Mercurial > hg > isophonics-drupal-site
comparison core/modules/node/node.api.php @ 17:129ea1e6d783
Update, including to Drupal core 8.6.10
| author | Chris Cannam |
|---|---|
| date | Thu, 28 Feb 2019 13:21:36 +0000 |
| parents | 4c8ae668cc8c |
| children | af1871eacc83 |
comparison
equal
deleted
inserted
replaced
| 16:c2387f117808 | 17:129ea1e6d783 |
|---|---|
| 167 'realm' => 'example', | 167 'realm' => 'example', |
| 168 'gid' => 1, | 168 'gid' => 1, |
| 169 'grant_view' => 1, | 169 'grant_view' => 1, |
| 170 'grant_update' => 0, | 170 'grant_update' => 0, |
| 171 'grant_delete' => 0, | 171 'grant_delete' => 0, |
| 172 'langcode' => 'ca' | 172 'langcode' => 'ca', |
| 173 ]; | 173 ]; |
| 174 } | 174 } |
| 175 // For the example_author array, the GID is equivalent to a UID, which | 175 // For the example_author array, the GID is equivalent to a UID, which |
| 176 // means there are many groups of just 1 user. | 176 // means there are many groups of just 1 user. |
| 177 // Note that an author can always view his or her nodes, even if they | 177 // Note that an author can always view his or her nodes, even if they |
| 181 'realm' => 'example_author', | 181 'realm' => 'example_author', |
| 182 'gid' => $node->getOwnerId(), | 182 'gid' => $node->getOwnerId(), |
| 183 'grant_view' => 1, | 183 'grant_view' => 1, |
| 184 'grant_update' => 1, | 184 'grant_update' => 1, |
| 185 'grant_delete' => 1, | 185 'grant_delete' => 1, |
| 186 'langcode' => 'ca' | 186 'langcode' => 'ca', |
| 187 ]; | 187 ]; |
| 188 } | 188 } |
| 189 | 189 |
| 190 return $grants; | 190 return $grants; |
| 191 } | 191 } |
| 295 * The administrative account (user ID #1) always passes any access check, so | 295 * The administrative account (user ID #1) always passes any access check, so |
| 296 * this hook is not called in that case. Users with the "bypass node access" | 296 * this hook is not called in that case. Users with the "bypass node access" |
| 297 * permission may always view and edit content through the administrative | 297 * permission may always view and edit content through the administrative |
| 298 * interface. | 298 * interface. |
| 299 * | 299 * |
| 300 * Note that not all modules will want to influence access on all node types. If | 300 * The access to a node can be influenced in several ways: |
| 301 * your module does not want to explicitly allow or forbid access, return an | 301 * - To explicitly allow access, return an AccessResultInterface object with |
| 302 * AccessResultInterface object with neither isAllowed() nor isForbidden() | 302 * isAllowed() returning TRUE. Other modules can override this access by |
| 303 * equaling TRUE. Blindly returning an object with isForbidden() equaling TRUE | 303 * returning TRUE for isForbidden(). |
| 304 * will break other node access modules. | 304 * - To explicitly forbid access, return an AccessResultInterface object with |
| 305 * isForbidden() returning TRUE. Access will be forbidden even if your module | |
| 306 * (or another module) also returns TRUE for isNeutral() or isAllowed(). | |
| 307 * - To neither allow nor explicitly forbid access, return an | |
| 308 * AccessResultInterface object with isNeutral() returning TRUE. | |
| 309 * - If your module does not return an AccessResultInterface object, neutral | |
| 310 * access will be assumed. | |
| 305 * | 311 * |
| 306 * Also note that this function isn't called for node listings (e.g., RSS feeds, | 312 * Also note that this function isn't called for node listings (e.g., RSS feeds, |
| 307 * the default home page at path 'node', a recent content block, etc.) See | 313 * the default home page at path 'node', a recent content block, etc.) See |
| 308 * @link node_access Node access rights @endlink for a full explanation. | 314 * @link node_access Node access rights @endlink for a full explanation. |
| 309 * | 315 * |
| 330 switch ($op) { | 336 switch ($op) { |
| 331 case 'create': | 337 case 'create': |
| 332 return AccessResult::allowedIfHasPermission($account, 'create ' . $type . ' content'); | 338 return AccessResult::allowedIfHasPermission($account, 'create ' . $type . ' content'); |
| 333 | 339 |
| 334 case 'update': | 340 case 'update': |
| 335 if ($account->hasPermission('edit any ' . $type . ' content', $account)) { | 341 if ($account->hasPermission('edit any ' . $type . ' content')) { |
| 336 return AccessResult::allowed()->cachePerPermissions(); | 342 return AccessResult::allowed()->cachePerPermissions(); |
| 337 } | 343 } |
| 338 else { | 344 else { |
| 339 return AccessResult::allowedIf($account->hasPermission('edit own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))->cachePerPermissions()->cachePerUser()->addCacheableDependency($node); | 345 return AccessResult::allowedIf($account->hasPermission('edit own ' . $type . ' content') && ($account->id() == $node->getOwnerId()))->cachePerPermissions()->cachePerUser()->addCacheableDependency($node); |
| 340 } | 346 } |
| 341 | 347 |
| 342 case 'delete': | 348 case 'delete': |
| 343 if ($account->hasPermission('delete any ' . $type . ' content', $account)) { | 349 if ($account->hasPermission('delete any ' . $type . ' content')) { |
| 344 return AccessResult::allowed()->cachePerPermissions(); | 350 return AccessResult::allowed()->cachePerPermissions(); |
| 345 } | 351 } |
| 346 else { | 352 else { |
| 347 return AccessResult::allowedIf($account->hasPermission('delete own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))->cachePerPermissions()->cachePerUser()->addCacheableDependency($node); | 353 return AccessResult::allowedIf($account->hasPermission('delete own ' . $type . ' content') && ($account->id() == $node->getOwnerId()))->cachePerPermissions()->cachePerUser()->addCacheableDependency($node); |
| 348 } | 354 } |
| 349 | 355 |
| 350 default: | 356 default: |
| 351 // No opinion. | 357 // No opinion. |
| 352 return AccessResult::neutral(); | 358 return AccessResult::neutral(); |