EntityAccessControlHandler::access

public EntityAccessControlHandler::access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE)

Checks access to an operation on a given entity or entity translation.

Use \Drupal\Core\Entity\EntityAccessControlHandlerInterface::createAccess() to check access to create an entity.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The operation access should be checked for. Usually one of "view", "view label", "update" or "delete".

\Drupal\Core\Session\AccountInterface $account: (optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.

bool $return_as_object: (optional) Defaults to FALSE.

Return value

bool|\Drupal\Core\Access\AccessResultInterface The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".

Overrides EntityAccessControlHandlerInterface::access

File

core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php, line 61

Class

EntityAccessControlHandler: Defines a default implementation for entity access control handler.

Namespace

Drupal\Core\Entity

Code

public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE) {
  $account = $this->prepareUser($account);
  $langcode = $entity->language()->getId();

  if ($operation === 'view label' && $this->viewLabelOperation == FALSE) {
    $operation = 'view';
  }

  if (($return = $this->getCache($entity->uuid(), $operation, $langcode, $account)) !== NULL) {
    // Cache hit, no work necessary.
    return $return_as_object ? $return : $return->isAllowed();
  }

  // Invoke hook_entity_access() and hook_ENTITY_TYPE_access(). Hook results
  // take precedence over overridden implementations of
  // EntityAccessControlHandler::checkAccess(). Entities that have checks that
  // need to be done before the hook is invoked should do so by overriding
  // this method.

  // We grant access to the entity if both of these conditions are met:
  // - No modules say to deny access.
  // - At least one module says to grant access.
  $access = array_merge(
  $this->moduleHandler()->invokeAll('entity_access', [$entity, $operation, $account]), 
  $this->moduleHandler()->invokeAll($entity->getEntityTypeId() . '_access', [$entity, $operation, $account])
  );

  $return = $this->processAccessHookResults($access);

  // Also execute the default access check except when the access result is
  // already forbidden, as in that case, it can not be anything else.
  if (!$return->isForbidden()) {
    $return = $return->orIf($this->checkAccess($entity, $operation, $account));
  }
  $result = $this->setCache($return, $entity->uuid(), $operation, $langcode, $account);
  return $return_as_object ? $result : $result->isAllowed();
}

Links:

https://api.drupal.org/api/drupal/core%21lib%21Drupal%21Core%21Entity%21EntityAccessControlHandler.php/function/EntityAccessControlHandler%3A%3Aaccess/8.2.x

doc_Drupal

2016-10-29 09:04:28

Comments