Documentation & API reference
protected function CommentAccessController::checkAccess
Performs access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which to check 'create' access.
string $operation: The entity operation. Usually one of 'view', 'edit', 'create' or 'delete'.
string $langcode: The language code for which to check access.
\Drupal\Core\Session\AccountInterface; $account: The user for which to check access.
Return value
bool|null TRUE if access was granted, FALSE if access was denied and NULL if access could not be determined.
Overrides EntityAccessController::checkAccess
File
- drupal/
core/ modules/ comment/ lib/ Drupal/ comment/ CommentAccessController.php, line 24 - Contains \Drupal\comment\CommentAccessController
Class
- CommentAccessController
- Access controller for the comment entity.
Namespace
Drupal\commentCode
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
switch ($operation) {
case 'view':
return user_access('access comments', $account);
break;
case 'create':
return user_access('post comments', $account);
break;
case 'update':
return $account->uid && $account->uid == $entity->uid->value && $entity->status->value == COMMENT_PUBLISHED && user_access('edit own comments', $account) || user_access('administer comments', $account);
break;
case 'delete':
return user_access('administer comments', $account);
break;
case 'approve':
return user_access('administer comments', $account);
break;
}
}