Code
/
reserve
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Branch 4.0.x-roblib is currently the same as Drupals main branch but with our patches applied.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
26 Commits
4 Branches
0 Tags
858 KiB
 
 
 
 
Tree: c0391680c4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c0391680c4'
${ noResults }
reserve/src/ReserveReservationAccessCon...

59 lines
2.0 KiB
Raw Blame History

<?php
namespace Drupal\reserve;
use Drupal\Core\Entity\EntityAccessControlHandler;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\Core\Access\AccessResult;
/**
* Access controller for the Reservation entity.
*
* @see \Drupal\reserve\Entity\ReserveReservation.
*/
class ReserveReservationAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\reserve\Entity\ReserveReservationInterface $entity */
switch ($operation) {
case 'view':
if (!$entity->isPublished()) {
$access = AccessResult::allowedIfHasPermission($account, 'view unpublished reservations');
}
$access = AccessResult::allowedIfHasPermission($account, 'view published reservations');
break;
case 'update':
$access = AccessResult::allowedIfHasPermission($account, 'edit any reservation');
if (!$access->isAllowed() && $account->hasPermission('edit own reservation')) {
$access = $access->orIf(AccessResult::allowedIf($account->id() == $entity->getOwnerId())->cachePerUser()->addCacheableDependency($entity));
}
break;
case 'delete':
$access = AccessResult::allowedIfHasPermission($account, 'delete any reservation');
if (!$access->isAllowed() && $account->hasPermission('delete own reservation')) {
$access = $access->orIf(AccessResult::allowedIf($account->id() == $entity->getOwnerId())->cachePerUser()->addCacheableDependency($entity));
}
break;
// Unknown operation, no opinion.
default:
$access = AccessResult::neutral();
}
return $access;
}
/**
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return AccessResult::allowedIfHasPermission($account, 'add reservations');
}
}