function administerusersbyrole_user_access in Administer Users by Role 8.2

Same name and namespace in other branches

8.3 administerusersbyrole.module \administerusersbyrole_user_access()

Implements hook_ENTITY_TYPE_access() for entity type "user".

Parameters

\Drupal\User\UserInterface $user: The user object to check access for.

string $operation: The operation that is to be performed on $entity.:

\Drupal\Core\Session\AccountInterface $account: The account trying to access the entity.:

1 call to administerusersbyrole_user_access()

administerusersbyrole_entity_field_access in ./administerusersbyrole.module: Implements hook_entity_field_access().

File

./administerusersbyrole.module, line 51

Code

function administerusersbyrole_user_access(UserInterface $user, $operation, AccountInterface $account) {

  // Never allow uid 0 (anonymous) or 1 (master admin).
  if (!$user
    ->isNew() && $user
    ->id() <= 1) {
    return AccessResult::neutral();
  }

  // Grant access to view blocked users if we can update them.
  if ($user
    ->isBlocked() && $operation == 'view') {
    return administerusersbyrole_user_access($user, 'update', $account);
  }
  $convert = array(
    'delete' => 'cancel',
    'update' => 'edit',
  );
  if (!isset($convert[$operation])) {
    return AccessResult::neutral();
  }
  $roles = $user
    ->getRoles();
  foreach ($roles as $rid) {

    // If there is only AUTHENTICATED_ROLE, then we must test for it, otherwise skip it.
    if ($rid == AccountInterface::AUTHENTICATED_ROLE && count($roles) > 1) {
      continue;
    }
    if (!$account
      ->hasPermission(_administerusersbyrole_build_perm_string($rid, $convert[$operation]))) {
      return AccessResult::neutral();
    }
  }
  return AccessResult::allowed()
    ->cachePerPermissions()
    ->addCacheableDependency($user);
}

You are here

function administerusersbyrole_user_access in Administer Users by Role 8.2

Parameters

File

Code

API Navigation