You are here

protected function MenuLinkContentAccessControlHandler::checkAccess in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php \Drupal\menu_link_content\MenuLinkContentAccessControlHandler::checkAccess()

Performs access checks.

This method is supposed to be overwritten by extending classes that do their own custom access checking.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The entity operation. Usually one of 'view', 'update' or 'delete'.

\Drupal\Core\Session\AccountInterface $account: The user for which to check access.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

Overrides EntityAccessControlHandler::checkAccess

File

core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php, line 54
Contains \Drupal\menu_link_content\MenuLinkContentAccessControlHandler.

Class

MenuLinkContentAccessControlHandler
Defines the access control handler for the user entity type.

Namespace

Drupal\menu_link_content

Code

protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
  switch ($operation) {
    case 'view':

      // There is no direct viewing of a menu link, but still for purposes of
      // content_translation we need a generic way to check access.
      return AccessResult::allowedIfHasPermission($account, 'administer menu');
    case 'update':
      if (!$account
        ->hasPermission('administer menu')) {
        return AccessResult::neutral()
          ->cachePerPermissions();
      }
      else {

        // If there is a URL, this is an external link so always accessible.
        $access = AccessResult::allowed()
          ->cachePerPermissions()
          ->cacheUntilEntityChanges($entity);

        /** @var \Drupal\menu_link_content\MenuLinkContentInterface $entity */

        // We allow access, but only if the link is accessible as well.
        if (($url_object = $entity
          ->getUrlObject()) && $url_object
          ->isRouted()) {
          $link_access = $this->accessManager
            ->checkNamedRoute($url_object
            ->getRouteName(), $url_object
            ->getRouteParameters(), $account, TRUE);
          $access = $access
            ->andIf($link_access);
        }
        return $access;
      }
    case 'delete':
      return AccessResult::allowedIf(!$entity
        ->isNew() && $account
        ->hasPermission('administer menu'))
        ->cachePerPermissions()
        ->cacheUntilEntityChanges($entity);
  }
}