Mercurial > hg > isophonics-drupal-site
annotate core/modules/contact/src/ContactFormAccessControlHandler.php @ 19:fa3358dc1485 tip
Add ndrum files
| author | Chris Cannam |
|---|---|
| date | Wed, 28 Aug 2019 13:14:47 +0100 |
| parents | 4c8ae668cc8c |
| children |
| rev | line source |
|---|---|
| Chris@0 | 1 <?php |
| Chris@0 | 2 |
| Chris@0 | 3 namespace Drupal\contact; |
| Chris@0 | 4 |
| Chris@0 | 5 use Drupal\Core\Access\AccessResult; |
| Chris@0 | 6 use Drupal\Core\Entity\EntityAccessControlHandler; |
| Chris@0 | 7 use Drupal\Core\Entity\EntityInterface; |
| Chris@0 | 8 use Drupal\Core\Session\AccountInterface; |
| Chris@0 | 9 |
| Chris@0 | 10 /** |
| Chris@0 | 11 * Defines the access control handler for the contact form entity type. |
| Chris@0 | 12 * |
| Chris@0 | 13 * @see \Drupal\contact\Entity\ContactForm. |
| Chris@0 | 14 */ |
| Chris@0 | 15 class ContactFormAccessControlHandler extends EntityAccessControlHandler { |
| Chris@0 | 16 |
| Chris@0 | 17 /** |
| Chris@0 | 18 * {@inheritdoc} |
| Chris@0 | 19 */ |
| Chris@0 | 20 protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { |
| Chris@0 | 21 if ($operation == 'view') { |
| Chris@0 | 22 // Do not allow access personal form via site-wide route. |
| Chris@0 | 23 return AccessResult::allowedIfHasPermission($account, 'access site-wide contact form')->andIf(AccessResult::allowedIf($entity->id() !== 'personal')); |
| Chris@0 | 24 } |
| Chris@0 | 25 elseif ($operation == 'delete' || $operation == 'update') { |
| Chris@0 | 26 // Do not allow the 'personal' form to be deleted, as it's used for |
| Chris@0 | 27 // the personal contact form. |
| Chris@0 | 28 return AccessResult::allowedIfHasPermission($account, 'administer contact forms')->andIf(AccessResult::allowedIf($entity->id() !== 'personal')); |
| Chris@0 | 29 } |
| Chris@0 | 30 |
| Chris@0 | 31 return parent::checkAccess($entity, $operation, $account); |
| Chris@0 | 32 } |
| Chris@0 | 33 |
| Chris@0 | 34 } |