PHP EntityManagerInterface::getAccessControlHandler方法代码示例

 /**
  * Checks access to the node preview page.
  *
  * @param \Drupal\Core\Session\AccountInterface $account
  *   The currently logged in account.
  * @param \Drupal\node\NodeInterface $node_preview
  *   The node that is being previewed.
  *
  * @return string
  *   A \Drupal\Core\Access\AccessInterface constant value.
  */
 public function access(AccountInterface $account, NodeInterface $node_preview)
 {
     if ($node_preview->isNew()) {
         $access_controller = $this->entityManager->getAccessControlHandler('node');
         return $access_controller->createAccess($node_preview->bundle(), $account, [], TRUE);
     } else {
         return $node_preview->access('update', $account, TRUE);
     }
 }

 /**
  * Checks new registrations are permitted on an event.
  */
 public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account, RegistrationTypeInterface $registration_type = NULL)
 {
     if ($event = $route->getDefault('event')) {
         $context = ['event' => $route_match->getParameter($event)];
         $access_control_handler = $this->entityManager->getAccessControlHandler('registration');
         return $access_control_handler->createAccess($registration_type, $account, $context, TRUE);
     }
     return AccessResult::forbidden();
 }

 /**
  * Checks access to the support_ticket preview page.
  *
  * @param \Drupal\Core\Session\AccountInterface $account
  *   The currently logged in account.
  * @param \Drupal\support_ticket\SupportTicketInterface $support_ticket_preview
  *   The support_ticket that is being previewed.
  *
  * @return string
  *   A \Drupal\Core\Access\AccessInterface constant value.
  */
 public function access(AccountInterface $account, SupportTicketInterface $support_ticket_preview)
 {
     if ($support_ticket_preview->isNew()) {
         $access_controller = $this->entityManager->getAccessControlHandler('support_ticket');
         return $access_controller->createAccess($support_ticket_preview->bundle(), $account, [], TRUE);
     } else {
         return $support_ticket_preview->access('update', $account, TRUE);
     }
 }

 /**
  * {@inheritdoc}
  */
 public function access(AccountInterface $account)
 {
     // @todo Perhaps read config directly rather than load all feed types.
     $access_control_handler = $this->entityManager->getAccessControlHandler('feeds_feed');
     foreach ($this->entityManager->getStorage('feeds_feed_type')->loadByProperties(['status' => TRUE]) as $feed_type) {
         $access = $access_control_handler->createAccess($feed_type->id(), $account, [], TRUE);
         if ($access->isAllowed()) {
             return $access;
         }
     }
     return AccessResult::neutral();
 }

 /**
  * Checks access to create the entity type and bundle for the given route.
  *
  * @param \Symfony\Component\Routing\Route $route
  *   The route to check against.
  * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
  *   The parametrized route.
  * @param \Drupal\Core\Session\AccountInterface $account
  *   The currently logged in account.
  *
  * @return \Drupal\Core\Access\AccessResultInterface
  *   The access result.
  */
 public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account)
 {
     list($entity_type, $bundle) = explode(':', $route->getRequirement($this->requirementsKey) . ':');
     // The bundle argument can contain request argument placeholders like
     // {name}, loop over the raw variables and attempt to replace them in the
     // bundle name. If a placeholder does not exist, it won't get replaced.
     if ($bundle && strpos($bundle, '{') !== FALSE) {
         foreach ($route_match->getRawParameters()->all() as $name => $value) {
             $bundle = str_replace('{' . $name . '}', $value, $bundle);
         }
         // If we were unable to replace all placeholders, deny access.
         if (strpos($bundle, '{') !== FALSE) {
             return AccessResult::neutral();
         }
     }
     return $this->entityManager->getAccessControlHandler($entity_type)->createAccess($bundle, $account, [], TRUE);
 }

 /**
  * {@inheritdoc}
  */
 public function evaluate()
 {
     $entity = $this->getContextValue('entity');
     $field = $this->getContextValue('field');
     if (!$entity->hasField($field)) {
         return FALSE;
     }
     $operation = $this->getContextValue('operation');
     $account = $this->getContextValue('user');
     $access = $this->entityManager->getAccessControlHandler($entity->getEntityTypeId());
     if (!$access->access($entity, $operation, Language::LANGCODE_DEFAULT, $account)) {
         return FALSE;
     }
     $definition = $entity->getFieldDefinition($field);
     $items = $entity->get($field);
     return $access->fieldAccess($operation, $definition, $account, $items);
 }

