function _apigee_edge_user_has_an_app_with_product in Apigee Edge 8
Checks whether a user has a developer app with an API product.
We did not add static caching to this function because there could be possible scenarios when a cache invalidation issue could occur and this function would return a false-positive result.
Parameters
string $product_name: API Product name.
\Drupal\Core\Session\AccountInterface|null $account: (optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.
bool $return_as_object: (optional) Defaults to FALSE.
Return value
\Drupal\Core\Access\AccessResultInterface|bool The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".
See also
\Drupal\Core\Entity\EntityAccessControlHandlerInterface::access()
2 calls to _apigee_edge_user_has_an_app_with_product()
- apigee_edge_apiproduct_rbac_api_product_access in modules/
apigee_edge_apiproduct_rbac/ apigee_edge_apiproduct_rbac.module - Implements hook_ENTITY_TYPE_access().
- apigee_edge_api_product_access in ./
apigee_edge.module - Implements hook_ENTITY_TYPE_access().
File
- ./
apigee_edge.module, line 1723 - Copyright 2018 Google Inc.
Code
function _apigee_edge_user_has_an_app_with_product(string $product_name, AccountInterface $account = NULL, bool $return_as_object = FALSE) {
if ($account === NULL) {
$account = \Drupal::currentUser();
}
if ($account
->isAnonymous()) {
$result = AccessResult::neutral('Anonymous user does not have a developer account on Apigee Edge.');
}
else {
/** @var \Drupal\apigee_edge\Entity\DeveloperAppInterface|null $app_with_product */
$app_with_product = NULL;
/** @var \Drupal\apigee_edge\Entity\Storage\DeveloperAppStorageInterface $developer_app_storage */
$developer_app_storage = \Drupal::entityTypeManager()
->getStorage('developer_app');
foreach ($developer_app_storage
->loadByDeveloper($account
->getEmail()) as $app) {
/** @var \Apigee\Edge\Api\Management\Entity\AppCredentialInterface $credential */
foreach ($app
->getCredentials() as $credential) {
$product_ids = array_map(function (CredentialProduct $product) {
return $product
->getApiproduct();
}, $credential
->getApiProducts());
// We return after the first match to speed up the page load.
if (in_array($product_name, $product_ids)) {
$app_with_product = $app;
break 2;
}
}
}
if ($app_with_product) {
// Flush cache if this app gets updated. It could happen that
// this product gets removed from the app therefore the access
// must be re-evaluated.
$result = AccessResult::allowed()
->cachePerUser()
->addCacheTags($app_with_product
->getCacheTags());
}
else {
$result = AccessResult::neutral("{$account->getDisplayName()} does not have any developer app in association with {$product_name} API product.");
}
}
return $return_as_object ? $result : $result
->isAllowed();
}