CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
neutral example
public function access(Route $route) {
if ($route->getRequirement('_test_access') === 'TRUE') {
return AccessResult::allowed();
}
elseif ($route->getRequirement('_test_access') === 'FALSE') {
return AccessResult::forbidden();
}
else {
return AccessResult::neutral();
}
}
}
public function access(Route $route) {
if ($route->getRequirement('_access') === 'TRUE') {
return AccessResult::allowed();
}
elseif ($route->getRequirement('_access') === 'FALSE') {
return AccessResult::forbidden();
}
else {
return AccessResult::neutral();
}
}
}
/** * {@inheritdoc} */
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($shortcut_set = $this->shortcutSetStorage->load($entity->bundle())) {
return shortcut_set_edit_access($shortcut_set);
}
// @todo Fix this bizarre code: how can a shortcut exist without a shortcut // set? The above if-test is unnecessary. See https://www.drupal.org/node/2339903. return AccessResult::neutral()->addCacheableDependency($entity);
}
/** * {@inheritdoc} */
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
if ($shortcut_set = $this->shortcutSetStorage->load($entity_bundle)) {
return shortcut_set_edit_access($shortcut_set);
}
// @todo Fix this bizarre code: how can a shortcut exist without a shortcut // set? The above if-test is unnecessary. See https://www.drupal.org/node/2339903.
// Ensure that access is respected for different entity revisions.
$access_result = $entity_access->andIf($field_access);
if (!$access_result->isAllowed()) {
$reason = "The current user is not allowed to {$field_operation} this relationship.";
$access_reason = $access_result instanceof AccessResultReasonInterface ? $access_result->getReason() : NULL;
$detailed_reason = empty($access_reason) ? $reason : $reason . " {$access_reason}";
$access_result->setReason($detailed_reason);
}
return $access_result;
}
}
return AccessResult::neutral();
}
}
if (!$access_result->isAllowed()) {
$reason = "The current user is not allowed to {$field_operation} this relationship.";
$access_reason = $access_result instanceof AccessResultReasonInterface ? $access_result->getReason() : NULL;
$detailed_reason = empty($access_reason) ? $reason : $reason . " {$access_reason}";
$access_result->setReason($detailed_reason);
}
return $access_result;
}
}
return AccessResult::neutral();
}
}
public function access(Route $route, AccountInterface $account) {
$permission = $route->getRequirement('_permission');
if ($permission === NULL) {
return AccessResult::neutral();
}
// Allow to conjunct the permissions with OR ('+') or AND (','). $split = explode(',', $permission);
if (count($split) > 1) {
return AccessResult::allowedIfHasPermissions($account, $split, 'AND');
}
else {
$split = explode('+', $permission);
return AccessResult::allowedIfHasPermissions($account, $split, 'OR');
}
}
}
/** * Tests the method for checking access to routes. * * @dataProvider providerTestAccess */
public function testAccess($entity_bundle, $requirement, $access, $expected, $expect_permission_context = TRUE) {
// Set up the access result objects for allowing or denying access. $access_result = $access ? AccessResult::allowed()->cachePerPermissions() : AccessResult::neutral()->cachePerPermissions();
$expected_access_result = $expected ? AccessResult::allowed() : AccessResult::neutral();
if ($expect_permission_context) {
$expected_access_result->cachePerPermissions();
}
if (!$entity_bundle && !$expect_permission_context) {
$expected_access_result->setReason("Could not find '{bundle_argument}' request argument, therefore cannot check create access.");
}
// Don't expect a call to the access control handler when we have a bundle // argument requirement but no bundle is provided. if ($entity_bundle || !str_contains($requirement, '{')) {
public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account, $form_mode_name = 'default', $bundle = NULL) {
$access = AccessResult::neutral();
if ($entity_type_id = $route->getDefault('entity_type_id')) {
if (empty($bundle)) {
$entity_type = $this->entityTypeManager->getDefinition($entity_type_id);
$bundle = $route_match->getRawParameter($entity_type->getBundleEntityType());
}
$visibility = FALSE;
if ($form_mode_name == 'default') {
$visibility = TRUE;
}
elseif ($entity_display = $this->entityTypeManager->getStorage('entity_form_display')->load($entity_type_id . '.' . $bundle . '.' . $form_mode_name)) {
protected function processAccessHookResults(array $access) {
// No results means no opinion. if (empty($access)) {
return AccessResult::neutral();
}
/** @var \Drupal\Core\Access\AccessResultInterface $result */
$result = array_shift($access);
foreach ($access as $other) {
$result = $result->orIf($other);
}
return $result;
}