 /**
  * Checks access to the eck entity add page for the entity bundle type.
  *
  * @param AccountInterface $account
  *   The currently logged in account.
  * @param EckEntityTypeInterface $eck_entity_type
  *   The entity type.
  * @param string $eck_entity_bundle
  *   (optional) The entity type bundle.
  *
  * @return bool|AccessResult|\Drupal\Core\Access\AccessResultInterface
  *   A \Drupal\Core\Access\AccessInterface constant value.
  */
 public function access(AccountInterface $account, EckEntityTypeInterface $eck_entity_type, $eck_entity_bundle = NULL)
 {
     $access_control_handler = $this->entityManager->getAccessControlHandler($eck_entity_type->id());
     if (!empty($eck_entity_bundle)) {
         return $access_control_handler->createAccess($eck_entity_bundle, $account, array(), TRUE);
     }
     // Get the entity type bundles.
     $bundles = $this->entityManager->getStorage($eck_entity_type->id() . '_type')->loadMultiple();
     // If checking whether an entity of any type may be created.
     foreach ($bundles as $eck_entity_bundle) {
         if (($access = $access_control_handler->createAccess($eck_entity_bundle->id(), $account, array(), TRUE)) && $access->isAllowed()) {
             return $access;
         }
     }
     // No opinion.
     return AccessResult::neutral();
 }

 protected function checkAccess(ContentEntityInterface $entity, AccountInterface $account, $operation = 'view')
 {
     $entity_type_id = $entity->getEntityTypeId();
     $entity_access = $this->entityManager->getAccessControlHandler($entity_type_id);
     /** @var \Drupal\content_entity_base\Entity\Storage\RevisionableStorageInterface|\Drupal\Core\Entity\EntityStorageInterface $entity_storage */
     $entity_storage = $this->entityManager->getStorage($entity_type_id);
     if (!$entity_storage instanceof RevisionableStorageInterface) {
         throw new \InvalidArgumentException('The entity storage has to implement \\Drupal\\content_entity_base\\Entity\\Storage\\RevisionableStorageInterface');
     }
     $map = ['view' => "view all {$entity_type_id} revisions", 'update' => "revert all {$entity_type_id} revisions", 'delete' => "delete all {$entity_type_id} revisions"];
     $bundle = $entity->bundle();
     $type_map = ['view' => "view {$entity_type_id} {$bundle} revisions", 'update' => "revert {$entity_type_id} {$bundle} revisions", 'delete' => "delete {$entity_type_id} {$bundle} revisions"];
     if (!$entity || !isset($map[$operation]) || !isset($type_map[$operation])) {
         // If there was no node to check against, or the $op was not one of the
         // supported ones, we return access denied.
         return FALSE;
     }
     // Statically cache access by revision ID, language code, user account ID,
     // and operation.
     $langcode = $entity->language()->getId();
     $cid = $entity->getRevisionId() . ':' . $langcode . ':' . $account->id() . ':' . $operation;
     if (!isset($this->access[$cid])) {
         // Perform basic permission checks first.
         if (!$account->hasPermission($map[$operation]) && !$account->hasPermission($type_map[$operation]) && !$account->hasPermission('administer nodes')) {
             $this->access[$cid] = FALSE;
             return FALSE;
         }
         // There should be at least two revisions. If the vid of the given node
         // and the vid of the default revision differ, then we already have two
         // different revisions so there is no need for a separate database check.
         // Also, if you try to revert to or delete the default revision, that's
         // not good.
         if ($entity->isDefaultRevision() && ($entity_storage->countDefaultLanguageRevisions($entity) == 1 || $operation == 'update' || $operation == 'delete')) {
             $this->access[$cid] = FALSE;
         } elseif ($account->hasPermission('administer ' . $entity_type_id)) {
             $this->access[$cid] = TRUE;
         } else {
             // First check the access to the default revision and finally, if the
             // node passed in is not the default revision then access to that, too.
             $this->access[$cid] = $entity_access->access($entity_storage->load($entity->id()), $operation, $account) && ($entity->isDefaultRevision() || $entity_access->access($entity, $operation, $account));
         }
     }
     return $this->access[$cid];
 }

