Chris@0
|
1 <?php
|
Chris@0
|
2
|
Chris@0
|
3 namespace Drupal\taxonomy;
|
Chris@0
|
4
|
Chris@0
|
5 use Drupal\Core\Access\AccessResult;
|
Chris@0
|
6 use Drupal\Core\Entity\EntityAccessControlHandler;
|
Chris@0
|
7 use Drupal\Core\Entity\EntityInterface;
|
Chris@0
|
8 use Drupal\Core\Session\AccountInterface;
|
Chris@0
|
9
|
Chris@0
|
10 /**
|
Chris@0
|
11 * Defines the access control handler for the taxonomy term entity type.
|
Chris@0
|
12 *
|
Chris@0
|
13 * @see \Drupal\taxonomy\Entity\Term
|
Chris@0
|
14 */
|
Chris@0
|
15 class TermAccessControlHandler extends EntityAccessControlHandler {
|
Chris@0
|
16
|
Chris@0
|
17 /**
|
Chris@0
|
18 * {@inheritdoc}
|
Chris@0
|
19 */
|
Chris@0
|
20 protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
|
Chris@17
|
21 if ($account->hasPermission('administer taxonomy')) {
|
Chris@17
|
22 return AccessResult::allowed()->cachePerPermissions();
|
Chris@17
|
23 }
|
Chris@17
|
24
|
Chris@0
|
25 switch ($operation) {
|
Chris@0
|
26 case 'view':
|
Chris@17
|
27 $access_result = AccessResult::allowedIf($account->hasPermission('access content') && $entity->isPublished())
|
Chris@17
|
28 ->cachePerPermissions()
|
Chris@17
|
29 ->addCacheableDependency($entity);
|
Chris@17
|
30 if (!$access_result->isAllowed()) {
|
Chris@17
|
31 $access_result->setReason("The 'access content' permission is required and the taxonomy term must be published.");
|
Chris@17
|
32 }
|
Chris@17
|
33 return $access_result;
|
Chris@0
|
34
|
Chris@0
|
35 case 'update':
|
Chris@17
|
36 if ($account->hasPermission("edit terms in {$entity->bundle()}")) {
|
Chris@17
|
37 return AccessResult::allowed()->cachePerPermissions();
|
Chris@17
|
38 }
|
Chris@17
|
39
|
Chris@17
|
40 return AccessResult::neutral()->setReason("The following permissions are required: 'edit terms in {$entity->bundle()}' OR 'administer taxonomy'.");
|
Chris@0
|
41
|
Chris@0
|
42 case 'delete':
|
Chris@17
|
43 if ($account->hasPermission("delete terms in {$entity->bundle()}")) {
|
Chris@17
|
44 return AccessResult::allowed()->cachePerPermissions();
|
Chris@17
|
45 }
|
Chris@17
|
46
|
Chris@17
|
47 return AccessResult::neutral()->setReason("The following permissions are required: 'delete terms in {$entity->bundle()}' OR 'administer taxonomy'.");
|
Chris@0
|
48
|
Chris@0
|
49 default:
|
Chris@0
|
50 // No opinion.
|
Chris@17
|
51 return AccessResult::neutral()->cachePerPermissions();
|
Chris@0
|
52 }
|
Chris@0
|
53 }
|
Chris@0
|
54
|
Chris@0
|
55 /**
|
Chris@0
|
56 * {@inheritdoc}
|
Chris@0
|
57 */
|
Chris@0
|
58 protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
|
Chris@14
|
59 return AccessResult::allowedIfHasPermissions($account, ["create terms in $entity_bundle", 'administer taxonomy'], 'OR');
|
Chris@0
|
60 }
|
Chris@0
|
61
|
Chris@0
|
62 }
|