/** * Performs access checks. * * This method is supposed to be overwritten by extending classes that * do their own custom access checking. * * @param \Drupal\Core\Entity\EntityInterface $entity * The entity for which to check access. * @param string $operation * The entity operation. Usually one of 'view', 'view label', 'update' or * 'delete'. * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. */
protected $neutral;
/** * {@inheritdoc} */
protected function setUp(): void {
parent::setUp();
$this->account = $this->prophesize(AccountInterface::class)->reveal();
$this->forbidden = $this->createAccessibleDouble(AccessResult::forbidden('Because I said so'));
$this->neutral = $this->createAccessibleDouble(AccessResult::neutral('I have no opinion'));
}
/** * Tests that the previous dependency is replaced when using set. * * @covers ::setAccessDependency * * @dataProvider providerTestSetFirst */
public function testSetAccessDependency($use_set_first) {
$testRefinable = new RefinableDependentAccessTraitTestClass();
$prophecy->getBundleOf()
->willReturn('entity_type');
$bundle_type = $prophecy->reveal();
$prophecy = $this->prophesize(EntityInterface::class);
$prophecy->getEntityType()
->willReturn($bundle_type);
$prophecy->getConfigDependencyName()
->willReturn('node.type.article');
$bundle = $prophecy->reveal();
$access_actual = $bundle_form->access($route, $route_match, $bundle);
$this->assertEquals($found ? AccessResult::allowed() : AccessResult::neutral(), $access_actual);
}
/** * Provides data for the testPermissionsByProvider method. * * @return array */
public function providerTestPermissionsByProvider() {
return [
'direct dependency' => ['node.type.article', TRUE],
'indirect dependency' => ['core.entity_view_display.node.article.full', TRUE],
->willReturn('entity_type');
$bundle_type = $prophecy->reveal();
$prophecy = $this->prophesize(EntityInterface::class);
$prophecy->getEntityType()
->willReturn($bundle_type);
$prophecy->getConfigDependencyName()
->willReturn('node.type.article');
$bundle = $prophecy->reveal();
$access_actual = $bundle_form->access($route, $route_match, $bundle);
$this->assertEquals($found ? AccessResult::allowed() : AccessResult::neutral(), $access_actual);
}
/** * Provides data for the testPermissionsByProvider method. * * @return array */
public function providerTestPermissionsByProvider() {
return [
'direct dependency' => ['node.type.article', TRUE],
'indirect dependency' => ['core.entity_view_display.node.article.full', TRUE],
$revision_permission_operation, $entity_operation] = static::REVISION_OPERATION_MAP[$operation] ?? [
NULL,
NULL,
];
// Revision operations. if ($revision_permission_operation) {
$bundle = $node->bundle();
// If user doesn't have any of these then quit. if (!$account->hasPermission("$revision_permission_operation all revisions") && !$account->hasPermission("$revision_permission_operation $bundle revisions") && !$account->hasPermission('administer nodes')) {
return AccessResult::neutral()->cachePerPermissions();
}
// If the user has the view all revisions permission and this is the view // all revisions operation then we can allow access. if ($operation === 'view all revisions') {
return AccessResult::allowed()->cachePerPermissions();
}
// If this is the default revision, return access denied for revert or // delete operations. if ($node->isDefaultRevision() && ($operation === 'revert revision' || $operation === 'delete revision')) {
NULL,
NULL,
];
// Revision operations. if ($revision_permission_operation) {
$bundle = $node->bundle();
// If user doesn't have any of these then quit. if (!$account->hasPermission("$revision_permission_operation all revisions") && !$account->hasPermission("$revision_permission_operation $bundle revisions") && !$account->hasPermission('administer nodes')) {
return AccessResult::neutral()->cachePerPermissions();
}
// If the user has the view all revisions permission and this is the view // all revisions operation then we can allow access. if ($operation === 'view all revisions') {
return AccessResult::allowed()->cachePerPermissions();
}
// If this is the default revision, return access denied for revert or // delete operations. if ($node->isDefaultRevision() && ($operation === 'revert revision' || $operation === 'delete revision')) {
public function access(AccountInterface $account, $entity_type_id) {
if (!$this->requestStack->getCurrentRequest()->hasSession()) {
return AccessResult::neutral();
}
$selection = $this->tempStore->get($account->id() . ':' . $entity_type_id);
if (empty($selection) || !is_array($selection)) {
return AccessResult::neutral();
}
$entities = $this->entityTypeManager->getStorage($entity_type_id)->loadMultiple(array_keys($selection));
foreach ($entities as $entity) {
// As long as the user has access to delete one entity allow access to the // delete form. Access will be checked again in // Drupal\Core\Entity\Form\DeleteMultipleForm::submit() in case it has
public function testCheck() {
$route_matches = [];
// Construct route match objects. foreach ($this->routeCollection->all() as $route_name => $route) {
