3 namespace Drupal\entity;
5 use Drupal\Core\Entity\ContentEntityTypeInterface;
6 use Drupal\Core\Entity\EntityHandlerInterface;
7 use Drupal\Core\Entity\EntityTypeBundleInfoInterface;
8 use Drupal\Core\Entity\EntityTypeInterface;
9 use Drupal\Core\StringTranslation\StringTranslationTrait;
10 use Drupal\user\EntityOwnerInterface;
11 use Symfony\Component\DependencyInjection\ContainerInterface;
14 * Provides generic entity permissions.
16 * Supports both entity_type and bundle granularities.
17 * Supports entity ownership (own/any permissions).
19 * Intended for content entity types, since config entity types usually rely
20 * on a single "administer" permission.
24 * "access" = "Drupal\entity\EntityAccessControlHandler",
25 * "permission_provider" = "Drupal\entity\EntityPermissionProvider",
29 * @see \Drupal\entity\EntityAccessControlHandler
30 * @see \Drupal\entity\EntityPermissions
32 class EntityPermissionProvider implements EntityPermissionProviderInterface, EntityHandlerInterface {
34 use StringTranslationTrait;
37 * The entity type bundle info.
39 * @var \Drupal\Core\Entity\EntityTypeBundleInfoInterface
41 protected $entityTypeBundleInfo;
44 * Constructs a new EntityPermissionProvider object.
46 * @param \Drupal\Core\Entity\EntityTypeBundleInfoInterface $entity_type_bundle_info
47 * The entity type bundle info.
49 public function __construct(EntityTypeBundleInfoInterface $entity_type_bundle_info) {
50 $this->entityTypeBundleInfo = $entity_type_bundle_info;
56 public static function createInstance(ContainerInterface $container, EntityTypeInterface $entity_type) {
58 $container->get('entity_type.bundle.info')
65 public function buildPermissions(EntityTypeInterface $entity_type) {
66 $entity_type_id = $entity_type->id();
67 $has_owner = $entity_type->isSubclassOf(EntityOwnerInterface::class);
68 $singular_label = $entity_type->getSingularLabel();
69 $plural_label = $entity_type->getPluralLabel();
72 $permissions["administer {$entity_type_id}"] = [
73 'title' => $this->t('Administer @type', ['@type' => $plural_label]),
74 'restrict access' => TRUE,
76 $permissions["access {$entity_type_id} overview"] = [
77 'title' => $this->t('Access the @type overview page', ['@type' => $plural_label]),
79 // View permissions are the same for both granularities.
81 $permissions["view any {$entity_type_id}"] = [
82 'title' => $this->t('View any @type', [
83 '@type' => $singular_label,
86 $permissions["view own {$entity_type_id}"] = [
87 'title' => $this->t('View own @type', [
88 '@type' => $plural_label,
93 $permissions["view {$entity_type_id}"] = [
94 'title' => $this->t('View @type', [
95 '@type' => $plural_label,
99 // Generate the other permissions based on granularity.
100 if ($entity_type->getPermissionGranularity() == 'entity_type') {
101 $permissions += $this->buildEntityTypePermissions($entity_type);
104 $permissions += $this->buildBundlePermissions($entity_type);
107 foreach ($permissions as $name => $permission) {
108 // Permissions are grouped by provider on admin/people/permissions.
109 $permissions[$name]['provider'] = $entity_type->getProvider();
110 // TranslatableMarkup objects don't sort properly.
111 $permissions[$name]['title'] = (string) $permission['title'];
118 * Builds permissions for the entity_type granularity.
120 * @param \Drupal\Core\Entity\EntityTypeInterface $entity_type
126 protected function buildEntityTypePermissions(EntityTypeInterface $entity_type) {
127 $entity_type_id = $entity_type->id();
128 $has_owner = $entity_type->isSubclassOf(EntityOwnerInterface::class);
129 $singular_label = $entity_type->getSingularLabel();
130 $plural_label = $entity_type->getPluralLabel();
133 $permissions["create {$entity_type_id}"] = [
134 'title' => $this->t('Create @type', [
135 '@type' => $plural_label,
139 $permissions["update any {$entity_type_id}"] = [
140 'title' => $this->t('Update any @type', [
141 '@type' => $singular_label,
144 $permissions["update own {$entity_type_id}"] = [
145 'title' => $this->t('Update own @type', [
146 '@type' => $plural_label,
149 $permissions["delete any {$entity_type_id}"] = [
150 'title' => $this->t('Delete any @type', [
151 '@type' => $singular_label,
154 $permissions["delete own {$entity_type_id}"] = [
155 'title' => $this->t('Delete own @type', [
156 '@type' => $plural_label,
161 $permissions["update {$entity_type_id}"] = [
162 'title' => $this->t('Update @type', [
163 '@type' => $plural_label,
166 $permissions["delete {$entity_type_id}"] = [
167 'title' => $this->t('Delete @type', [
168 '@type' => $plural_label,
177 * Builds permissions for the bundle granularity.
179 * @param \Drupal\Core\Entity\EntityTypeInterface $entity_type
185 protected function buildBundlePermissions(EntityTypeInterface $entity_type) {
186 $entity_type_id = $entity_type->id();
187 $bundles = $this->entityTypeBundleInfo->getBundleInfo($entity_type_id);
188 $has_owner = $entity_type->isSubclassOf(EntityOwnerInterface::class);
189 $singular_label = $entity_type->getSingularLabel();
190 $plural_label = $entity_type->getPluralLabel();
193 foreach ($bundles as $bundle_name => $bundle_info) {
194 $permissions["create {$bundle_name} {$entity_type_id}"] = [
195 'title' => $this->t('@bundle: Create @type', [
196 '@bundle' => $bundle_info['label'],
197 '@type' => $plural_label,
202 $permissions["update any {$bundle_name} {$entity_type_id}"] = [
203 'title' => $this->t('@bundle: Update any @type', [
204 '@bundle' => $bundle_info['label'],
205 '@type' => $singular_label,
208 $permissions["update own {$bundle_name} {$entity_type_id}"] = [
209 'title' => $this->t('@bundle: Update own @type', [
210 '@bundle' => $bundle_info['label'],
211 '@type' => $plural_label,
214 $permissions["delete any {$bundle_name} {$entity_type_id}"] = [
215 'title' => $this->t('@bundle: Delete any @type', [
216 '@bundle' => $bundle_info['label'],
217 '@type' => $singular_label,
220 $permissions["delete own {$bundle_name} {$entity_type_id}"] = [
221 'title' => $this->t('@bundle: Delete own @type', [
222 '@bundle' => $bundle_info['label'],
223 '@type' => $plural_label,
228 $permissions["update {$bundle_name} {$entity_type_id}"] = [
229 'title' => $this->t('@bundle: Update @type', [
230 '@bundle' => $bundle_info['label'],
231 '@type' => $plural_label,
234 $permissions["delete {$bundle_name} {$entity_type_id}"] = [
235 'title' => $this->t('@bundle: Delete @type', [
236 '@bundle' => $bundle_info['label'],
237 '@type' => $plural_label,