/** * {@inheritdoc} */ public function defaultAccess($operation = 'view', AccountInterface $account = NULL) { if ($operation == 'view') { return AccessResult::allowed(); } return AccessResult::allowedIfHasPermissions($account, ['create url aliases', 'administer url aliases'], 'OR')->cachePerPermissions(); }
/** * {@inheritdoc} */ protected function checkFieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL) { if ($operation == 'edit') { return AccessResult::allowedIfHasPermissions($account, ['administer tmgmt', 'administer translation tasks']); } return parent::checkFieldAccess($operation, $field_definition, $account, $items); }
/** * {@inheritdoc} */ protected function blockAccess(AccountInterface $account) { if ($this->masquerade->isMasquerading()) { return AccessResult::forbidden()->addCacheContexts(['is_masquerading']); } // Display block for all users that has any of masquerade permissions. return AccessResult::allowedIfHasPermissions($account, $this->masquerade->getPermissions(), 'OR'); }
/** * Check to see if user has any permissions to masquerade. * * @param \Drupal\Core\Session\AccountInterface $account * Run access checks for this account. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. */ public function access(AccountInterface $account) { // Uid 1 may masquerade as anyone. if ($account->id() == 1) { return AccessResult::allowed()->cachePerUser(); } $permissions = $this->masquerade->getPermissions(); return AccessResult::allowedIfHasPermissions($account, $permissions, 'OR'); }
/** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { $access_result = AccessResult::allowedIfHasPermissions($account, ["create {$entity_bundle} entityqueue", 'manipulate all entityqueues', 'administer entityqueue'], 'OR'); if ($entity_bundle) { $queue = EntityQueue::load($entity_bundle); $access_result = AccessResult::allowedIf(!$queue->getHandlerPlugin()->hasAutomatedSubqueues()); } return $access_result; }
/** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { $contact_type_is_active = empty($entity_bundle); // Load the contact type entity. if (!empty($entity_bundle)) { /* @var \Drupal\crm_core_contact\Entity\ContactType $contact_type_entity */ $contact_type_entity = ContactType::load($entity_bundle); $contact_type_is_active = $contact_type_entity->status(); } return AccessResult::allowedIf($contact_type_is_active)->andIf(AccessResult::allowedIfHasPermissions($account, ['administer crm_core_contact entities', 'create crm_core_contact entities', 'create crm_core_contact entities of bundle ' . $entity_bundle], 'OR')); }
/** * Checks access. * * @param \Symfony\Component\Routing\Route $route * The route to check against. * @param \Drupal\Core\Session\AccountInterface $account * The currently logged in account. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. */ public function access(Route $route, AccountInterface $account) { $permission = $route->getRequirement('_permission'); // Allow to conjunct the permissions with OR ('+') or AND (','). $split = explode(',', $permission); if (count($split) > 1) { return AccessResult::allowedIfHasPermissions($account, $split, 'AND'); } else { $split = explode('+', $permission); return AccessResult::allowedIfHasPermissions($account, $split, 'OR'); } }
/** * {@inheritdoc} */ protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { /** @var ScheduledUpdate $entity */ if ($operation == 'view') { return AccessResult::allowedIfHasPermission($account, 'view scheduled update entities'); } $type_id = $entity->bundle(); if ($entity->getOwnerId() == $account->id()) { // If owner that needs either own or any permission, not both. return AccessResult::allowedIfHasPermissions($account, ["{$operation} any {$type_id} scheduled updates", "{$operation} own {$type_id} scheduled updates"], 'OR'); } else { return AccessResult::allowedIfHasPermission($account, "{$operation} any {$type_id} scheduled updates"); } }
