Mercurial > hg > isophonics-drupal-site
view core/modules/node/src/Access/NodeRevisionAccessCheck.php @ 19:fa3358dc1485 tip
Add ndrum files
author | Chris Cannam |
---|---|
date | Wed, 28 Aug 2019 13:14:47 +0100 |
parents | af1871eacc83 |
children |
line wrap: on
line source
<?php namespace Drupal\node\Access; use Drupal\Core\Access\AccessResult; use Drupal\Core\Entity\EntityTypeManagerInterface; use Drupal\Core\Routing\Access\AccessInterface; use Drupal\Core\Session\AccountInterface; use Drupal\node\NodeInterface; use Symfony\Component\Routing\Route; /** * Provides an access checker for node revisions. * * @ingroup node_access */ class NodeRevisionAccessCheck implements AccessInterface { /** * The node storage. * * @var \Drupal\node\NodeStorageInterface */ protected $nodeStorage; /** * The node access control handler. * * @var \Drupal\Core\Entity\EntityAccessControlHandlerInterface */ protected $nodeAccess; /** * A static cache of access checks. * * @var array */ protected $access = []; /** * Constructs a new NodeRevisionAccessCheck. * * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager * The entity type manager. */ public function __construct(EntityTypeManagerInterface $entity_type_manager) { $this->nodeStorage = $entity_type_manager->getStorage('node'); $this->nodeAccess = $entity_type_manager->getAccessControlHandler('node'); } /** * Checks routing access for the node revision. * * @param \Symfony\Component\Routing\Route $route * The route to check against. * @param \Drupal\Core\Session\AccountInterface $account * The currently logged in account. * @param int $node_revision * (optional) The node revision ID. If not specified, but $node is, access * is checked for that object's revision. * @param \Drupal\node\NodeInterface $node * (optional) A node object. Used for checking access to a node's default * revision when $node_revision is unspecified. Ignored when $node_revision * is specified. If neither $node_revision nor $node are specified, then * access is denied. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. */ public function access(Route $route, AccountInterface $account, $node_revision = NULL, NodeInterface $node = NULL) { if ($node_revision) { $node = $this->nodeStorage->loadRevision($node_revision); } $operation = $route->getRequirement('_access_node_revision'); return AccessResult::allowedIf($node && $this->checkAccess($node, $account, $operation))->cachePerPermissions()->addCacheableDependency($node); } /** * Checks node revision access. * * @param \Drupal\node\NodeInterface $node * The node to check. * @param \Drupal\Core\Session\AccountInterface $account * A user object representing the user for whom the operation is to be * performed. * @param string $op * (optional) The specific operation being checked. Defaults to 'view.' * * @return bool * TRUE if the operation may be performed, FALSE otherwise. */ public function checkAccess(NodeInterface $node, AccountInterface $account, $op = 'view') { $map = [ 'view' => 'view all revisions', 'update' => 'revert all revisions', 'delete' => 'delete all revisions', ]; $bundle = $node->bundle(); $type_map = [ 'view' => "view $bundle revisions", 'update' => "revert $bundle revisions", 'delete' => "delete $bundle revisions", ]; if (!$node || !isset($map[$op]) || !isset($type_map[$op])) { // If there was no node to check against, or the $op was not one of the // supported ones, we return access denied. return FALSE; } // Statically cache access by revision ID, language code, user account ID, // and operation. $langcode = $node->language()->getId(); $cid = $node->getRevisionId() . ':' . $langcode . ':' . $account->id() . ':' . $op; if (!isset($this->access[$cid])) { // Perform basic permission checks first. if (!$account->hasPermission($map[$op]) && !$account->hasPermission($type_map[$op]) && !$account->hasPermission('administer nodes')) { $this->access[$cid] = FALSE; return FALSE; } // If the revisions checkbox is selected for the content type, display the // revisions tab. $bundle_entity_type = $node->getEntityType()->getBundleEntityType(); $bundle_entity = \Drupal::entityTypeManager()->getStorage($bundle_entity_type)->load($bundle); if ($bundle_entity->shouldCreateNewRevision() && $op === 'view') { $this->access[$cid] = TRUE; } else { // There should be at least two revisions. If the vid of the given node // and the vid of the default revision differ, then we already have two // different revisions so there is no need for a separate database // check. Also, if you try to revert to or delete the default revision, // that's not good. if ($node->isDefaultRevision() && ($this->nodeStorage->countDefaultLanguageRevisions($node) == 1 || $op === 'update' || $op === 'delete')) { $this->access[$cid] = FALSE; } elseif ($account->hasPermission('administer nodes')) { $this->access[$cid] = TRUE; } else { // First check the access to the default revision and finally, if the // node passed in is not the default revision then check access to // that, too. $this->access[$cid] = $this->nodeAccess->access($this->nodeStorage->load($node->id()), $op, $account) && ($node->isDefaultRevision() || $this->nodeAccess->access($node, $op, $account)); } } } return $this->access[$cid]; } }