$route_matches[$route_name] = new RouteMatch($route_name, $route, [], []);
}
// Check route access without any access checker defined yet. foreach ($route_matches as $route_match) {
$this->assertEquals(FALSE, $this->accessManager->check($route_match, $this->account));
$this->assertEquals(AccessResult::neutral(), $this->accessManager->check($route_match, $this->account, NULL, TRUE));
}
$this->setupAccessChecker();
// An access checker got setup, but the routes haven't been setup using // setChecks. foreach ($route_matches as $route_match) {
$this->assertEquals(FALSE, $this->accessManager->check($route_match, $this->account));
$this->assertEquals(AccessResult::neutral(), $this->accessManager->check($route_match, $this->account, NULL, TRUE));
}
$route_matches = [];
// Construct route match objects. foreach ($this->routeCollection->all() as $route_name => $route) {
$route_matches[$route_name] = new RouteMatch($route_name, $route, [], []);
}
// Check route access without any access checker defined yet. foreach ($route_matches as $route_match) {
$this->assertEquals(FALSE, $this->accessManager->check($route_match, $this->account));
$this->assertEquals(AccessResult::neutral(), $this->accessManager->check($route_match, $this->account, NULL, TRUE));
}
$this->setupAccessChecker();
// An access checker got setup, but the routes haven't been setup using // setChecks. foreach ($route_matches as $route_match) {
$this->assertEquals(FALSE, $this->accessManager->check($route_match, $this->account));
$this->assertEquals(AccessResult::neutral(), $this->accessManager->check($route_match, $this->account, NULL, TRUE));
}
->addCacheableDependency($entity);
if (!$access_result->isAllowed()) {
$access_result->setReason("The 'access content' permission is required and the taxonomy term must be published.");
}
return $access_result;
case 'update':
if ($account->hasPermission("edit terms in {$entity->bundle()}")) {
return AccessResult::allowed()->cachePerPermissions();
}
return AccessResult::neutral()->setReason("The following permissions are required: 'edit terms in {$entity->bundle()}' OR 'administer taxonomy'.");
case 'delete':
if ($account->hasPermission("delete terms in {$entity->bundle()}")) {
return AccessResult::allowed()->cachePerPermissions();
}
return AccessResult::neutral()->setReason("The following permissions are required: 'delete terms in {$entity->bundle()}' OR 'administer taxonomy'.");
default:
// No opinion. return AccessResult::neutral()->cachePerPermissions();
}
if (!$access_result->isAllowed()) {
$access_result->setReason("The 'access content' permission is required and the taxonomy term must be published.");
}
return $access_result;
case 'update':
if ($account->hasPermission("edit terms in {$entity->bundle()}")) {
return AccessResult::allowed()->cachePerPermissions();
}
return AccessResult::neutral()->setReason("The following permissions are required: 'edit terms in {$entity->bundle()}' OR 'administer taxonomy'.");
case 'delete':
if ($account->hasPermission("delete terms in {$entity->bundle()}")) {
return AccessResult::allowed()->cachePerPermissions();
}
return AccessResult::neutral()->setReason("The following permissions are required: 'delete terms in {$entity->bundle()}' OR 'administer taxonomy'.");
default:
// No opinion. return AccessResult::neutral()->cachePerPermissions();
}
$entity_type, $bundle] = explode(':', $route->getRequirement($this->requirementsKey) . ':');
// The bundle argument can contain request argument placeholders like // {name}, loop over the raw variables and attempt to replace them in the // bundle name. If a placeholder does not exist, it won't get replaced. if ($bundle && str_contains($bundle, '{')) {
foreach ($route_match->getRawParameters()->all() as $name => $value) {
$bundle = str_replace('{' . $name . '}', $value, $bundle);
}
// If we were unable to replace all placeholders, deny access. if (str_contains($bundle, '{')) {
return AccessResult::neutral(sprintf("Could not find '%s' request argument, therefore cannot check create access.", $bundle));
}
}
return $this->entityTypeManager->getAccessControlHandler($entity_type)->createAccess($bundle, $account, [], TRUE);
}
}
// The bundle argument can contain request argument placeholders like // {name}, loop over the raw variables and attempt to replace them in the // bundle name. If a placeholder does not exist, it won't get replaced. if ($bundle && str_contains($bundle, '{')) {
foreach ($route_match->getRawParameters()->all() as $name => $value) {
$bundle = str_replace('{' . $name . '}', $value, $bundle);
}
// If we were unable to replace all placeholders, deny access. if (str_contains($bundle, '{')) {
return AccessResult::neutral(sprintf("Could not find '%s' request argument, therefore cannot check create access.", $bundle));
}
}
return $this->entityTypeManager->getAccessControlHandler($entity_type)->createAccess($bundle, $account, [], TRUE);
}
}