You are here

Home » API reference » Administer Users by Role 8.3 » administerusersbyrole.module

function administerusersbyrole_user_assign_role in Administer Users by Role 8.3

Check for permission to assign roles to a user.

Parameters

\Drupal\user\UserInterface $user: The user object to check access for.

\Drupal\Core\Session\AccountInterface $account: The account trying to access the entity.

array $rids: Array of role ids to add/remove.

Return value

\Drupal\Core\Access\AccessResultInterface The access result. hook_entity_access() has detailed documentation.

1 call to administerusersbyrole_user_assign_role()
ChangeUserRoleTrait::access in src/Plugin/Action/ChangeUserRoleTrait.php

File

./administerusersbyrole.module, line 89
Administer Users by Role main module file.

Code

function administerusersbyrole_user_assign_role(UserInterface $user, AccountInterface $account, array $rids) {

  // Allow access if
  // 1a) The sub-admin can edit the user OR
  // 1b) The sub-admin can assign all the roles the user already has AND
  // 2) The sub-admin can assign all the roles that are being changed.
  $oneA = administerusersbyrole_user_access($user, 'update', $account);
  $oneB = administerusersbyrole_user_access($user, 'role-assign', $account);
  $two = \Drupal::service('administerusersbyrole.access')
    ->access($rids, 'role-assign', $account);
  return $oneA
    ->orIf($oneB)
    ->andIf($two);
}