X-Git-Url: http://aleph1.co.uk/gitweb/?a=blobdiff_plain;ds=sidebyside;f=web%2Fcore%2Fmodules%2Fquickedit%2Fsrc%2FAccess%2FEditEntityFieldAccessCheck.php;fp=web%2Fcore%2Fmodules%2Fquickedit%2Fsrc%2FAccess%2FEditEntityFieldAccessCheck.php;h=7b3883833c3409d4625599a9f8bc5e4949210a8d;hb=a2bd1bf0c2c1f1a17d188f4dc0726a45494cefae;hp=0000000000000000000000000000000000000000;hpb=57c063afa3f66b07c4bbddc2d6129a96d90f0aad;p=yaffs-website

diff --git a/web/core/modules/quickedit/src/Access/EditEntityFieldAccessCheck.php b/web/core/modules/quickedit/src/Access/EditEntityFieldAccessCheck.php
new file mode 100644
index 000000000..7b3883833
--- /dev/null
+++ b/web/core/modules/quickedit/src/Access/EditEntityFieldAccessCheck.php
@@ -0,0 +1,62 @@
+<?php
+
+namespace Drupal\quickedit\Access;
+
+use Drupal\Core\Access\AccessResult;
+use Drupal\Core\Routing\Access\AccessInterface;
+use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Entity\EntityInterface;
+
+/**
+ * Access check for editing entity fields.
+ */
+class EditEntityFieldAccessCheck implements AccessInterface, EditEntityFieldAccessCheckInterface {
+
+  /**
+   * Checks Quick Edit access to the field.
+   *
+   * @param \Drupal\Core\Entity\EntityInterface $entity
+   *   The entity containing the field.
+   * @param string $field_name
+   *   The field name.
+   * @param string $langcode
+   *   The langcode.
+   * @param \Drupal\Core\Session\AccountInterface $account
+   *   The currently logged in account.
+   *
+   * @return \Drupal\Core\Access\AccessResultInterface
+   *   The access result.
+   *
+   * @todo Use the $account argument: https://www.drupal.org/node/2266809.
+   */
+  public function access(EntityInterface $entity, $field_name, $langcode, AccountInterface $account) {
+    if (!$this->validateRequestAttributes($entity, $field_name, $langcode)) {
+      return AccessResult::forbidden();
+    }
+
+    return $this->accessEditEntityField($entity, $field_name);
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function accessEditEntityField(EntityInterface $entity, $field_name) {
+    return $entity->access('update', NULL, TRUE)->andIf($entity->get($field_name)->access('edit', NULL, TRUE));
+  }
+
+  /**
+   * Validates request attributes.
+   */
+  protected function validateRequestAttributes(EntityInterface $entity, $field_name, $langcode) {
+    // Validate the field name and language.
+    if (!$field_name || !$entity->hasField($field_name)) {
+      return FALSE;
+    }
+    if (!$langcode || !$entity->hasTranslation($langcode)) {
+      return FALSE;
+    }
+
+    return TRUE;
+  }
+
+}