FileAccessControlHandler::checkFieldAccess

protected FileAccessControlHandler::checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL)

Default field access as determined by this access control handler.

Parameters

string $operation: The operation access should be checked for. Usually one of "view" or "edit".

\Drupal\Core\Field\FieldDefinitionInterface $field_definition: The field definition.

\Drupal\Core\Session\AccountInterface $account: The user session for which to check access.

\Drupal\Core\Field\FieldItemListInterface $items: (optional) The field values for which to check access, or NULL if access is checked for the field definition, without any specific value available. Defaults to NULL.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

Overrides EntityAccessControlHandler::checkFieldAccess

File

core/modules/file/src/FileAccessControlHandler.php, line 81

Class

FileAccessControlHandler: Provides a File access control handler.

Namespace

Drupal\file

Code

protected function checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL) {
  // No user can edit the status of a file. Prevents saving a new file as
  // persistent before even validating it.
  if ($field_definition->getName() === 'status' && $operation === 'edit') {
    return AccessResult::forbidden();
  }
  return parent::checkFieldAccess($operation, $field_definition, $account, $items);
}

Links:

https://api.drupal.org/api/drupal/core%21modules%21file%21src%21FileAccessControlHandler.php/function/FileAccessControlHandler%3A%3AcheckFieldAccess/8.2.x

doc_Drupal

2016-10-29 09:13:19

Comments