Performs access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check 'create' access.
string $operation: The entity operation. Usually one of 'view', 'edit', 'create' or 'delete'.
string $langcode: The language code for which to check access.
\Drupal\Core\Session\AccountInterface; $account: The user for which to check access.
bool|null TRUE if access was granted, FALSE if access was denied and NULL if access could not be determined.
Overrides EntityAccessController::checkAccess
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
switch ($operation) {
case 'view':
return $this
->viewAccess($entity, $langcode, $account);
break;
case 'create':
return user_access('administer users', $account);
break;
case 'update':
// Users can always edit their own account. Users with the 'administer
// users' permission can edit any account except the anonymous account.
return ($account
->id() == $entity
->id() || user_access('administer users', $account)) && $entity
->id() > 0;
break;
case 'delete':
// Users with 'cancel account' permission can cancel their own account,
// users with 'administer users' permission can cancel any account
// except the anonymous account.
return ($account
->id() == $entity
->id() && user_access('cancel account', $account) || user_access('administer users', $account)) && $entity
->id() > 0;
break;
}
}