drupal 9 custom access checking for routes

40

<?php

namespace Drupal\mymod\Access;

use Drupal\Core\Routing\Access\AccessInterface;
use Drupal\Core\Access\AccessResult;
use Drupal\mymod\StoreService;


class CardEditAccessChecker implements AccessInterface {
  // injected StoreService
  private $ss = NULL;
  
  public function __construct(StoreService $ss) {
    $this->ss = $ss;
  }
  
  public function access($product_id) {
    // marketplace manager can edit all...
    if ($this->ss->isMarketPlaceManager()) {
      return AccessResult::allowed();
    }
 
    // product owner can edit...
    if ($this->ss->ownsProduct($product_id)) {
      return AccessResult::allowed();
    }
    
    return AccessResult::forbidden();
  }
}

Comments

Submit
0 Comments