Documentation & API reference
class BlockAccessController
Provides a Block access controller.
Hierarchy
- class \Drupal\Core\Entity\EntityAccessController implements EntityAccessControllerInterface
- class \Drupal\block\BlockAccessController
Expanded class hierarchy of BlockAccessController
File
- drupal/
core/ modules/ block/ lib/ Drupal/ block/ BlockAccessController.php, line 17 - Contains \Drupal\block\BlockAccessController.
Namespace
Drupal\blockView source
class BlockAccessController extends EntityAccessController {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
// Currently, only view access is implemented.
if ($operation != 'view') {
return FALSE;
}
// Deny access to disabled blocks.
if (!$entity
->status()) {
return FALSE;
}
// If the plugin denies access, then deny access.
if (!$entity
->getPlugin()
->access()) {
return FALSE;
}
// Otherwise, check for other access restrictions.
global $user;
// User role access handling.
// If a block has no roles associated, it is displayed for every role.
// For blocks with roles associated, if none of the user's roles matches
// the settings from this block, access is denied.
$visibility = $entity
->get('visibility');
if (!empty($visibility['role']['roles']) && !array_intersect(array_filter($visibility['role']['roles']), $user->roles)) {
// No match.
return FALSE;
}
// Page path handling.
// Limited visibility blocks must list at least one page.
if (!empty($visibility['path']['visibility']) && $visibility['path']['visibility'] == BLOCK_VISIBILITY_LISTED && empty($visibility['path']['pages'])) {
return FALSE;
}
// Match path if necessary.
if (!empty($visibility['path']['pages'])) {
// Assume there are no matches until one is found.
$page_match = FALSE;
// Convert path to lowercase. This allows comparison of the same path
// with different case. Ex: /Page, /page, /PAGE.
$pages = drupal_strtolower($visibility['path']['pages']);
if ($visibility['path']['visibility'] < BLOCK_VISIBILITY_PHP) {
// Compare the lowercase path alias (if any) and internal path.
$path = current_path();
$path_alias = drupal_strtolower(drupal_container()
->get('path.alias_manager')
->getPathAlias($path));
$page_match = drupal_match_path($path_alias, $pages) || $path != $path_alias && drupal_match_path($path, $pages);
// When $block->visibility has a value of 0
// (BLOCK_VISIBILITY_NOTLISTED), the block is displayed on all pages
// except those listed in $block->pages. When set to 1
// (BLOCK_VISIBILITY_LISTED), it is displayed only on those pages
// listed in $block->pages.
$page_match = !($visibility['path']['visibility'] xor $page_match);
}
elseif (module_exists('php')) {
$page_match = php_eval($visibility['path']['pages']);
}
// If there are page visibility restrictions and this page does not
// match, deny access.
if (!$page_match) {
return FALSE;
}
}
// Language visibility settings.
if (!empty($visibility['language']['langcodes']) && array_filter($visibility['language']['langcodes'])) {
if (empty($visibility['language']['langcodes'][language($visibility['language']['language_type'])->langcode])) {
return FALSE;
}
}
return TRUE;
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
BlockAccessController:: |
protected | function |
Performs access checks. Overrides EntityAccessController:: |
|
|
EntityAccessController:: |
protected | property | Stores calculcated access check results. | |
|
EntityAccessController:: |
public | function |
Checks access to an operation on a given entity or entity translation. Overrides EntityAccessControllerInterface:: |
1 |
|
EntityAccessController:: |
protected | function | Tries to retrieve a previously cached access value from the static cache. | |
|
EntityAccessController:: |
public | function |
Clears all cached access checks. Overrides EntityAccessControllerInterface:: |
|
|
EntityAccessController:: |
protected | function | Statically caches whether the given user has access. |