Drupal 8  8.0.2
EntityAccessControlHandler Class Reference
Inheritance diagram for EntityAccessControlHandler:

Public Member Functions

 __construct (EntityTypeInterface $entity_type)
 
 access (EntityInterface $entity, $operation, AccountInterface $account=NULL, $return_as_object=FALSE)
 
 resetCache ()
 
 createAccess ($entity_bundle=NULL, AccountInterface $account=NULL, array $context=array(), $return_as_object=FALSE)
 
 fieldAccess ($operation, FieldDefinitionInterface $field_definition, AccountInterface $account=NULL, FieldItemListInterface $items=NULL, $return_as_object=FALSE)
 
- Public Member Functions inherited from EntityHandlerBase
 setModuleHandler (ModuleHandlerInterface $module_handler)
 
- Public Member Functions inherited from EntityAccessControlHandlerInterface
 setModuleHandler (ModuleHandlerInterface $module_handler)
 

Protected Member Functions

 checkAccess (EntityInterface $entity, $operation, AccountInterface $account)
 
 getCache ($cid, $operation, $langcode, AccountInterface $account)
 
 setCache ($access, $cid, $operation, $langcode, AccountInterface $account)
 
 checkCreateAccess (AccountInterface $account, array $context, $entity_bundle=NULL)
 
 prepareUser (AccountInterface $account=NULL)
 
 checkFieldAccess ($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items=NULL)
 
- Protected Member Functions inherited from EntityHandlerBase
 moduleHandler ()
 

Protected Attributes

 $accessCache = array()
 
 $entityTypeId
 
 $entityType
 
- Protected Attributes inherited from EntityHandlerBase
 $moduleHandler
 

Detailed Description

Defines a default implementation for entity access control handler.

Constructor & Destructor Documentation

__construct ( EntityTypeInterface  $entity_type)

Constructs an access control handler instance.

Parameters
\Drupal\Core\Entity\EntityTypeInterface$entity_typeThe entity type definition.

References EntityTypeInterface\id().

Here is the call graph for this function:

Member Function Documentation

access ( EntityInterface  $entity,
  $operation,
AccountInterface  $account = NULL,
  $return_as_object = FALSE 
)

{Checks access to an operation on a given entity or entity translation.Use ::createAccess() to check access to create an entity.

Parameters
\Drupal\Core\Entity\EntityInterface$entityThe entity for which to check access.
string$operationThe operation access should be checked for. Usually one of "view", "update" or "delete".
\Drupal\Core\Session\AccountInterface$account(optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.
bool$return_as_object(optional) Defaults to FALSE.
Returns
bool| The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".
}

Implements EntityAccessControlHandlerInterface.

References EntityAccessControlHandler\checkAccess(), EntityAccessControlHandler\getCache(), EntityInterface\getEntityTypeId(), EntityInterface\language(), EntityHandlerBase\moduleHandler(), EntityAccessControlHandler\prepareUser(), EntityAccessControlHandler\setCache(), and EntityInterface\uuid().

Here is the call graph for this function:

checkAccess ( EntityInterface  $entity,
  $operation,
AccountInterface  $account 
)
protected

Performs access checks.

This method is supposed to be overwritten by extending classes that do their own custom access checking.

Parameters
\Drupal\Core\Entity\EntityInterface$entityThe entity for which to check access.
string$operationThe entity operation. Usually one of 'view', 'update' or 'delete'.
\Drupal\Core\Session\AccountInterface$accountThe user for which to check access.
Returns
The access result.

References AccessResult\allowedIfHasPermission(), AccessResult\forbidden(), EntityInterface\isNew(), and AccessResult\neutral().

Referenced by EntityAccessControlHandler\access().

Here is the call graph for this function:

Here is the caller graph for this function:

checkCreateAccess ( AccountInterface  $account,
array  $context,
  $entity_bundle = NULL 
)
protected

Performs create access checks.

This method is supposed to be overwritten by extending classes that do their own custom access checking.

Parameters
\Drupal\Core\Session\AccountInterface$accountThe user for which to check access.
array$contextAn array of key-value pairs to pass additional context when needed.
string | null$entity_bundle(optional) The bundle of the entity. Required if the entity supports bundles, defaults to NULL otherwise.
Returns
The access result.

References AccessResult\allowedIfHasPermission(), and AccessResult\neutral().

Referenced by EntityAccessControlHandler\createAccess().

Here is the call graph for this function:

Here is the caller graph for this function:

checkFieldAccess (   $operation,
FieldDefinitionInterface  $field_definition,
AccountInterface  $account,
FieldItemListInterface  $items = NULL 
)
protected

Default field access as determined by this access control handler.

