Issue #3252558: Add back proper _entity_access requirements after 9.2 is EOL

src/Access/RevisionCheck.php

@@ -3,8 +3,10 @@
 namespace Drupal\workflow_participants\Access;
 
 use Drupal\Core\Access\AccessResult;
+use Drupal\Core\Entity\EntityAccessCheck;
 use Drupal\Core\Entity\EntityTypeManagerInterface;
 use Drupal\Core\Routing\Access\AccessInterface;
+use Drupal\Core\Routing\RouteMatchInterface;
 use Drupal\Core\Session\AccountInterface;
 use Drupal\node\Access\NodeRevisionAccessCheck;
 use Drupal\node\NodeInterface;
@@ -16,11 +18,18 @@ use Symfony\Component\Routing\Route;
 class RevisionCheck implements AccessInterface {
 
   /**
-   * The node revision access checker service.
+   * Entity access permissions that are handled by this access checker.
    *
-   * @var \Drupal\node\Access\NodeRevisionAccessCheck
+   * @var String[]
    */
-  protected $nodeRevisionAccess;
+  const REVISION_PERMISSIONS = ['node.view all revisions', 'node_revision.view revision'];
+
+  /**
+   * The entity access checker service.
+   *
+   * @var \Drupal\Core\Entity\EntityAccessCheck
+   */
+  protected $entityAccessCheck;
 
   /**
    * The node storage.
@@ -41,11 +50,11 @@ class RevisionCheck implements AccessInterface {
    *
    * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
    *   The entity type manager service.
-   * @param \Drupal\node\Access\NodeRevisionAccessCheck $node_revision_check
+   * @param \Drupal\Core\Entity\EntityAccessCheck $entity_access_check
    *   The default node revision access checker.
    */
-  public function __construct(EntityTypeManagerInterface $entity_type_manager, NodeRevisionAccessCheck $node_revision_check) {
-    $this->nodeRevisionAccess = $node_revision_check;
+  public function __construct(EntityTypeManagerInterface $entity_type_manager, EntityAccessCheck $entity_access_check) {
+    $this->entityAccessCheck = $entity_access_check;
     $this->nodeStorage = $entity_type_manager->getStorage('node');
     $this->participantStorage = $entity_type_manager->getStorage('workflow_participants');
   }
@@ -55,11 +64,10 @@ class RevisionCheck implements AccessInterface {
    *
    * @param \Symfony\Component\Routing\Route $route
    *   The route to check against.
+   * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
+   *   The route match.
    * @param \Drupal\Core\Session\AccountInterface $account
    *   The currently logged in account.
-   * @param int $node_revision
-   *   (optional) The node revision ID. If not specified, but $node is, access
-   *   is checked for that object's revision.
    * @param \Drupal\node\NodeInterface $node
    *   (optional) A node object. Used for checking access to a node's default
    *   revision when $node_revision is unspecified. Ignored when $node_revision
@@ -69,27 +77,22 @@ class RevisionCheck implements AccessInterface {
    * @return \Drupal\Core\Access\AccessResultInterface
    *   The access result.
    */
-  public function access(Route $route, AccountInterface $account, $node_revision = NULL, NodeInterface $node = NULL) {
-    if ($node_revision) {
-      $node = $this->nodeStorage->loadRevision($node_revision);
-    }
+  public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account, NodeInterface $node = NULL) {
     $operation = $route->getRequirement('_workflow_participants_revision');
     $participants = $this->participantStorage->loadForModeratedEntity($node);
 
-    // Since the default node access check has been removed, it is added here
+    // Since the default entity access check has been removed, it is added here
     // for the access checker to verify.
-    // @see \Drupal\node\Access\NodeRevisionAccessCheck::access()
-    // @todo Add proper entity access checks once 9.2 is no longer supported.
-    // @see https://www.drupal.org/project/workflow_participants/issues/3252558
-    $route->setRequirement('_access_node_revision', $operation);
+    // @see \Drupal\workflow_participants\Routing\RouteSubscriber::applyRevisionsCheck()
+    $route->setRequirement('_entity_access', $operation);
 
-    return $this->nodeRevisionAccess->access($route, $account, $node_revision, $node)
+    return $this->entityAccessCheck->access($route, $route_match, $account)
       ->orIf(
         AccessResult::allowedIf(
           $node
           // There should be at least 2 revisions.
           && ($this->nodeStorage->countDefaultLanguageRevisions($node) > 1)
-          && ($operation === 'view')
+          && in_array($operation, static::REVISION_PERMISSIONS)
           && ($participants->isEditor($account) || $participants->isReviewer($account))
         ))->addCacheableDependency($participants);
   }