PHP Access\AccessResult类代码示例

 /**
  * {@inheritdoc}
  */
 protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account)
 {
     if ($operation === 'view') {
         return AccessResult::allowedIfHasPermission($account, 'access content');
     }
     return parent::checkAccess($entity, $operation, $account);
 }

 /**
  * {@inheritdoc}
  */
 public function access(Route $route, AccountInterface $account, NodeInterface $node = NULL)
 {
     if ($node->bundle() && \Drupal::config('webform.settings')->get('node_' . $node->bundle())) {
         return AccessResult::allowed();
     }
     return AccessResult::forbidden();
 }

 /**
  * Checks configuration permission.
  *
  * @param AccountInterface $account
  *   (optional) The user for which to check access, or NULL to check access
  *   for the current user. Defaults to NULL.
  * @param bool $return_as_object
  *   (optional) Defaults to FALSE.
  *
  * @return bool|\Drupal\Core\Access\AccessResultInterface
  *   The access result. Returns a boolean if $return_as_object is FALSE (this
  *   is the default) and otherwise an AccessResultInterface object.
  *   When a boolean is returned, the result of AccessInterface::isAllowed() is
  *   returned, i.e. TRUE means access is explicitly allowed, FALSE means
  *   access is either explicitly forbidden or "no opinion".
  */
 public function checkConfigurationAccess(AccountInterface $account = NULL, $return_as_object = FALSE)
 {
     if (!$account) {
         $account = \Drupal::currentUser();
     }
     // We treat these as our "super-user" accesses.  We let the reaction
     // rule and component permissions control the main admin UI.
     $admin_perms = ['administer rules', 'bypass rules access'];
     $access = FALSE;
     foreach ($admin_perms as $perm) {
         if ($account->hasPermission($perm)) {
             $access = TRUE;
             break;
         }
     }
     if (!$access) {
         // See if the plugin has a configuration_access annotation.
         $definition = $this->getPluginDefinition();
         if (!empty($definition['configure_permissions']) && is_array($definition['configure_permissions'])) {
             foreach ($definition['configure_permissions'] as $perm) {
                 if ($account->hasPermission($perm)) {
                     $access = TRUE;
                     break;
                 }
             }
         }
     }
     if ($return_as_object) {
         return $access ? AccessResult::allowed() : AccessResult::neutral();
     }
     return $access;
 }

 /**
  * {@inheritdoc}
  */
 protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account)
 {
     if ($operation === 'view') {
         return AccessResult::allowed();
     }
     return parent::checkAccess($entity, $operation, $account);
 }

 /**
  * Grants access only to UID 1.
  *
  * @param \Drupal\Core\Session\AccountInterface $account
  *   The currently logged in account.
  *
  * @return \Drupal\Core\Access\AccessResultInterface
  *   The access result.
  */
 public function access(AccountInterface $account)
 {
     if ($account->id() == 1) {
         return AccessResult::allowed()->addCacheContexts(['user']);
     }
     return AccessResult::forbidden()->addCacheContexts(['user']);
 }

 /**
  * Checks access to create an entity of any bundle for the given route.
  *
  * @param \Symfony\Component\Routing\Route $route
  *   The route to check against.
  * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
  *   The parameterized route.
  * @param \Drupal\Core\Session\AccountInterface $account
  *   The currently logged in account.
  *
  * @return \Drupal\Core\Access\AccessResultInterface
  *   The access result.
  */
 public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account)
 {
     $entity_type_id = $route->getRequirement($this->requirementsKey);
     $entity_type = $this->entityTypeManager->getDefinition($entity_type_id);
     $access_control_handler = $this->entityTypeManager->getAccessControlHandler($entity_type_id);
     // In case there is no "bundle" entity key, check create access with no
     // bundle specified.
     if (!$entity_type->hasKey('bundle')) {
         return $access_control_handler->createAccess(NULL, $account, [], TRUE);
     }
     $access = AccessResult::neutral();
     $bundles = array_keys($this->entityTypeBundleInfo->getBundleInfo($entity_type_id));
     // Include list cache tag as access might change if more bundles are added.
     if ($entity_type->getBundleEntityType()) {
         $access->addCacheTags($this->entityTypeManager->getDefinition($entity_type->getBundleEntityType())->getListCacheTags());
         // Check if the user is allowed to create new bundles. If so, allow
         // access, so the add page can show a link to create one.
         // @see \Drupal\Core\Entity\Controller\EntityController::addPage()
         $bundle_access_control_handler = $this->entityTypeManager->getAccessControlHandler($entity_type->getBundleEntityType());
         $access = $access->orIf($bundle_access_control_handler->createAccess(NULL, $account, [], TRUE));
         if ($access->isAllowed()) {
             return $access;
         }
     }
     // Check whether an entity of any bundle may be created.
     foreach ($bundles as $bundle) {
         $access = $access->orIf($access_control_handler->createAccess($bundle, $account, [], TRUE));
         // In case there is a least one bundle user can create entities for,
         // access is allowed.
         if ($access->isAllowed()) {
             break;
         }
     }
     return $access;
 }

