Check view access.
See EntityAccessControllerInterface::view() for parameters.
protected function viewAccess(EntityInterface $entity, $langcode, AccountInterface $account) {
// Never allow access to view the anonymous user account.
if ($entity
->id()) {
// Admins can view all, users can view own profiles at all times.
if ($account
->id() == $entity
->id() || user_access('administer users', $account)) {
return TRUE;
}
elseif (user_access('access user profiles', $account)) {
// Only allow view access if the account is active.
return $entity->status->value;
}
}
return FALSE;
}