Checks for access to route.
\Symfony\Component\Routing\Route $route: The route to check against.
\Symfony\Component\HttpFoundation\Request $request: The request object.
mixed TRUE if access is allowed. FALSE if not. NULL if no opinion.
Overrides AccessCheckInterface::access
public function access(Route $route, Request $request) {
// Requirements just allow strings, so this might be a comma separated list.
$rid_string = $route
->getRequirement('_role');
// @todo Replace the role check with a correctly injected and session-using
// alternative.
$account = $GLOBALS['user'];
$explode_and = array_filter(array_map('trim', explode('+', $rid_string)));
if (count($explode_and) > 1) {
$diff = array_diff($explode_and, $account->roles);
if (empty($diff)) {
return static::ALLOW;
}
}
else {
$explode_or = array_filter(array_map('trim', explode(',', $rid_string)));
$intersection = array_intersect($explode_or, $account->roles);
if (!empty($intersection)) {
return static::ALLOW;
}
}
// If there is no allowed role, return NULL to give other checks a chance.
return static::DENY;
}