protected function UserAccessController::viewAccess

Check view access.

See EntityAccessControllerInterface::view() for parameters.

File

drupal/core/modules/user/lib/Drupal/user/UserAccessController.php, line 52

Contains \Drupal\user\UserAccessController.

Class

UserAccessController

Defines the access controller for the user entity type.

Namespace

Code

protected function viewAccess(EntityInterface $entity, $langcode, AccountInterface $account) {

  // Never allow access to view the anonymous user account.
  if ($entity
    ->id()) {

    // Admins can view all, users can view own profiles at all times.
    if ($account
      ->id() == $entity
      ->id() || user_access('administer users', $account)) {
      return TRUE;
    }
    elseif (user_access('access user profiles', $account)) {

      // Only allow view access if the account is active.
      return $entity->status->value;
    }
  }
  return FALSE;
}