public function RoleAccessCheck::access

Checks for access to route.

Parameters

\Symfony\Component\Routing\Route $route: The route to check against.

\Symfony\Component\HttpFoundation\Request $request: The request object.

Return value

mixed TRUE if access is allowed. FALSE if not. NULL if no opinion.

Overrides AccessCheckInterface::access

File

drupal/core/modules/user/lib/Drupal/user/Access/RoleAccessCheck.php, line 33: Contains \Drupal\user\Access\RoleAccessCheck.

Class

RoleAccessCheck: Determines access to routes based on roles.

Namespace

Drupal\user\Access

Code

public function access(Route $route, Request $request) {

  // Requirements just allow strings, so this might be a comma separated list.
  $rid_string = $route
    ->getRequirement('_role');

  // @todo Replace the role check with a correctly injected and session-using
  //   alternative.
  $account = $GLOBALS['user'];
  $explode_and = array_filter(array_map('trim', explode('+', $rid_string)));
  if (count($explode_and) > 1) {
    $diff = array_diff($explode_and, $account->roles);
    if (empty($diff)) {
      return static::ALLOW;
    }
  }
  else {
    $explode_or = array_filter(array_map('trim', explode(',', $rid_string)));
    $intersection = array_intersect($explode_or, $account->roles);
    if (!empty($intersection)) {
      return static::ALLOW;
    }
  }

  // If there is no allowed role, return NULL to give other checks a chance.
  return static::DENY;
}

Main menu

Search Drupal 8.x

API Navigation

public function RoleAccessCheck::access

Parameters

Return value

File

Class

Namespace

Code

Main menu

You are here

Search Drupal 8.x

API Navigation

public function RoleAccessCheck::access

Parameters

Return value

File

Class

Namespace

Code