protected function NodeAccessControlHandler::checkAccess in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/modules/node/src/NodeAccessControlHandler.php \Drupal\node\NodeAccessControlHandler::checkAccess()
Performs access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.
string $operation: The entity operation. Usually one of 'view', 'update' or 'delete'.
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
Overrides EntityAccessControlHandler::checkAccess
File
- core/
modules/ node/ src/ NodeAccessControlHandler.php, line 99 - Contains \Drupal\node\NodeAccessControlHandler.
Class
- NodeAccessControlHandler
- Defines the access control handler for the node entity type.
Namespace
Drupal\nodeCode
protected function checkAccess(EntityInterface $node, $operation, AccountInterface $account) {
/** @var \Drupal\node\NodeInterface $node */
// Fetch information from the node object if possible.
$status = $node
->isPublished();
$uid = $node
->getOwnerId();
// Check if authors can view their own unpublished nodes.
if ($operation === 'view' && !$status && $account
->hasPermission('view own unpublished content') && $account
->isAuthenticated() && $account
->id() == $uid) {
return AccessResult::allowed()
->cachePerPermissions()
->cachePerUser()
->cacheUntilEntityChanges($node);
}
// Evaluate node grants.
return $this->grantStorage
->access($node, $operation, $account);
}