Provides a generic access checker for entities.
Expanded class hierarchy of EntityAccessCheck
class EntityAccessCheck implements AccessCheckInterface {
/**
* {@inheritdoc}
*/
public function applies(Route $route) {
return array_key_exists('_entity_access', $route
->getRequirements());
}
/**
* Implements \Drupal\Core\Access\AccessCheckInterface::access().
*
* The value of the '_entity_access' key must be in the pattern
* 'entity_type.operation.' The entity type must match the {entity_type}
* parameter in the route pattern. This will check a node for 'update' access:
* @code
* pattern: '/foo/{node}/bar'
* requirements:
* _entity_access: 'node.update'
* @endcode
* Available operations are 'view', 'update', 'create', and 'delete'.
*/
public function access(Route $route, Request $request) {
// Split the entity type and the operation.
$requirement = $route
->getRequirement('_entity_access');
list($entity_type, $operation) = explode('.', $requirement);
// If there is valid entity of the given entity type, check its access.
if ($request->attributes
->has($entity_type)) {
$entity = $request->attributes
->get($entity_type);
if ($entity instanceof EntityInterface) {
return $entity
->access($operation);
}
}
// No opinion, so other access checks should decide if access should be
// allowed or not.
return NULL;
}
}
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
AccessCheckInterface:: |
constant | Grant access. | ||
AccessCheckInterface:: |
constant | Deny access. | ||
AccessCheckInterface:: |
constant | Block access. | ||
EntityAccessCheck:: |
public | function |
Implements \Drupal\Core\Access\AccessCheckInterface::access(). Overrides AccessCheckInterface:: |
|
EntityAccessCheck:: |
public | function |
Declares whether the access check applies to a specific route or not. Overrides AccessCheckInterface:: |