cloud-8.x-2.0-beta1/modules/cloud_service_providers/aws_cloud/src/Controller/Ec2/ElasticIpAccessControlHandler.php
modules/cloud_service_providers/aws_cloud/src/Controller/Ec2/ElasticIpAccessControlHandler.php
<?php
namespace Drupal\aws_cloud\Controller\Ec2;
use Drupal\Core\Entity\EntityAccessControlHandler;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\Core\Access\AccessResult;
use Drupal\cloud\Traits\AccessCheckTrait;
/**
* Access controller for the ElasticIp entity.
*
* @see \Drupal\aws_cloud\Entity\Ec2\ElasticIp\Entity\ElasticIp.
*/
class ElasticIpAccessControlHandler extends EntityAccessControlHandler {
use AccessCheckTrait;
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
switch ($operation) {
case 'view':
return $this->allowedIfCanAccessCloudConfigWithOwner(
$entity,
$account,
'view own aws cloud elastic ip',
'view any aws cloud elastic ip'
);
case 'update':
case 'edit':
return $this->allowedIfCanAccessCloudConfigWithOwner(
$entity,
$account,
'edit own aws cloud elastic ip',
'edit any aws cloud elastic ip'
);
case 'delete':
if ($entity->getAssociationId() == NULL) {
return $this->allowedIfCanAccessCloudConfigWithOwner(
$entity,
$account,
'delete own aws cloud elastic ip',
'delete any aws cloud elastic ip'
);
}
break;
case 'associate':
if ($entity->getAssociationId() == NULL) {
return $this->allowedIfCanAccessCloudConfigWithOwner(
$entity,
$account,
'edit own aws cloud elastic ip',
'edit any aws cloud elastic ip'
);
}
break;
case 'disassociate':
if ($entity->getAssociationId() != NULL) {
return $this->allowedIfCanAccessCloudConfigWithOwner(
$entity,
$account,
'edit own aws cloud elastic ip',
'edit any aws cloud elastic ip'
);
}
break;
}
// Unknown operation, no opinion.
return AccessResult::neutral();
}
}
