Added Event entity type.

modules/opencase_entities/src/OCEventAccessControlHandler.php

@@ -0,0 +1,116 @@
+<?php
+
+namespace Drupal\opencase_entities;
+
+use Drupal\Core\Entity\EntityAccessControlHandler;
+use Drupal\Core\Entity\EntityInterface;
+use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Access\AccessResult;
+
+/**
+ * Access controller for the Event entity.
+ *
+ * @see \Drupal\opencase_entities\Entity\OCEvent.
+ */
+class OCEventAccessControlHandler extends EntityAccessControlHandler {
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
+    /** @var \Drupal\opencase_entities\Entity\OCEventInterface $entity */
+
+    switch ($operation) {
+
+      case 'view':
+
+        if (!$entity->isPublished()) {
+          $permission = $this->checkOwn($entity, 'view unpublished', $account);
+          if (!empty($permission)) {
+            return AccessResult::allowed();
+          }
+
+          return AccessResult::allowedIfHasPermission($account, 'view unpublished event entities');
+        }
+
+        $permission = $this->checkOwn($entity, $operation, $account);
+        if (!empty($permission)) {
+          return AccessResult::allowed();
+        }
+
+        return AccessResult::allowedIfHasPermission($account, 'view published event entities');
+
+      case 'update':
+
+        $permission = $this->checkOwn($entity, $operation, $account);
+        if (!empty($permission)) {
+          return AccessResult::allowed();
+        }
+        return AccessResult::allowedIfHasPermission($account, 'edit event entities');
+
+      case 'delete':
+
+        $permission = $this->checkOwn($entity, $operation, $account);
+        if (!empty($permission)) {
+          return AccessResult::allowed();
+        }
+        return AccessResult::allowedIfHasPermission($account, 'delete event entities');
+    }
+
+    // Unknown operation, no opinion.
+    return AccessResult::neutral();
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
+    return AccessResult::allowedIfHasPermission($account, 'add event entities');
+  }
+
+  /**
+   * Test for given 'own' permission.
+   *
+   * @param \Drupal\Core\Entity\EntityInterface $entity
+   * @param $operation
+   * @param \Drupal\Core\Session\AccountInterface $account
+   *
+   * @return string|null
+   *   The permission string indicating it's allowed.
+   */
+  protected function checkOwn(EntityInterface $entity, $operation, AccountInterface $account) {
+    $status = $entity->isPublished();
+    $uid = $entity->getOwnerId();
+
+    $is_own = $account->isAuthenticated() && $account->id() == $uid;
+    if (!$is_own) {
+      return;
+    }
+
+    $bundle = $entity->bundle();
+
+    $ops = [
+      'create' => '%bundle add own %bundle entities',
+      'view unpublished' => '%bundle view own unpublished %bundle entities',
+      'view' => '%bundle view own entities',
+      'update' => '%bundle edit own entities',
+      'delete' => '%bundle delete own entities',
+    ];
+    $permission = strtr($ops[$operation], ['%bundle' => $bundle]);
+
+    if ($operation === 'view unpublished') {
+      if (!$status && $account->hasPermission($permission)) {
+        return $permission;
+      }
+      else {
+        return NULL;
+      }
+    }
+    if ($account->hasPermission($permission)) {
+      return $permission;
+    }
+
+    return NULL;
+  }
+
+}