Mercurial > hg > isophonics-drupal-site
comparison core/modules/node/src/Access/NodeRevisionAccessCheck.php @ 18:af1871eacc83
Update to Drupal core 8.7.1
| author | Chris Cannam |
|---|---|
| date | Thu, 09 May 2019 15:33:08 +0100 |
| parents | 4c8ae668cc8c |
| children |
comparison
equal
deleted
inserted
replaced
| 17:129ea1e6d783 | 18:af1871eacc83 |
|---|---|
| 1 <?php | 1 <?php |
| 2 | 2 |
| 3 namespace Drupal\node\Access; | 3 namespace Drupal\node\Access; |
| 4 | 4 |
| 5 use Drupal\Core\Access\AccessResult; | 5 use Drupal\Core\Access\AccessResult; |
| 6 use Drupal\Core\Entity\EntityManagerInterface; | 6 use Drupal\Core\Entity\EntityTypeManagerInterface; |
| 7 use Drupal\Core\Routing\Access\AccessInterface; | 7 use Drupal\Core\Routing\Access\AccessInterface; |
| 8 use Drupal\Core\Session\AccountInterface; | 8 use Drupal\Core\Session\AccountInterface; |
| 9 use Drupal\node\NodeInterface; | 9 use Drupal\node\NodeInterface; |
| 10 use Symfony\Component\Routing\Route; | 10 use Symfony\Component\Routing\Route; |
| 11 | 11 |
| 38 protected $access = []; | 38 protected $access = []; |
| 39 | 39 |
| 40 /** | 40 /** |
| 41 * Constructs a new NodeRevisionAccessCheck. | 41 * Constructs a new NodeRevisionAccessCheck. |
| 42 * | 42 * |
| 43 * @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager | 43 * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager |
| 44 * The entity manager. | 44 * The entity type manager. |
| 45 */ | 45 */ |
| 46 public function __construct(EntityManagerInterface $entity_manager) { | 46 public function __construct(EntityTypeManagerInterface $entity_type_manager) { |
| 47 $this->nodeStorage = $entity_manager->getStorage('node'); | 47 $this->nodeStorage = $entity_type_manager->getStorage('node'); |
| 48 $this->nodeAccess = $entity_manager->getAccessControlHandler('node'); | 48 $this->nodeAccess = $entity_type_manager->getAccessControlHandler('node'); |
| 49 } | 49 } |
| 50 | 50 |
| 51 /** | 51 /** |
| 52 * Checks routing access for the node revision. | 52 * Checks routing access for the node revision. |
| 53 * | 53 * |
| 117 // Perform basic permission checks first. | 117 // Perform basic permission checks first. |
| 118 if (!$account->hasPermission($map[$op]) && !$account->hasPermission($type_map[$op]) && !$account->hasPermission('administer nodes')) { | 118 if (!$account->hasPermission($map[$op]) && !$account->hasPermission($type_map[$op]) && !$account->hasPermission('administer nodes')) { |
| 119 $this->access[$cid] = FALSE; | 119 $this->access[$cid] = FALSE; |
| 120 return FALSE; | 120 return FALSE; |
| 121 } | 121 } |
| 122 | 122 // If the revisions checkbox is selected for the content type, display the |
| 123 // There should be at least two revisions. If the vid of the given node | 123 // revisions tab. |
| 124 // and the vid of the default revision differ, then we already have two | 124 $bundle_entity_type = $node->getEntityType()->getBundleEntityType(); |
| 125 // different revisions so there is no need for a separate database check. | 125 $bundle_entity = \Drupal::entityTypeManager()->getStorage($bundle_entity_type)->load($bundle); |
| 126 // Also, if you try to revert to or delete the default revision, that's | 126 if ($bundle_entity->shouldCreateNewRevision() && $op === 'view') { |
| 127 // not good. | |
| 128 if ($node->isDefaultRevision() && ($this->nodeStorage->countDefaultLanguageRevisions($node) == 1 || $op == 'update' || $op == 'delete')) { | |
| 129 $this->access[$cid] = FALSE; | |
| 130 } | |
| 131 elseif ($account->hasPermission('administer nodes')) { | |
| 132 $this->access[$cid] = TRUE; | 127 $this->access[$cid] = TRUE; |
| 133 } | 128 } |
| 134 else { | 129 else { |
| 135 // First check the access to the default revision and finally, if the | 130 // There should be at least two revisions. If the vid of the given node |
| 136 // node passed in is not the default revision then access to that, too. | 131 // and the vid of the default revision differ, then we already have two |
| 137 $this->access[$cid] = $this->nodeAccess->access($this->nodeStorage->load($node->id()), $op, $account) && ($node->isDefaultRevision() || $this->nodeAccess->access($node, $op, $account)); | 132 // different revisions so there is no need for a separate database |
| 133 // check. Also, if you try to revert to or delete the default revision, | |
| 134 // that's not good. | |
| 135 if ($node->isDefaultRevision() && ($this->nodeStorage->countDefaultLanguageRevisions($node) == 1 || $op === 'update' || $op === 'delete')) { | |
| 136 $this->access[$cid] = FALSE; | |
| 137 } | |
| 138 elseif ($account->hasPermission('administer nodes')) { | |
| 139 $this->access[$cid] = TRUE; | |
| 140 } | |
| 141 else { | |
| 142 // First check the access to the default revision and finally, if the | |
| 143 // node passed in is not the default revision then check access to | |
| 144 // that, too. | |
| 145 $this->access[$cid] = $this->nodeAccess->access($this->nodeStorage->load($node->id()), $op, $account) && ($node->isDefaultRevision() || $this->nodeAccess->access($node, $op, $account)); | |
| 146 } | |
| 138 } | 147 } |
| 139 } | 148 } |
| 140 | 149 |
| 141 return $this->access[$cid]; | 150 return $this->access[$cid]; |
| 142 } | 151 } |