CommentAccessController.php 1.38 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11
<?php

/**
 * @file
 * Contains \Drupal\comment\CommentAccessController
 */

namespace Drupal\comment;

use Drupal\Core\Entity\EntityAccessController;
use Drupal\Core\Entity\EntityInterface;
12
use Drupal\Core\Session\AccountInterface;
13 14 15 16

/**
 * Access controller for the comment entity.
 *
17
 * @see \Drupal\comment\Entity\Comment.
18
 */
19
class CommentAccessController extends EntityAccessController {
20 21

  /**
22
   * {@inheritdoc}
23
   */
24
  protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
25
    /** @var \Drupal\Core\Entity\EntityInterface|\Drupal\user\EntityOwnerInterface $entity */
26 27 28 29 30 31
    switch ($operation) {
      case 'view':
        return user_access('access comments', $account);
        break;

      case 'update':
32
        return ($account->id() && $account->id() == $entity->getOwnerId() && $entity->status->value == CommentInterface::PUBLISHED && user_access('edit own comments', $account)) || user_access('administer comments', $account);
33 34 35 36 37 38 39 40 41
        break;

      case 'delete':
        return user_access('administer comments', $account);
        break;

      case 'approve':
        return user_access('administer comments', $account);
        break;
42 43 44
    }
  }

45 46 47 48 49 50 51
  /**
   * {@inheritdoc}
   */
  protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
    return user_access('post comments', $account);
  }

52
}