hasReadAccess($resourceUri); if ( $this->hasReadAccessByContext(taoItems_actions_ItemContent::class, 'previewAsset') && $hasReadAccess ) { $data[self::DATA_PERMISSIONS][] = self::PERMISSION_PREVIEW; } if ( $this->hasReadAccessByContext(taoItems_actions_ItemContent::class, 'downloadAsset') && $hasReadAccess ) { $data[self::DATA_PERMISSIONS][] = self::PERMISSION_DOWNLOAD; } $hasWriteAccess = $this->hasWriteAccess($resourceUri); if ( $this->hasWriteAccessByContext(taoItems_actions_ItemContent::class, 'deleteAsset') && $hasWriteAccess ) { $data[self::DATA_PERMISSIONS][] = self::PERMISSION_DELETE; } if ( $this->hasWriteAccessByContext(taoItems_actions_ItemContent::class, 'uploadAsset') && $hasWriteAccess ) { $data[self::DATA_PERMISSIONS][] = self::PERMISSION_UPLOAD; } return $data; } protected function hasReadAccess(string $uri): bool { return parent::hasReadAccess($uri) && $this->hasReadAccessByContext(taoItems_actions_ItemContent::class, 'viewAsset'); } protected function hasWriteAccess(string $uri): bool { $canDelete = $this->hasWriteAccessByContext( taoItems_actions_ItemContent::class, 'deleteAsset' ); $canUpload = $this->hasWriteAccessByContext( taoItems_actions_ItemContent::class, 'uploadAsset' ); return parent::hasWriteAccess($uri) && ($canDelete || $canUpload); } private function getActionAccessControl(): ActionAccessControl { if (!isset($this->actionAccessControl)) { $this->actionAccessControl = $this->getServiceLocator()->get(ActionAccessControl::SERVICE_ID); } return $this->actionAccessControl; } private function hasReadAccessByContext(string $controller, string $action): bool { return $this->getActionAccessControl()->contextHasReadAccess( new Context([ Context::PARAM_CONTROLLER => $controller, Context::PARAM_ACTION => $action, ]) ); } private function hasWriteAccessByContext(string $controller, string $action): bool { return $this->getActionAccessControl()->contextHasWriteAccess( new Context([ Context::PARAM_CONTROLLER => $controller, Context::PARAM_ACTION => $action, ]) ); } }