class WorkspaceAccessControlHandler
Same name and namespace in other branches
- 11.x core/modules/workspaces/src/WorkspaceAccessControlHandler.php \Drupal\workspaces\WorkspaceAccessControlHandler
Defines the access control handler for the workspace entity type.
Hierarchy
- class \Drupal\Core\Entity\EntityHandlerBase uses \Drupal\Core\StringTranslation\StringTranslationTrait, \Drupal\Core\DependencyInjection\DependencySerializationTrait
- class \Drupal\Core\Entity\EntityAccessControlHandler extends \Drupal\Core\Entity\EntityAccessControlHandlerInterface implements \Drupal\Core\Entity\EntityHandlerBase
- class \Drupal\workspaces\WorkspaceAccessControlHandler implements \Drupal\Core\Entity\EntityAccessControlHandler
- class \Drupal\Core\Entity\EntityAccessControlHandler extends \Drupal\Core\Entity\EntityAccessControlHandlerInterface implements \Drupal\Core\Entity\EntityHandlerBase
Expanded class hierarchy of WorkspaceAccessControlHandler
See also
\Drupal\workspaces\Entity\Workspace
File
-
core/
modules/ workspaces/ src/ WorkspaceAccessControlHandler.php, line 15
Namespace
Drupal\workspacesView source
class WorkspaceAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\workspaces\WorkspaceInterface $entity */
if ($operation === 'publish' && $entity->hasParent()) {
$message = $this->t('Only top-level workspaces can be published.');
return AccessResult::forbidden((string) $message)->addCacheableDependency($entity);
}
if ($account->hasPermission('administer workspaces')) {
return AccessResult::allowed()->cachePerPermissions();
}
// @todo Consider adding explicit "publish any|own workspace" permissions in
// https://www.drupal.org/project/drupal/issues/3084260.
$permission_operation = $operation === 'update' || $operation === 'publish' ? 'edit' : $operation;
// Check if the user has permission to access all workspaces.
$access_result = AccessResult::allowedIfHasPermission($account, $permission_operation . ' any workspace');
// Check if it's their own workspace, and they have permission to access
// their own workspace.
if ($access_result->isNeutral() && $account->isAuthenticated() && $account->id() === $entity->getOwnerId()) {
$access_result = AccessResult::allowedIfHasPermission($account, $permission_operation . ' own workspace')->cachePerUser()
->addCacheableDependency($entity);
}
return $access_result;
}
/**
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return AccessResult::allowedIfHasPermissions($account, [
'administer workspaces',
'create workspace',
], 'OR');
}
}Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.