// need to be done before the hook is invoked should do so by overriding
// this method.
// We grant access to the entity if both of these conditions are met:
// - No modules say to deny access.
// - At least one module says to grant access.
$access =
array_merge( $this->
moduleHandler()->
invokeAll('entity_access',
[$entity,
$operation,
$account]),
$this->
moduleHandler()->
invokeAll($entity->
getEntityTypeId() . '_access',
[$entity,
$operation,
$account]) );
$return =
$this->
processAccessHookResults($access);
// Also execute the default access check except when the access result is
// already forbidden, as in that case, it can not be anything else.
if (!
$return->
isForbidden()) { $return =
$return->
orIf($this->
checkAccess($entity,
$operation,
$account));
} $result =
$this->
setCache($return,
$cid,
$operation,
$langcode,
$account);
return $return_as_object ?
$result :
$result->
isAllowed();
} /**
* Determines entity access.
*
* We grant access to the entity if both of these conditions are met:
* - No modules say to deny access.
* - At least one module says to grant access.
*
* @param \Drupal\Core\Access\AccessResultInterface[] $access
* An array of access results of the fired access hook.
*
* @return \Drupal\Core\Access\AccessResultInterface
* The combined result of the various access checks' results. All their
* cacheability metadata is merged as well.
*
* @see \Drupal\Core\Access\AccessResultInterface::orIf()
*/