class BlockContentAccessControlHandler

Same name in other branches
  1. 9 core/modules/block_content/src/BlockContentAccessControlHandler.php \Drupal\block_content\BlockContentAccessControlHandler
  2. 8.9.x core/modules/block_content/src/BlockContentAccessControlHandler.php \Drupal\block_content\BlockContentAccessControlHandler
  3. 11.x core/modules/block_content/src/BlockContentAccessControlHandler.php \Drupal\block_content\BlockContentAccessControlHandler

Defines the access control handler for the content block entity type.

Hierarchy

Expanded class hierarchy of BlockContentAccessControlHandler

See also

\Drupal\block_content\Entity\BlockContent

1 file declares its use of BlockContentAccessControlHandler
BlockContentAccessHandlerTest.php in core/modules/block_content/tests/src/Kernel/BlockContentAccessHandlerTest.php

File

core/modules/block_content/src/BlockContentAccessControlHandler.php, line 22

Namespace

Drupal\block_content
View source
class BlockContentAccessControlHandler extends EntityAccessControlHandler implements EntityHandlerInterface {
    
    /**
     * The event dispatcher.
     *
     * @var \Symfony\Contracts\EventDispatcher\EventDispatcherInterface
     */
    protected $eventDispatcher;
    
    /**
     * BlockContentAccessControlHandler constructor.
     *
     * @param \Drupal\Core\Entity\EntityTypeInterface $entity_type
     *   The entity type.
     * @param \Symfony\Contracts\EventDispatcher\EventDispatcherInterface $dispatcher
     *   The event dispatcher.
     */
    public function __construct(EntityTypeInterface $entity_type, EventDispatcherInterface $dispatcher) {
        parent::__construct($entity_type);
        $this->eventDispatcher = $dispatcher;
    }
    
    /**
     * {@inheritdoc}
     */
    public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
        return new static($entity_type, $container->get('event_dispatcher'));
    }
    
    /**
     * {@inheritdoc}
     */
    protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
        assert($entity instanceof BlockContentInterface);
        $bundle = $entity->bundle();
        $forbidIfNotReusable = fn(): AccessResultInterface => AccessResult::forbiddenIf($entity->isReusable() === FALSE, sprintf('Block content must be reusable to use `%s` operation', $operation));
        $access = AccessResult::allowedIfHasPermissions($account, [
            'administer block content',
        ]);
        if (!$access->isAllowed()) {
            $access = match ($operation) {    'view' => AccessResult::allowedIf($entity->isPublished())
                    ->orIf(AccessResult::allowedIfHasPermission($account, 'access block library')),
                'update' => AccessResult::allowedIfHasPermission($account, 'edit any ' . $bundle . ' block content'),
                'delete' => AccessResult::allowedIfHasPermission($account, 'delete any ' . $bundle . ' block content'),
                'view revision', 'view all revisions' => AccessResult::allowedIfHasPermission($account, 'view any ' . $bundle . ' block content history'),
                'revert' => AccessResult::allowedIfHasPermission($account, 'revert any ' . $bundle . ' block content revisions')->orIf($forbidIfNotReusable()),
                'delete revision' => AccessResult::allowedIfHasPermission($account, 'delete any ' . $bundle . ' block content revisions')->orIf($forbidIfNotReusable()),
                default => parent::checkAccess($entity, $operation, $account),
            
            };
        }
        // Add the entity as a cacheable dependency because access will at least be
        // determined by whether the block is reusable.
        $access->addCacheableDependency($entity);
        if ($entity->isReusable() === FALSE && $access->isForbidden() !== TRUE) {
            if (!$entity instanceof DependentAccessInterface) {
                throw new \LogicException("Non-reusable block entities must implement \\Drupal\\block_content\\Access\\DependentAccessInterface for access control.");
            }
            $dependency = $entity->getAccessDependency();
            if (empty($dependency)) {
                // If an access dependency has not been set let modules set one.
                $event = new BlockContentGetDependencyEvent($entity);
                $this->eventDispatcher
                    ->dispatch($event, BlockContentEvents::BLOCK_CONTENT_GET_DEPENDENCY);
                $dependency = $event->getAccessDependency();
                if (empty($dependency)) {
                    return AccessResult::forbidden("Non-reusable blocks must set an access dependency for access control.");
                }
            }
            
