public function NodeRevisionAccessCheck::checkAccess in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/modules/node/src/Access/NodeRevisionAccessCheck.php \Drupal\node\Access\NodeRevisionAccessCheck::checkAccess()
Checks node revision access.
Parameters
\Drupal\node\NodeInterface $node: The node to check.
\Drupal\Core\Session\AccountInterface $account: A user object representing the user for whom the operation is to be performed.
string $op: (optional) The specific operation being checked. Defaults to 'view.'
Return value
bool TRUE if the operation may be performed, FALSE otherwise.
File
- core/
modules/ node/ src/ Access/ NodeRevisionAccessCheck.php, line 97 - Contains \Drupal\node\Access\NodeRevisionAccessCheck.
Class
- NodeRevisionAccessCheck
- Provides an access checker for node revisions.
Namespace
Drupal\node\AccessCode
public function checkAccess(NodeInterface $node, AccountInterface $account, $op = 'view') {
$map = array(
'view' => 'view all revisions',
'update' => 'revert all revisions',
'delete' => 'delete all revisions',
);
$bundle = $node
->bundle();
$type_map = array(
'view' => "view {$bundle} revisions",
'update' => "revert {$bundle} revisions",
'delete' => "delete {$bundle} revisions",
);
if (!$node || !isset($map[$op]) || !isset($type_map[$op])) {
// If there was no node to check against, or the $op was not one of the
// supported ones, we return access denied.
return FALSE;
}
// Statically cache access by revision ID, language code, user account ID,
// and operation.
$langcode = $node
->language()
->getId();
$cid = $node
->getRevisionId() . ':' . $langcode . ':' . $account
->id() . ':' . $op;
if (!isset($this->access[$cid])) {
// Perform basic permission checks first.
if (!$account
->hasPermission($map[$op]) && !$account
->hasPermission($type_map[$op]) && !$account
->hasPermission('administer nodes')) {
$this->access[$cid] = FALSE;
return FALSE;
}
// There should be at least two revisions. If the vid of the given node
// and the vid of the default revision differ, then we already have two
// different revisions so there is no need for a separate database check.
// Also, if you try to revert to or delete the default revision, that's
// not good.
if ($node
->isDefaultRevision() && ($this->nodeStorage
->countDefaultLanguageRevisions($node) == 1 || $op == 'update' || $op == 'delete')) {
$this->access[$cid] = FALSE;
}
elseif ($account
->hasPermission('administer nodes')) {
$this->access[$cid] = TRUE;
}
else {
// First check the access to the default revision and finally, if the
// node passed in is not the default revision then access to that, too.
$this->access[$cid] = $this->nodeAccess
->access($this->nodeStorage
->load($node
->id()), $op, $account) && ($node
->isDefaultRevision() || $this->nodeAccess
->access($node, $op, $account));
}
}
return $this->access[$cid];
}