Parameters
string$operationThe operation access should be checked for. Usually one of "view" or "edit".
\Drupal\Core\Field\FieldDefinitionInterface$field_definitionThe field definition.
\Drupal\Core\Session\AccountInterface$accountThe user session for which to check access.
\Drupal\Core\Field\FieldItemListInterface$items(optional) The field values for which to check access, or NULL if access is checked for the field definition, without any specific value available. Defaults to NULL.
Returns
bool TRUE if access is allowed, FALSE otherwise.

References AccessResult\allowed().

Referenced by EntityAccessControlHandler\fieldAccess().

Here is the call graph for this function:

Here is the caller graph for this function:

createAccess (   $entity_bundle = NULL,
AccountInterface  $account = NULL,
array  $context = array(),
  $return_as_object = FALSE 
)

{Checks access to create an entity.

Parameters
string$entity_bundle(optional) The bundle of the entity. Required if the entity supports bundles, defaults to NULL otherwise.
\Drupal\Core\Session\AccountInterface$account(optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.
array$context(optional) An array of key-value pairs to pass additional context when needed.
bool$return_as_object(optional) Defaults to FALSE.
Returns
bool| The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".
}

Implements EntityAccessControlHandlerInterface.

References EntityAccessControlHandler\checkCreateAccess(), EntityAccessControlHandler\getCache(), LanguageInterface\LANGCODE_DEFAULT, EntityHandlerBase\moduleHandler(), EntityAccessControlHandler\prepareUser(), and EntityAccessControlHandler\setCache().

Here is the call graph for this function:

fieldAccess (   $operation,
FieldDefinitionInterface  $field_definition,
AccountInterface  $account = NULL,
FieldItemListInterface  $items = NULL,
  $return_as_object = FALSE 
)

{Checks access to an operation on a given entity field.This method does not determine whether access is granted to the entity itself, only the specific field. Callers are responsible for ensuring that entity access is also respected, for example by using ::access().

Parameters
string$operationThe operation access should be checked for. Usually one of "view" or "edit".
\Drupal\Core\Field\FieldDefinitionInterface$field_definitionThe field definition.
\Drupal\Core\Session\AccountInterface$account(optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.
\Drupal\Core\Field\FieldItemListInterface$items(optional) The field values for which to check access, or NULL if access is checked for the field definition, without any specific value available. Defaults to NULL.
bool$return_as_object(optional) Defaults to FALSE.
Returns
bool| The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".
See Also
::access()
}

Implements EntityAccessControlHandlerInterface.

References AccessResult\allowed(), EntityAccessControlHandler\checkFieldAccess(), EntityHandlerBase\moduleHandler(), and EntityAccessControlHandler\prepareUser().

Here is the call graph for this function:

getCache (   $cid,
  $operation,
  $langcode,
AccountInterface  $account 
)
protected

Tries to retrieve a previously cached access value from the static cache.

Parameters
string$cidUnique string identifier for the entity/operation, for example the entity UUID or a custom string.
string$operationThe entity operation. Usually one of 'view', 'update', 'create' or 'delete'.
string$langcodeThe language code for which to check access.
\Drupal\Core\Session\AccountInterface$accountThe user for which to check access.
Returns
|null The cached AccessResult, or NULL if there is no record for the given user, operation, langcode and entity in the cache.

References AccountInterface\id().

Referenced by EntityAccessControlHandler\access(), and EntityAccessControlHandler\createAccess().

Here is the call graph for this function:

Here is the caller graph for this function:

prepareUser ( AccountInterface  $account = NULL)
protected

Loads the current account object, if it does not exist yet.

Parameters
\Drupal\Core\Session\AccountInterface$accountThe account interface instance.
Returns
Returns the current account object.

References Drupal\currentUser().

Referenced by EntityAccessControlHandler\access(), NodeAccessControlHandler\access(), NodeAccessControlHandler\createAccess(), EntityAccessControlHandler\createAccess(), and EntityAccessControlHandler\fieldAccess().

Here is the call graph for this function:

Here is the caller graph for this function:

resetCache ( )

{Clears all cached access checks.}

Implements EntityAccessControlHandlerInterface.

setCache (   $access,
  $cid,
  $operation,
  $langcode,
AccountInterface  $account 
)
protected

Statically caches whether the given user has access.

Parameters
\Drupal\Core\Access\AccessResultInterface$accessThe access result.
string$cidUnique string identifier for the entity/operation, for example the entity UUID or a custom string.
string$operationThe entity operation. Usually one of 'view', 'update', 'create' or 'delete'.
string$langcodeThe language code for which to check access.
\Drupal\Core\Session\AccountInterface$accountThe user for which to check access.
Returns
Whether the user has access, plus cacheability metadata.

References AccountInterface\id().

Referenced by EntityAccessControlHandler\access(), and EntityAccessControlHandler\createAccess().

Here is the call graph for this function:

Here is the caller graph for this function:


The documentation for this class was generated from the following file: