diff --git a/core/lib/Drupal/Core/Entity/Entity.php b/core/lib/Drupal/Core/Entity/Entity.php index 785c81c..5e98001 100644 --- a/core/lib/Drupal/Core/Entity/Entity.php +++ b/core/lib/Drupal/Core/Entity/Entity.php @@ -257,10 +257,9 @@ public function getIterator() { * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ public function access($operation = 'view', \Drupal\user\Plugin\Core\Entity\User $account = NULL) { - $method = $operation . 'Access'; return drupal_container()->get('plugin.manager.entity') ->getAccessController($this->entityType) - ->$method($this, LANGUAGE_DEFAULT, $account); + ->access($this, $operation, LANGUAGE_DEFAULT, $account); } /** diff --git a/core/lib/Drupal/Core/Entity/EntityAccessController.php b/core/lib/Drupal/Core/Entity/EntityAccessController.php index 423281f..8664ab6 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessController.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessController.php @@ -22,55 +22,49 @@ class EntityAccessController implements EntityAccessControllerInterface { protected $accessCache = array(); /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). + * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::access(). + * + * This method provides result caching to prevent redundant computation. + * To utilize this, extending classes should not override access(), + * but instead implement the checkAccess() method as below. */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($access = $this->getCache($entity, 'view', $langcode, $account)) !== NULL) { + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + if (($access = $this->getCache($entity, $operation, $langcode, $account)) !== NULL) { + // Cache hit, no work necessary. return $access; } - $access = (bool) $this->access($entity, 'view', $langcode, $account); - return $this->setCache($access, $entity, 'view', $langcode, $account); - } + /* Invoke hook_entity_access(). + * Hook results take precedence over checkAccess(). + */ - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($access = $this->getCache($entity, 'create', $langcode, $account)) !== NULL) { - return $access; + // @todo Remove this once we can rely on $account. + if (!$account) { + $account = user_load($GLOBALS['user']->uid); } - $access = (bool) $this->access($entity, 'create', $langcode, $account); - return $this->setCache($access, $entity, 'create', $langcode, $account); - } + // We grant access to the entity if both of these conditions are met: + // - No modules say to deny access. + // - At least one module says to grant access. + $access = module_invoke_all($entity->entityType() . '_access', $entity, $operation, $account, $langcode); - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($access = $this->getCache($entity, 'update', $langcode, $account)) !== NULL) { - return $access; + if (in_array(FALSE, $access, TRUE)) { + return FALSE; } - - $access = (bool) $this->access($entity, 'update', $langcode, $account); - return $this->setCache($access, $entity, 'update', $langcode, $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($access = $this->getCache($entity, 'delete', $langcode, $account)) !== NULL) { - return $access; + elseif (in_array(TRUE, $access, TRUE)) { + return TRUE; } - $access = (bool) $this->access($entity, 'delete', $langcode, $account); - return $this->setCache($access, $entity, 'delete', $langcode, $account); + // No result from hook, so entity checks are done. + $access = (bool) $this->checkAccess($entity, $operation, $langcode, $account); + return $this->setCache($access, $entity, $operation, $langcode, $account); } /** - * Performs default, shared access checks. + * Performs access checks. + * + * This method is supposed to be overwritten by extending classes that + * do their own custom access checking. * * @param \Drupal\Core\Entity\EntityInterface $entity * The entity for which to check 'create' access. @@ -88,22 +82,8 @@ public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAU * TRUE if access was granted, FALSE if access was denied and NULL if access * could not be determined. */ - protected function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - // @todo Remove this once we can rely on $account. - if (!$account) { - $account = user_load($GLOBALS['user']->uid); - } - - // We grant access to the entity if both of these conditions are met: - // - No modules say to deny access. - // - At least one module says to grant access. - $access = module_invoke_all($entity->entityType() . '_access', $entity, $operation, $account, $langcode); - if (in_array(FALSE, $access, TRUE)) { - return FALSE; - } - elseif (in_array(TRUE, $access, TRUE)) { - return TRUE; - } + protected function checkAccess(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + return NULL; } /** diff --git a/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php b/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php index 66730f6..c998571 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php @@ -16,10 +16,13 @@ interface EntityAccessControllerInterface { /** - * Checks 'view' access for a given entity or entity translation. + * Check access to an operation on a given entity or entity translation. * * @param \Drupal\Core\Entity\EntityInterface $entity - * The entity for which to check 'view' access. + * The entity for which to check access. + * @param string $operation + * The operation acces should be checked for. + * Usually one of "view", "create", "update" or "delete". * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. @@ -30,61 +33,11 @@ * @return bool * TRUE if access was granted, FALSE otherwise. */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); - - /** - * Checks 'create' access for a given entity or entity translation. - * - * @param \Drupal\Core\Entity\EntityInterface $entity - * The entity for which to check 'create' access. - * @param string $langcode - * (optional) The language code for which to check access. Defaults to - * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. - * - * @return bool - * TRUE if access was granted, FALSE otherwise. - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); - - /** - * Checks 'update' access for a given entity or entity translation. - * - * @param \Drupal\Core\Entity\EntityInterface $entity - * The entity to check 'update' access. - * @param string $langcode - * (optional) The language code for which to check access. Defaults to - * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. - * - * @return bool - * TRUE if access was granted, FALSE otherwise. - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); - - /** - * Checks 'delete' access for a given entity or entity translation. - * - * @param \Drupal\Core\Entity\EntityInterface $entity - * The entity for which to check 'delete' access. - * @param string $langcode - * (optional) The language code for which to check access. Defaults to - * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. - * - * @return bool - * TRUE if access was granted, FALSE otherwise. - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL); /** * Clears all cached access checks. */ public function resetCache(); + } diff --git a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php index 014d54f..ffa6973 100644 --- a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php +++ b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php @@ -17,31 +17,18 @@ class CustomBlockAccessController extends EntityAccessController { /** - * Implements EntityAccessControllerInterface::viewAccess(). + * Overrides \Drupal\Core\Entity\EntityAccessControllerInterface::checkAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return TRUE; - } - - /** - * Implements EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer blocks', $account); - } - - /** - * Implements EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer blocks', $account); - } - - /** - * Implements EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer blocks', $account); + public function checkAccess(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + if ($operation === 'view') { + return TRUE; + } + elseif (in_array($operation, array('create', 'update', 'delete'))) { + return user_access('administer blocks', $account); + } + else { + return NULL; + } } } diff --git a/core/modules/block/lib/Drupal/block/BlockAccessController.php b/core/modules/block/lib/Drupal/block/BlockAccessController.php index 8e8a563..4476aac 100644 --- a/core/modules/block/lib/Drupal/block/BlockAccessController.php +++ b/core/modules/block/lib/Drupal/block/BlockAccessController.php @@ -17,10 +17,15 @@ class BlockAccessController extends EntityAccessController { /** - * Overrides \Drupal\Core\Entity\EntityAccessController::viewAccess(). + * Overrides \Drupal\Core\Entity\EntityAccessController::checkAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return $entity->getPlugin()->access(); + public function checkAccess(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + if ($operation === 'view') { + return $entity->getPlugin()->access(); + } + else { + return parent::checkAccess($entity, $operation, $langcode, $account); + } } } diff --git a/core/modules/node/lib/Drupal/node/NodeAccessController.php b/core/modules/node/lib/Drupal/node/NodeAccessController.php index 815c2ab..fbfe9e5 100644 --- a/core/modules/node/lib/Drupal/node/NodeAccessController.php +++ b/core/modules/node/lib/Drupal/node/NodeAccessController.php @@ -18,39 +18,23 @@ class NodeAccessController extends EntityAccessController { /** - * Overrides \Drupal\Core\Entity\EntityAccessController::viewAccess(). - */ - public function viewAccess(EntityInterface $node, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($cached = $this->getCache($node, 'view', $langcode, $account)) !== NULL ) { - return $cached; - } - - if (($access = $this->access($node, 'view', $langcode, $account)) !== NULL) { - return $this->setCache((bool) $access, $node, 'view', $langcode, $account); - }; - - // If no modules implement hook_node_grants(), the default behavior is to - // allow all users to view published nodes, so reflect that here. - $status = $node instanceof EntityNG ? $node->getTranslation($langcode, FALSE)->status->value : $node->status; - return $this->setCache($status, $node, 'view', $langcode, $account); - } - - /** * Overrides \Drupal\Core\Entity\EntityAccessController::access(). */ - protected function access(EntityInterface $node, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { if (user_access('bypass node access', $account)) { return TRUE; } + return parent::access($entity, $operation, $langcode, $account); + } + /** + * Overrides \Drupal\Core\Entity\EntityAccessController::checkAccess(). + */ + protected function checkAccess(EntityInterface $node, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { if (!user_access('access content', $account)) { return FALSE; } - if (($access = parent::access($node, $operation, $langcode, $account)) !== NULL) { - return (bool) $access; - }; - // Fetch information from the node object if possible. $status = isset($node->status) ? $node->status : NULL; $uid = isset($node->uid) ? $node->uid : NULL; @@ -60,12 +44,13 @@ protected function access(EntityInterface $node, $operation, $langcode = LANGUAG $uid = $node->getTranslation($langcode, FALSE)->uid->value; } + // @todo Remove this once we can rely on $account. + if (!$account) { + $account = user_load($GLOBALS['user']->uid); + } + // Check if authors can view their own unpublished nodes. - if ($operation == 'view' && !$status && user_access('view own unpublished content', $account)) { - // @todo Remove this once we can rely on $account. - if (!$account) { - $account = user_load($GLOBALS['user']->uid); - } + if ($operation === 'view' && !$status && user_access('view own unpublished content', $account)) { if ($account->id() != 0 && $account->id() == $uid) { return TRUE; @@ -75,14 +60,20 @@ protected function access(EntityInterface $node, $operation, $langcode = LANGUAG // If no module specified either allow or deny, we fall back to the // node_access table. if (($grants = $this->accessGrants($node, $operation, $langcode, $account)) !== NULL) { - return (bool) $grants; + return $grants; + } + + // If no modules implement hook_node_grants(), the default behavior is to + // allow all users to view published nodes, so reflect that here. + if ($operation === 'view') { + return $status; } } /** * Determines access to nodes based on node grants. * - * @param \Drupal\Core\Entity\EntityInterface $entity + * @param \Drupal\Core\Entity\EntityInterface $node * The entity for which to check 'create' access. * @param string $operation * The entity operation. Usually one of 'view', 'edit', 'create' or diff --git a/core/modules/node/node.module b/core/modules/node/node.module index 4c7392b..2c628d5 100644 --- a/core/modules/node/node.module +++ b/core/modules/node/node.module @@ -2530,8 +2530,7 @@ function node_access($op, $node, $account = NULL, $langcode = NULL) { $account = user_load($account->uid); } - $method = $op . 'Access'; - return entity_access_controller('node')->$method($node, $langcode, $account); + return entity_access_controller('node')->access($node, $op, $langcode, $account); } /** diff --git a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php index b9e9361..382f37c 100644 --- a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php +++ b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php @@ -17,34 +17,21 @@ class EntityTestAccessController extends EntityAccessController { /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). + * Overrides EntityAccessControllerInterface::checkAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if ($langcode != LANGUAGE_DEFAULT) { - return user_access('view test entity translations', $account); + public function checkAccess(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + if ($operation === 'view') { + if ($langcode != LANGUAGE_DEFAULT) { + return user_access('view test entity translations', $account); + } + return user_access('view test entity', $account); + } + elseif (in_array($operation, array('create', 'update', 'delete'))) { + return user_access('administer entity_test content', $account); + } + else { + return NULL; } - return user_access('view test entity', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer entity_test content', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer entity_test content', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer entity_test content', $account); } } diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php index c45aa02..05ad591 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php @@ -19,31 +19,32 @@ class TermAccessController extends EntityAccessController { /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). + * Overrides \Drupal\Core\Entity\EntityAccessControllerInterface::checkAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('access content', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access("update terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access("delete terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); + public function checkAccess(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + switch ($operation) { + case 'view': + $flag = user_access('access content', $account); + break; + + case 'create': + $flag = user_access('administer taxonomy', $account); + break; + + case 'update': + $flag = user_access("update terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); + break; + + case 'delete': + $flag = user_access("delete terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); + break; + + default: + $flag = NULL; + break; + } + + return $flag; } } diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php index b1ec119..b192ba1 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php @@ -19,30 +19,9 @@ class VocabularyAccessController extends EntityAccessController { /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). + * Overrides \Drupal\Core\Entity\EntityAccessControllerInterface::checkAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function checkAccess(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { return user_access('administer taxonomy', $account); } diff --git a/core/modules/user/lib/Drupal/user/UserAccessController.php b/core/modules/user/lib/Drupal/user/UserAccessController.php index 13b8c6b..eabf9b4 100644 --- a/core/modules/user/lib/Drupal/user/UserAccessController.php +++ b/core/modules/user/lib/Drupal/user/UserAccessController.php @@ -17,14 +17,51 @@ class UserAccessController extends EntityAccessController { /** - * Implements EntityAccessControllerInterface::viewAccess(). + * Overrides EntityAccessControllerInterface::checkAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - $uid = $entity->uid; + public function checkAccess(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { if (!$account) { - $account = $GLOBALS['user']; + $account = user_load($GLOBALS['user']->uid); + } + + switch ($operation) { + case 'view': + $access = $this->viewAccess($entity, $langcode, $account); + break; + + case 'create': + $access = user_access('administer users', $account); + break; + + case 'update': + // Users can always edit their own account. Users with the 'administer + // users' permission can edit any account except the anonymous account. + $access = (($account->uid == $entity->uid) || user_access('administer users', $account)) && $entity->uid > 0; + break; + + case 'delete': + // Users with 'cancel account' permission can cancel their own account, + // users with 'administer users' permission can cancel any account + // except the anonymous account. + $access = ((($account->uid == $entity->uid) && user_access('cancel account', $account)) || user_access('administer users', $account)) && $entity->uid > 0; + break; + + default: + $access = NULL; + break; } + return $access; + } + + /** + * Check view access. + * + * See EntityAccessControllerInterface::view() for parameters. + */ + protected function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + $uid = $entity->uid; + // Never allow access to view the anonymous user account. if ($uid) { // Admins can view all, users can view own profiles at all times. @@ -39,36 +76,4 @@ public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT return FALSE; } - /** - * Implements EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer users', $account); - } - - /** - * Implements EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (!$account) { - $account = $GLOBALS['user']; - } - // Users can always edit their own account. Users with the 'administer - // users' permission can edit any account except the anonymous account. - return (($account->uid == $entity->uid) || user_access('administer users', $account)) && $entity->uid > 0; - } - - /** - * Implements EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (!$account) { - $account = $GLOBALS['user']; - } - // Users with 'cancel account' permission can cancel their own account, - // users with 'administer users' permission can cancel any account except - // the anonymous account. - return ((($account->uid == $entity->uid) && user_access('cancel account', $account)) || user_access('administer users', $account)) && $entity->uid > 0; - } - }