            /** @var \Drupal\Core\Entity\EntityInterface $dependency */
            $access = $access->andIf($dependency->access($operation, $account, TRUE));
        }
        return $access;
    }
    
    /**
     * {@inheritdoc}
     */
    protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
        return AccessResult::allowedIfHasPermissions($account, [
            'create ' . $entity_bundle . ' block content',
            'access block library',
        ])->orIf(AccessResult::allowedIfHasPermissions($account, [
            'administer block content',
        ]));
    }

}

Members

Title Sort descending Modifiers Object type Summary Overriden Title Overrides
BlockContentAccessControlHandler::$eventDispatcher protected property The event dispatcher.
BlockContentAccessControlHandler::checkAccess protected function Performs access checks. Overrides EntityAccessControlHandler::checkAccess
BlockContentAccessControlHandler::checkCreateAccess protected function Performs create access checks. Overrides EntityAccessControlHandler::checkCreateAccess
BlockContentAccessControlHandler::createInstance public static function Instantiates a new instance of this entity handler. Overrides EntityHandlerInterface::createInstance
BlockContentAccessControlHandler::__construct public function BlockContentAccessControlHandler constructor. Overrides EntityAccessControlHandler::__construct
DependencySerializationTrait::$_entityStorages protected property
DependencySerializationTrait::$_serviceIds protected property
DependencySerializationTrait::__sleep public function 1
DependencySerializationTrait::__wakeup public function 2
EntityAccessControlHandler::$accessCache protected property Stores calculated access check results.
EntityAccessControlHandler::$entityType protected property Information about the entity type.
EntityAccessControlHandler::$entityTypeId protected property The entity type ID of the access control handler instance.
EntityAccessControlHandler::$viewLabelOperation protected property Allows to grant access to just the labels. 7
EntityAccessControlHandler::access public function Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControlHandlerInterface::access 1
EntityAccessControlHandler::checkFieldAccess protected function Default field access as determined by this access control handler. 4
EntityAccessControlHandler::createAccess public function Checks access to create an entity. Overrides EntityAccessControlHandlerInterface::createAccess 1
EntityAccessControlHandler::fieldAccess public function Checks access to an operation on a given entity field. Overrides EntityAccessControlHandlerInterface::fieldAccess
EntityAccessControlHandler::getCache protected function Tries to retrieve a previously cached access value from the static cache.
EntityAccessControlHandler::prepareUser protected function Loads the current account object, if it does not exist yet.
EntityAccessControlHandler::processAccessHookResults protected function Determines entity access.
EntityAccessControlHandler::resetCache public function Clears all cached access checks. Overrides EntityAccessControlHandlerInterface::resetCache
EntityAccessControlHandler::setCache protected function Statically caches whether the given user has access.
EntityHandlerBase::$moduleHandler protected property The module handler to invoke hooks on. 5
EntityHandlerBase::moduleHandler protected function Gets the module handler. 5
EntityHandlerBase::setModuleHandler public function Sets the module handler for this handler.
StringTranslationTrait::$stringTranslation protected property The string translation service. 3
StringTranslationTrait::formatPlural protected function Formats a string containing a count of items.
StringTranslationTrait::getNumberOfPlurals protected function Returns the number of plurals supported by a given language.
StringTranslationTrait::getStringTranslation protected function Gets the string translation service.
StringTranslationTrait::setStringTranslation public function Sets the string translation service to use. 2
StringTranslationTrait::t protected function Translates a string to the current language or to a given language.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.