 /**
  * Checks access to the node add page for the node type.
  *
  * @param \Drupal\Core\Session\AccountInterface $account
  *   The currently logged in account.
  * @param \Drupal\node\NodeTypeInterface $node_type
  *   (optional) The node type. If not specified, access is allowed if there
  *   exists at least one node type for which the user may create a node.
  *
  * @return string
  *   A \Drupal\Core\Access\AccessInterface constant value.
  */
 public function access(AccountInterface $account, NodeTypeInterface $node_type = NULL)
 {
     $access_control_handler = $this->entityManager->getAccessControlHandler('node');
     // If checking whether a node of a particular type may be created.
     if ($account->hasPermission('administer content types')) {
         return AccessResult::allowed()->cachePerRole();
     }
     if ($node_type) {
         return $access_control_handler->createAccess($node_type->id(), $account, [], TRUE);
     }
     // If checking whether a node of any type may be created.
     foreach ($this->entityManager->getStorage('node_type')->loadMultiple() as $node_type) {
         if (($access = $access_control_handler->createAccess($node_type->id(), $account, [], TRUE)) && $access->isAllowed()) {
             return $access;
         }
     }
     // No opinion.
     return AccessResult::neutral();
 }

  /**
   * Checks access to the profile add page for the profile type.
   *
   * @param \Symfony\Component\Routing\Route $route
   *   The route to check against.
   * @param \Drupal\Core\Session\AccountInterface $account
   *   The currently logged in account.
   * @param \Drupal\profile\Entity\ProfileTypeInterface $profile_type
   *   The profile type entity.
   *
   * @return bool|\Drupal\Core\Access\AccessResultInterface
   *   The access result.
   */
  public function access(Route $route, AccountInterface $account, ProfileTypeInterface $profile_type = NULL) {
    $access_control_handler = $this->entityManager->getAccessControlHandler('profile');

    if ($account->hasPermission('administer profile types')) {
      return AccessResult::allowed()->cachePerPermissions();
    }
    $operation = $route->getRequirement('_profile_access_check');
    if ($operation == 'add') {
      return $access_control_handler->access($profile_type, $operation, $account, TRUE);
    }

    if ($profile_type) {
      return $access_control_handler->createAccess($profile_type->id(), $account, [], TRUE);
    }
    // If checking whether a profile of any type may be created.
    foreach ($this->entityManager->getStorage('profile_type')->loadMultiple() as $profile_type) {
      if (($access = $access_control_handler->createAccess($profile_type->id(), $account, [], TRUE)) && $access->isAllowed()) {
        return $access;
      }
    }

    // No opinion.
    return AccessResult::neutral();
  }

 /**
  * Constructs a new SupportTicketRevisionAccessCheck.
  *
  * @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
  *   The entity manager.
  * @param \Drupal\Core\Database\Connection $connection
  *   The database connection.
  */
 public function __construct(EntityManagerInterface $entity_manager)
 {
     $this->supportTicketStorage = $entity_manager->getStorage('support_ticket');
     $this->supportTicketAccess = $entity_manager->getAccessControlHandler('support_ticket');
 }

 /**
  * Constructs a new NodeRevisionAccessCheck.
  *
  * @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
  *   The entity manager.
  * @param \Drupal\Core\Database\Connection $connection
  *   The database connection.
  */
 public function __construct(EntityManagerInterface $entity_manager)
 {
     $this->nodeStorage = $entity_manager->getStorage('node');
     $this->nodeAccess = $entity_manager->getAccessControlHandler('node');
 }

 /**
  * {@inheritdoc}
  */
 public function access(AccountInterface $account)
 {
     $access_control_handler = $this->entityManager->getAccessControlHandler($this->getEntityType());
     return $access_control_handler->fieldAccess('view', $this->getFieldDefinition(), $account);
 }

 /**
  * {@inheritdoc}
  */
 public function getAccessControlHandler($entity_type)
 {
     return $this->entityManager->getAccessControlHandler($entity_type);
 }

 /**
  * {@inheritdoc}
  */
 public function access(AccountInterface $account)
 {
     $base_table = $this->get_base_table();
     $access_control_handler = $this->entityManager->getAccessControlHandler($this->definition['entity_tables'][$base_table]);
     return $access_control_handler->fieldAccess('view', $this->getFieldDefinition(), $account, NULL, TRUE);
 }