protected function CommentAccessControlHandler::checkAccess in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/modules/comment/src/CommentAccessControlHandler.php \Drupal\comment\CommentAccessControlHandler::checkAccess()
Performs access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.
string $operation: The entity operation. Usually one of 'view', 'update' or 'delete'.
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
Overrides EntityAccessControlHandler::checkAccess
File
- core/
modules/ comment/ src/ CommentAccessControlHandler.php, line 27 - Contains \Drupal\comment\CommentAccessControlHandler.
Class
- CommentAccessControlHandler
- Defines the access control handler for the comment entity type.
Namespace
Drupal\commentCode
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\comment\CommentInterface|\Drupal\user\EntityOwnerInterface $entity */
$comment_admin = $account
->hasPermission('administer comments');
if ($operation == 'approve') {
return AccessResult::allowedIf($comment_admin && !$entity
->isPublished())
->cachePerPermissions()
->cacheUntilEntityChanges($entity);
}
if ($comment_admin) {
$access = AccessResult::allowed()
->cachePerPermissions();
return $operation != 'view' ? $access : $access
->andIf($entity
->getCommentedEntity()
->access($operation, $account, TRUE));
}
switch ($operation) {
case 'view':
return AccessResult::allowedIf($account
->hasPermission('access comments') && $entity
->isPublished())
->cachePerPermissions()
->cacheUntilEntityChanges($entity)
->andIf($entity
->getCommentedEntity()
->access($operation, $account, TRUE));
case 'update':
return AccessResult::allowedIf($account
->id() && $account
->id() == $entity
->getOwnerId() && $entity
->isPublished() && $account
->hasPermission('edit own comments'))
->cachePerPermissions()
->cachePerUser()
->cacheUntilEntityChanges($entity);
default:
// No opinion.
return AccessResult::neutral()
->cachePerPermissions();
}
}