/** * {@inheritdoc} */ protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { switch ($operation) { case 'view': return AccessResult::allowedIfHasPermission($account, 'access content'); case 'update': return AccessResult::allowedIfHasPermissions($account, ["edit terms in {$entity->bundle()}", 'administer taxonomy'], 'OR'); case 'delete': return AccessResult::allowedIfHasPermissions($account, ["delete terms in {$entity->bundle()}", 'administer taxonomy'], 'OR'); default: // No opinion. return AccessResult::neutral(); } }
/** * {@inheritdoc} */ public function access(AccountInterface $account) { $domain = $this->domainNegotiator->getActiveDomain(); // Is the domain allowed? // No domain, let it pass. if (empty($domain)) { return AccessResult::allowed()->setCacheMaxAge(0); } // Active domain, let it pass. if ($domain->status()) { return AccessResult::allowed()->setCacheMaxAge(0); } else { $permissions = array('administer domains', 'access inactive domains'); $operator = 'OR'; return AccessResult::allowedIfHasPermissions($account, $permissions, $operator)->setCacheMaxAge(0); } }
/** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { return AccessResult::allowedIfHasPermission($account, 'administer shortcuts')->orIf(AccessResult::allowedIfHasPermissions($account, ['access shortcuts', 'customize shortcut links'], 'AND')); }
/** * Custom access check for continuous job form. * * @param \Drupal\Core\Session\AccountInterface $account * Run access checks for this account. * * @return \Drupal\Core\Access\AccessResult * Returns allowed if we have a translator with ContinuousSourceInterface * and the logged in user has permission to create translation jobs. */ public function access(AccountInterface $account) { if (\Drupal::service('tmgmt.continuous')->checkIfContinuousTranslatorAvailable()) { return AccessResult::allowedIfHasPermissions($account, ['administer tmgmt'])->addCacheTags(['config:tmgmt_translator_list']); } return AccessResult::forbidden()->addCacheTags(['config:tmgmt_translator_list']); }
/** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { return AccessResult::allowedIfHasPermissions($account, ['add any ' . $entity_bundle . ' profile', 'add own ' . $entity_bundle . ' profile'], 'OR'); }
/** * Determine access to update add page. * * If user has permission to add any types they should have access to this page. * * @param \Drupal\Core\Session\AccountInterface $account * * @return \Drupal\Core\Access\AccessResult */ public function addPageAccess(AccountInterface $account) { $types = $this->typeStorage->loadMultiple(); $perms = []; foreach ($types as $type_id => $type) { $perms[] = "create {$type_id} scheduled updates"; } return AccessResult::allowedIfHasPermissions($account, $perms, 'OR'); }
/** * Tests allowedIfHasPermissions(). * * @covers ::allowedIfHasPermissions * * @dataProvider providerTestAllowedIfHasPermissions */ public function testAllowedIfHasPermissions($permissions, $conjunction, $expected_access) { $account = $this->getMock('\\Drupal\\Core\\Session\\AccountInterface'); $account->expects($this->any())->method('hasPermission')->willReturnMap([['allowed', TRUE], ['denied', FALSE]]); $access_result = AccessResult::allowedIfHasPermissions($account, $permissions, $conjunction); $this->assertEquals($expected_access, $access_result); }
/** * Overrides \Drupal\block\BlockBase::access(). */ public function access(AccountInterface $account, $return_as_object = FALSE) { return AccessResult::allowedIfHasPermissions($account, array('administer domains', 'view domain information'), 'OR'); }
/** * Overrides \Drupal\block\BlockBase::access(). */ public function access(AccountInterface $account, $return_as_object = FALSE) { return AccessResult::allowedIfHasPermissions($account, array('administer domains', 'use domain switcher block'), 'OR'); }
/** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { return AccessResult::allowedIfHasPermissions($account, ['administer entity_test content', 'administer entity_test_with_bundle content', 'create ' . $entity_bundle . ' entity_test_with_bundle entities'], 'OR'); }
/** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { return AccessResult::allowedIfHasPermission($account, 'administer grade item data')->orIf(AccessResult::allowedIfHasPermissions($account, ['access grade item data', 'customize grade item data'], 'AND')); }