 /**
  * Checks Quick Edit access to the field.
  *
  * @param \Drupal\Core\Entity\EntityInterface $entity
  *   The entity containing the field.
  * @param string $field_name
  *   The field name.
  * @param string $langcode
  *   The langcode.
  * @param \Drupal\Core\Session\AccountInterface $account
  *   The currently logged in account.
  *
  * @return \Drupal\Core\Access\AccessResultInterface
  *   The access result.
  *
  * @todo Use the $account argument: https://www.drupal.org/node/2266809.
  */
 public function access(EntityInterface $entity, $field_name, $langcode, AccountInterface $account)
 {
     if (!$this->validateRequestAttributes($entity, $field_name, $langcode)) {
         return AccessResult::forbidden();
     }
     return $this->accessEditEntityField($entity, $field_name);
 }

 /**
  * Handles access to the rdf_entity proposal form.
  *
  * @param \Drupal\rdf_entity\RdfEntityTypeInterface $rdf_type
  *   The RDF entity type for which the proposal form is built.
  *
  * @return \Drupal\Core\Access\AccessResult
  *   The access result object.
  */
 public function createAssetReleaseAccess(RdfEntityTypeInterface $rdf_type)
 {
     if (!in_array($rdf_type->id(), ['collection', 'solution'])) {
         return AccessResult::forbidden();
     }
     return AccessResult::allowedIf($this->currentUser()->hasPermission("propose {$rdf_type->id()} rdf entity"));
 }

 /**
  * Checks access to the translation overview for the entity and bundle.
  *
  * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
  *   The parametrized route.
  * @param \Drupal\Core\Session\AccountInterface $account
  *   The currently logged in account.
  * @param string $entity_type_id
  *   The entity type ID.
  *
  * @return \Drupal\Core\Access\AccessResultInterface
  *   The access result.
  */
 public function access(RouteMatchInterface $route_match, AccountInterface $account, $entity_type_id)
 {
     /* @var \Drupal\Core\Entity\ContentEntityInterface $entity */
     $entity = $route_match->getParameter($entity_type_id);
     if ($entity && $entity->isTranslatable()) {
         // Get entity base info.
         $bundle = $entity->bundle();
         // Get entity access callback.
         $definition = $this->entityManager->getDefinition($entity_type_id);
         $translation = $definition->get('translation');
         $access_callback = $translation['content_translation']['access_callback'];
         $access = call_user_func($access_callback, $entity);
         if ($access->isAllowed()) {
             return $access;
         }
         // Check "translate any entity" permission.
         if ($account->hasPermission('translate any entity')) {
             return AccessResult::allowed()->cachePerPermissions()->inheritCacheability($access);
         }
         // Check per entity permission.
         $permission = "translate {$entity_type_id}";
         if ($definition->getPermissionGranularity() == 'bundle') {
             $permission = "translate {$bundle} {$entity_type_id}";
         }
         return AccessResult::allowedIfHasPermission($account, $permission)->inheritCacheability($access);
     }
     // No opinion.
     return AccessResult::neutral();
 }

 /**
  * Limit access to the Library between 9:00 and 18:30.
  *
  * @param \Drupal\Core\Session\AccountInterface $account
  */
 public function accessLibrary(AccountInterface $account)
 {
     if (time() >= strtotime('today 9:00') && time() <= strtotime('today 18:30')) {
         return AccessResult::allowed();
     }
     return AccessResult::forbidden();
 }

 /**
  * {@inheritdoc}
  */
 public function defaultAccess($operation = 'view', AccountInterface $account = NULL)
 {
     if ($operation == 'view') {
         return AccessResult::allowed();
     }
     return AccessResult::allowedIfHasPermissions($account, ['create url aliases', 'administer url aliases'], 'OR')->cachePerPermissions();
 }

 /**
  * {@inheritdoc}
  */
 protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account)
 {
     /** @var \Drupal\file\FileInterface $entity */
     if ($operation == 'download' || $operation == 'view') {
         if (\Drupal::service('file_system')->uriScheme($entity->getFileUri()) === 'public') {
             // Always allow access to file in public file system.
             return AccessResult::allowed();
         } elseif ($references = $this->getFileReferences($entity)) {
             foreach ($references as $field_name => $entity_map) {
                 foreach ($entity_map as $referencing_entity_type => $referencing_entities) {
                     /** @var \Drupal\Core\Entity\EntityInterface $referencing_entity */
                     foreach ($referencing_entities as $referencing_entity) {
                         $entity_and_field_access = $referencing_entity->access('view', $account, TRUE)->andIf($referencing_entity->{$field_name}->access('view', $account, TRUE));
                         if ($entity_and_field_access->isAllowed()) {
                             return $entity_and_field_access;
                         }
                     }
                 }
             }
         } elseif ($entity->getOwnerId() == $account->id()) {
             // This case handles new nodes, or detached files. The user who uploaded
             // the file can always access if it's not yet used.
             return AccessResult::allowed();
         }
     }
     // No opinion.
     return AccessResult::neutral();
 }

 /**
  * {@inheritdoc}
  */
 protected function blockAccess(AccountInterface $account)
 {
     if ($account->hasPermission('search content')) {
         return AccessResult::allowed();
     }
     return AccessResult::forbidden();
 }

 public function access(AccountInterface $account)
 {
     if (!$account->id() == 1) {
         return AccessResult::forbidden();
     }
     return AccessResult::allowed();
 }

 /**
  * {@inheritdoc}
  *
  * Separate from the checkAccess because the entity does not yet exist, it
  * will be created during the 'add' process.
  */
 protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL)
 {
     if ($entity_bundle) {
         return AccessResult::allowedIfHasPermission($account, 'create ' . $entity_bundle . ' rdf entity');
     }
     return AccessResult::allowedIfHasPermission($account, 'add rdf entity');
 }