prepareUser example


  public function __construct(EntityTypeInterface $entity_type) {
    $this->entityTypeId = $entity_type->id();
    $this->entityType = $entity_type;
  }

  /** * {@inheritdoc} */
  public function access(EntityInterface $entity$operation, AccountInterface $account = NULL, $return_as_object = FALSE) {
    $account = $this->prepareUser($account);
    $langcode = $entity->language()->getId();

    if ($operation === 'view label' && $this->viewLabelOperation == FALSE) {
      $operation = 'view';
    }

    // If an entity does not have a UUID, either from not being set or from not     // having them, use the 'entity type:ID' pattern as the cache $cid.     $cid = $entity->uuid() ?: $entity->getEntityTypeId() . ':' . $entity->id();

    // If the entity is revisionable, then append the revision ID to allow
return new static(
      $entity_type,
      $container->get('node.grant_storage'),
      $container->get('entity_type.manager')
    );
  }

  /** * {@inheritdoc} */
  public function access(EntityInterface $entity$operation, AccountInterface $account = NULL, $return_as_object = FALSE) {
    $account = $this->prepareUser($account);

    // Only bypass if not a revision operation, to retain compatibility.     if ($account->hasPermission('bypass node access') && !isset(static::REVISION_OPERATION_MAP[$operation])) {
      $result = AccessResult::allowed()->cachePerPermissions();
      return $return_as_object ? $result : $result->isAllowed();
    }
    if (!$account->hasPermission('access content')) {
      $result = AccessResult::forbidden("The 'access content' permission is required.")->cachePerPermissions();
      return $return_as_object ? $result : $result->isAllowed();
    }
    $result = parent::access($entity$operation$account, TRUE)->cachePerPermissions();

    
          $allowed_fids = \Drupal::service('session')->get('anonymous_allowed_file_ids', []);
          if (!empty($allowed_fids[$entity->id()])) {
            return AccessResult::allowed()->addCacheContexts(['session', 'user']);
          }
        }
        else {
          return AccessResult::allowed()->addCacheContexts(['user']);
        }
      }
    }
    elseif ($operation == 'update') {
      $account = $this->prepareUser($account);
      $file_uid = $entity->get('uid')->getValue();
      // Only the file owner can update the file entity.       if (isset($file_uid[0]['target_id']) && $account->id() == $file_uid[0]['target_id']) {
        return AccessResult::allowed();
      }
      return AccessResult::forbidden('Only the file owner can update the file entity.');
    }
    elseif ($operation == 'delete') {
      $access = AccessResult::allowedIfHasPermission($account, 'delete any file');
      if (!$access->isAllowed() && $account->hasPermission('delete own files')) {
        $access = $access->orIf(AccessResult::allowedIf($account->id() == $entity->getOwnerId()))->cachePerUser()->addCacheableDependency($entity);
      }
Home | Imprint | This part of the site doesn't use cookies.