protected FileAccessControlHandler::checkAccess(EntityInterface $entity, $operation, AccountInterface $account)
Performs access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check access.
string $operation: The entity operation. Usually one of 'view', 'view label', 'update' or 'delete'.
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
Overrides EntityAccessControlHandler::checkAccess
File
- core/modules/file/src/FileAccessControlHandler.php, line 21
Class
- FileAccessControlHandler
- Provides a File access control handler.
Namespace
Drupal\file
Code
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { /** @var \Drupal\file\FileInterface $entity */ if ($operation == 'download' || $operation == 'view') { if (\Drupal::service('file_system')->uriScheme($entity->getFileUri()) === 'public') { // Always allow access to file in public file system. return AccessResult::allowed(); } elseif ($references = $this->getFileReferences($entity)) { foreach ($references as $field_name => $entity_map) { foreach ($entity_map as $referencing_entity_type => $referencing_entities) { /** @var \Drupal\Core\Entity\EntityInterface $referencing_entity */ foreach ($referencing_entities as $referencing_entity) { $entity_and_field_access = $referencing_entity->access('view', $account, TRUE)->andIf($referencing_entity->$field_name->access('view', $account, TRUE)); if ($entity_and_field_access->isAllowed()) { return $entity_and_field_access; } } } } } elseif ($entity->getOwnerId() == $account->id()) { // This case handles new nodes, or detached files. The user who uploaded // the file can always access if it's not yet used. return AccessResult::allowed(); } } if ($operation == 'delete' || $operation == 'update') { $account = $this->prepareUser($account); $file_uid = $entity->get('uid')->getValue(); // Only the file owner can delete and update the file entity. if ($account->id() == $file_uid[0]['target_id']) { return AccessResult::allowed(); } return AccessResult::forbidden(); } // No opinion. return AccessResult::neutral(); }
Please login to continue.