You are here

Home » API reference » Apigee Edge 8 » apigee_edge.module

function _apigee_edge_user_has_an_app_with_product in Apigee Edge 8

Checks whether a user has a developer app with an API product.

We did not add static caching to this function because there could be possible scenarios when a cache invalidation issue could occur and this function would return a false-positive result.

Parameters

string $product_name: API Product name.

\Drupal\Core\Session\AccountInterface|null $account: (optional) The user session for which to check access, or NULL to check access for the current user. Defaults to NULL.

bool $return_as_object: (optional) Defaults to FALSE.

Return value

\Drupal\Core\Access\AccessResultInterface|bool The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".

See also

\Drupal\Core\Entity\EntityAccessControlHandlerInterface::access()

2 calls to _apigee_edge_user_has_an_app_with_product()
apigee_edge_apiproduct_rbac_api_product_access in modules/apigee_edge_apiproduct_rbac/apigee_edge_apiproduct_rbac.module
Implements hook_ENTITY_TYPE_access().
apigee_edge_api_product_access in ./apigee_edge.module
Implements hook_ENTITY_TYPE_access().

File

./apigee_edge.module, line 1723
Copyright 2018 Google Inc.

Code

function _apigee_edge_user_has_an_app_with_product(string $product_name, AccountInterface $account = NULL, bool $return_as_object = FALSE) {
  if ($account === NULL) {
    $account = \Drupal::currentUser();
  }
  if ($account
    ->isAnonymous()) {
    $result = AccessResult::neutral('Anonymous user does not have a developer account on Apigee Edge.');
  }
  else {

    /** @var \Drupal\apigee_edge\Entity\DeveloperAppInterface|null $app_with_product */
    $app_with_product = NULL;

    /** @var \Drupal\apigee_edge\Entity\Storage\DeveloperAppStorageInterface $developer_app_storage */
    $developer_app_storage = \Drupal::entityTypeManager()
      ->getStorage('developer_app');
    foreach ($developer_app_storage
      ->loadByDeveloper($account
      ->getEmail()) as $app) {

      /** @var \Apigee\Edge\Api\Management\Entity\AppCredentialInterface $credential */
      foreach ($app
        ->getCredentials() as $credential) {
        $product_ids = array_map(function (CredentialProduct $product) {
          return $product
            ->getApiproduct();
        }, $credential
          ->getApiProducts());

        // We return after the first match to speed up the page load.
        if (in_array($product_name, $product_ids)) {
          $app_with_product = $app;
          break 2;
        }
      }
    }
    if ($app_with_product) {

      // Flush cache if this app gets updated. It could happen that
      // this product gets removed from the app therefore the access
      // must be re-evaluated.
      $result = AccessResult::allowed()
        ->cachePerUser()
        ->addCacheTags($app_with_product
        ->getCacheTags());
    }
    else {
      $result = AccessResult::neutral("{$account->getDisplayName()} does not have any developer app in association with {$product_name} API product.");
    }
  }
  return $return_as_object ? $result : $result
    ->isAllowed();
}