3 namespace Drupal\Core\Entity;
5 use Drupal\Core\Field\FieldItemListInterface;
6 use Drupal\Core\Extension\ModuleHandlerInterface;
7 use Drupal\Core\Field\FieldDefinitionInterface;
8 use Drupal\Core\Session\AccountInterface;
11 * Defines an interface for entity access control handlers.
13 interface EntityAccessControlHandlerInterface {
16 * Checks access to an operation on a given entity or entity translation.
18 * Use \Drupal\Core\Entity\EntityAccessControlHandlerInterface::createAccess()
19 * to check access to create an entity.
21 * @param \Drupal\Core\Entity\EntityInterface $entity
22 * The entity for which to check access.
23 * @param string $operation
24 * The operation access should be checked for.
25 * Usually one of "view", "view label", "update" or "delete".
26 * @param \Drupal\Core\Session\AccountInterface $account
27 * (optional) The user session for which to check access, or NULL to check
28 * access for the current user. Defaults to NULL.
29 * @param bool $return_as_object
30 * (optional) Defaults to FALSE.
32 * @return bool|\Drupal\Core\Access\AccessResultInterface
33 * The access result. Returns a boolean if $return_as_object is FALSE (this
34 * is the default) and otherwise an AccessResultInterface object.
35 * When a boolean is returned, the result of AccessInterface::isAllowed() is
36 * returned, i.e. TRUE means access is explicitly allowed, FALSE means
37 * access is either explicitly forbidden or "no opinion".
39 public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE);
42 * Checks access to create an entity.
44 * @param string $entity_bundle
45 * (optional) The bundle of the entity. Required if the entity supports
46 * bundles, defaults to NULL otherwise.
47 * @param \Drupal\Core\Session\AccountInterface $account
48 * (optional) The user session for which to check access, or NULL to check
49 * access for the current user. Defaults to NULL.
50 * @param array $context
51 * (optional) An array of key-value pairs to pass additional context when
53 * @param bool $return_as_object
54 * (optional) Defaults to FALSE.
56 * @return bool|\Drupal\Core\Access\AccessResultInterface
57 * The access result. Returns a boolean if $return_as_object is FALSE (this
58 * is the default) and otherwise an AccessResultInterface object.
59 * When a boolean is returned, the result of AccessInterface::isAllowed() is
60 * returned, i.e. TRUE means access is explicitly allowed, FALSE means
61 * access is either explicitly forbidden or "no opinion".
63 public function createAccess($entity_bundle = NULL, AccountInterface $account = NULL, array $context = [], $return_as_object = FALSE);
66 * Clears all cached access checks.
68 public function resetCache();
71 * Sets the module handler for this access control handler.
73 * @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
78 public function setModuleHandler(ModuleHandlerInterface $module_handler);
81 * Checks access to an operation on a given entity field.
83 * This method does not determine whether access is granted to the entity
84 * itself, only the specific field. Callers are responsible for ensuring that
85 * entity access is also respected, for example by using
86 * \Drupal\Core\Entity\EntityAccessControlHandlerInterface::access().
88 * @param string $operation
89 * The operation access should be checked for.
90 * Usually one of "view" or "edit".
91 * @param \Drupal\Core\Field\FieldDefinitionInterface $field_definition
92 * The field definition.
93 * @param \Drupal\Core\Session\AccountInterface $account
94 * (optional) The user session for which to check access, or NULL to check
95 * access for the current user. Defaults to NULL.
96 * @param \Drupal\Core\Field\FieldItemListInterface $items
97 * (optional) The field values for which to check access, or NULL if access
98 * is checked for the field definition, without any specific value
99 * available. Defaults to NULL.
100 * @param bool $return_as_object
101 * (optional) Defaults to FALSE.
103 * @return bool|\Drupal\Core\Access\AccessResultInterface
104 * The access result. Returns a boolean if $return_as_object is FALSE (this
105 * is the default) and otherwise an AccessResultInterface object.
106 * When a boolean is returned, the result of AccessInterface::isAllowed() is
107 * returned, i.e. TRUE means access is explicitly allowed, FALSE means
108 * access is either explicitly forbidden or "no opinion".
110 * @see \Drupal\Core\Entity\EntityAccessControlHandlerInterface::access()
112 public function fieldAccess($operation, FieldDefinitionInterface $field_definition, AccountInterface $account = NULL, FieldItemListInterface $items = NULL, $return_as_object = FALSE);