Chris@18: entityAccessChecker = $entity_access_checker; Chris@18: } Chris@18: Chris@18: /** Chris@18: * Checks access to the relationship field on the given route. Chris@18: * Chris@18: * @param \Symfony\Component\HttpFoundation\Request $request Chris@18: * The incoming HTTP request object. Chris@18: * @param \Symfony\Component\Routing\Route $route Chris@18: * The route to check against. Chris@18: * @param \Drupal\Core\Session\AccountInterface $account Chris@18: * The currently logged in account. Chris@18: * Chris@18: * @return \Drupal\Core\Access\AccessResultInterface Chris@18: * The access result. Chris@18: */ Chris@18: public function access(Request $request, Route $route, AccountInterface $account) { Chris@18: $relationship_field_name = $route->getRequirement(static::ROUTE_REQUIREMENT_KEY); Chris@18: $field_operation = $request->isMethodCacheable() ? 'view' : 'edit'; Chris@18: $entity_operation = $request->isMethodCacheable() ? 'view' : 'update'; Chris@18: if ($resource_type = $request->get(Routes::RESOURCE_TYPE_KEY)) { Chris@18: assert($resource_type instanceof ResourceType); Chris@18: $entity = $request->get('entity'); Chris@18: $internal_name = $resource_type->getInternalName($relationship_field_name); Chris@18: if ($entity instanceof FieldableEntityInterface && $entity->hasField($internal_name)) { Chris@18: $entity_access = $this->entityAccessChecker->checkEntityAccess($entity, $entity_operation, $account); Chris@18: $field_access = $entity->get($internal_name)->access($field_operation, $account, TRUE); Chris@18: // Ensure that access is respected for different entity revisions. Chris@18: $access_result = $entity_access->andIf($field_access); Chris@18: if (!$access_result->isAllowed()) { Chris@18: $reason = "The current user is not allowed to {$field_operation} this relationship."; Chris@18: $access_reason = $access_result instanceof AccessResultReasonInterface ? $access_result->getReason() : NULL; Chris@18: $detailed_reason = empty($access_reason) ? $reason : $reason . " {$access_reason}"; Chris@18: $access_result->setReason($detailed_reason); Chris@18: if ($request->isMethodCacheable()) { Chris@18: throw new CacheableAccessDeniedHttpException(CacheableMetadata::createFromObject($access_result), $detailed_reason); Chris@18: } Chris@18: } Chris@18: return $access_result; Chris@18: } Chris@18: } Chris@18: return AccessResult::neutral(); Chris@18: } Chris@18: Chris@18: }