function EntityAccessControlHandler::access

Same name and namespace in other branches
  1. 11.x core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php \Drupal\Core\Entity\EntityAccessControlHandler::access()
1 call to EntityAccessControlHandler::access()
MediaAccessControlHandler::checkAccess in core/modules/media/src/MediaAccessControlHandler.php
Performs access checks.

File

core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php, line 61

Class

EntityAccessControlHandler
Defines a default implementation for entity access control handler.

Namespace

Drupal\Core\Entity

Code

public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE) {
  $account = $this->prepareUser($account);
  $langcode = $entity->language()
    ->getId();
  if ($operation === 'view label' && $this->viewLabelOperation == FALSE) {
    $operation = 'view';
  }
  // If an entity does not have a UUID, either from not being set or from not
  // having them, use the 'entity type:ID' pattern as the cache $cid.
  $cid = $entity->uuid() ?: $entity->getEntityTypeId() . ':' . $entity->id();
  // If the entity is revisionable, then append the revision ID to allow
  // individual revisions to have specific access control and be cached
  // separately.
  if ($entity instanceof RevisionableInterface) {
    /** @var \Drupal\Core\Entity\RevisionableInterface $entity */
    $cid .= ':' . $entity->getRevisionId();
  }
  if (($return = $this->getCache($cid, $operation, $langcode, $account)) !== NULL) {
    // Cache hit, no work necessary.
    return $return_as_object ? $return : $return->isAllowed();
  }
  // Invoke hook_entity_access() and hook_ENTITY_TYPE_access(). Hook results
  // take precedence over overridden implementations of
  // EntityAccessControlHandler::checkAccess(). Entities that have checks that
  // need to be done before the hook is invoked should do so by overriding
  // this method.
  // We grant access to the entity if both of these conditions are met:
  // - No modules say to deny access.
  // - At least one module says to grant access.
  $access = array_merge($this->moduleHandler()
    ->invokeAll('entity_access', [
    $entity,
    $operation,
    $account,
  ]), $this->moduleHandler()
    ->invokeAll($entity->getEntityTypeId() . '_access', [
    $entity,
    $operation,
    $account,
  ]));
  $return = $this->processAccessHookResults($access);
  // Also execute the default access check except when the access result is
  // already forbidden, as in that case, it can not be anything else.
  if (!$return->isForbidden()) {
    $return = $return->orIf($this->checkAccess($entity, $operation, $account));
  }
  $result = $this->setCache($return, $cid, $operation, $langcode, $account);
  return $return_as_object ? $result : $result->isAllowed();
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.