FilterFormatAccessControlHandler::checkAccess

protected FilterFormatAccessControlHandler::checkAccess(EntityInterface $filter_format, $operation, AccountInterface $account)

Performs access checks.

This method is supposed to be overwritten by extending classes that do their own custom access checking.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.

string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.

\Drupal\Core\Session\AccountInterface $account: The user for which to check access.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

Overrides EntityAccessControlHandler::checkAccess

File

core/modules/filter/src/FilterFormatAccessControlHandler.php, line 20

Class

FilterFormatAccessControlHandler
Defines the access control handler for the filter format entity type.

Namespace

Drupal\filter

Code

protected function checkAccess(EntityInterface $filter_format, $operation, AccountInterface $account) {
  /** @var \Drupal\filter\FilterFormatInterface $filter_format */

  // All users are allowed to use the fallback filter.
  if ($operation == 'use') {
    if ($filter_format->isFallbackFormat()) {
      return AccessResult::allowed();
    }
    else {
      return AccessResult::allowedIfHasPermission($account, $filter_format->getPermissionName());
    }
  }

  // The fallback format may not be disabled.
  if ($operation == 'disable' && $filter_format->isFallbackFormat()) {
    return AccessResult::forbidden();
  }

  // We do not allow filter formats to be deleted through the UI, because that
  // would render any content that uses them unusable.
  if ($operation == 'delete') {
    return AccessResult::forbidden();
  }

  if (in_array($operation, array('disable', 'update'))) {
    return parent::checkAccess($filter_format, $operation, $account);
  }

  // No opinion.
  return AccessResult::neutral();
}
doc_Drupal
2016-10-29 09:14:35
Comments
Leave a Comment

Please login to continue.