Mercurial > hg > isophonics-drupal-site

view core/lib/Drupal/Core/Field/FieldUpdateActionBase.php @ 13:5fb285c0d0e3

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update Drupal core to 8.4.7 via Composer. Security update; I *think* we've been lucky to get away with this so far, as we don't support self-registration which seems to be used by the so-called "drupalgeddon 2" attack that 8.4.5 was vulnerable to.
author Chris Cannam
date Mon, 23 Apr 2018 09:33:26 +0100
parents 4c8ae668cc8c
children
line wrap: on
line source
<?php

namespace Drupal\Core\Field;

use Drupal\Core\Action\ActionBase;
use Drupal\Core\Session\AccountInterface;

/**
 * Provides a base for action plugins that update one or more fields.
 *
 * Example implementation:
 *
 * @code
 * class PromoteAndMakeSticky extends FieldUpdateActionBase {
 *
 *   protected function getFieldsToUpdate() {
 *     return [
 *       'status' => NODE_PROMOTED,
 *       'sticky' => NODE_STICKY,
 *     ];
 *   }
 *
 * }
 * @endcode
 *
 * @see \Drupal\node\Plugin\Action\PublishNode
 */
abstract class FieldUpdateActionBase extends ActionBase {

  /**
   * Gets an array of values to be set.
   *
   * @return array
   *   Array of values with field names as keys.
   */
  abstract protected function getFieldsToUpdate();

  /**
   * {@inheritdoc}
   */
  public function execute($entity = NULL) {
    foreach ($this->getFieldsToUpdate() as $field => $value) {
      $entity->$field = $value;
    }
    $entity->save();
  }

  /**
   * {@inheritdoc}
   */
  public function access($object, AccountInterface $account = NULL, $return_as_object = FALSE) {
    /** @var \Drupal\Core\Access\AccessResultInterface $result */
    $result = $object->access('update', $account, TRUE);

    foreach ($this->getFieldsToUpdate() as $field => $value) {
      $result->andIf($object->{$field}->access('edit', $account, TRUE));
    }

    return $return_as_object ? $result : $result->isAllowed();
  }

}