition
              ->getContextMapping()));
            $this->contextHandler
              ->applyContextMapping($condition, $contexts);
          } catch (ContextException $e) {
            $missing_context = TRUE;
          }
        }
        $conditions[$condition_id] = $condition;
      }
      if ($missing_context) {

        // If any context is missing then we might be missing cacheable
        // metadata, and don't know based on what conditions the block is
        // accessible or not. For example, blocks that have a node type
        // condition will have a missing context on any non-node route like the
        // frontpage.
        // @todo Avoid setting max-age 0 for some or all cases, for example by
        //   treating available contexts without value differently in
        //   https://www.drupal.org/node/2521956.
        $access = AccessResult::forbidden()
          ->setCacheMaxAge(0);
      }
      elseif ($this
        ->resolveConditions($conditions, 'and') !== FALSE) {

        // Delegate to the plugin.
        $access = $entity
          ->getPlugin()
          ->access($account, TRUE);
      }
      else {
        $access = AccessResult::forbidden();
      }
      $this
        ->mergeCacheabilityFromConditions($access, $conditions);

      // Ensure that access is evaluated again when the block changes.
      return $access
        ->cacheUntilEntityChanges($entity);
    }
  }

  /**
   * Merges cacheable metadata from conditions onto the access result object.
   *
   * @param \Drupal\Core\Access\AccessResult $access
   *   The access result object.
   * @param \Drupal\Core\Condition\ConditionInterface[] $conditions
   *   List of visibility conditions.
   */
  protected function mergeCacheabilityFromConditions(AccessResult $access, array $conditions) {
    foreach ($conditions as $condition) {
      if ($condition instanceof CacheableDependencyInterface) {
        $access
          ->addCacheTags($condition
          ->getCacheTags());
        $access
          ->addCacheContexts($condition
          ->getCacheContexts());
        $access
          ->setCacheMaxAge(Cache::mergeMaxAges($access
          ->getCacheMaxAge(), $condition
          ->getCacheMaxAge()));
      }
    }
  }

}

Members

Namesort descending Modifiers Type Description Overrides
BlockAccessControlHandler::$contextHandler protected property The plugin context handler.
BlockAccessControlHandler::$contextRepository protected property The context manager service.
BlockAccessControlHandler::$manager protected property The condition plugin manager.
BlockAccessControlHandler::checkAccess protected function Performs access checks. Overrides EntityAccessControlHandler::checkAccess
BlockAccessControlHandler::createInstance public static function Instantiates a new instance of this entity handler. Overrides EntityHandlerInterface::createInstance
BlockAccessControlHandler::mergeCacheabilityFromConditions protected function Merges cacheable metadata from conditions onto the access result object.
BlockAccessControlHandler::__construct public function Constructs the block access control handler instance Overrides EntityAccessControlHandler::__construct
ConditionAccessResolverTrait::resolveConditions protected function Resolves the given conditions based on the condition logic ('and'/'or').
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
EntityAccessControlHandler::$accessCache protected property Stores calculated access check results.
EntityAccessControlHandler::$entityType protected property Information about the entity type.
EntityAccessControlHandler::$entityTypeId protected property The entity type ID of the access control handler instance.
EntityAccessControlHandler::access public function Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface::access 1
EntityAccessControlHandler::checkCreateAccess protected function Performs create access checks. 9
EntityAccessControlHandler::checkFieldAccess protected function Default field access as determined by this access control handler. 3
EntityAccessControlHandler::createAccess public function Checks access to create an entity. Overrides EntityAccessControlHandlerInterface::createAccess 1
EntityAccessControlHandler::fieldAccess public function Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface::fieldAccess
EntityAccessControlHandler::getCache protected function Tries to retrieve a previously cached access value from the static cache.
EntityAccessControlHandler::prepareUser protected function Loads the current account object, if it does not exist yet.
EntityAccessControlHandler::processAccessHookResults protected function We grant access to the entity if both of these conditions are met:
EntityAccessControlHandler::resetCache public function Clears all cached access checks. Overrides EntityAccessControlHandlerInterface::resetCache
EntityAccessControlHandler::setCache protected function Statically caches whether the given user has access.
EntityHandlerBase::$moduleHandler protected property The module handler to invoke hooks on. 3
EntityHandlerBase::moduleHandler protected function Gets the module handler. 3
EntityHandlerBase::setModuleHandler public function Sets the module handler for this handler.
StringTranslationTrait::$stringTranslation protected property The string translation service.
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.