You are here

Home » API reference » Apigee Edge 8 » ManageTeamMembersAccess.php » ManageTeamMembersAccess

public function ManageTeamMembersAccess::access in Apigee Edge 8

Grant access to Manage team members pages.

Parameters

\Drupal\Core\Routing\RouteMatchInterface $route_match: The parametrized route.

\Drupal\Core\Session\AccountInterface $account: The currently logged in account.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

File

modules/apigee_edge_teams/src/Access/ManageTeamMembersAccess.php, line 77

Class

ManageTeamMembersAccess
Check access on manage team members routes.

Namespace

Drupal\apigee_edge_teams\Access

Code

public function access(RouteMatchInterface $route_match, AccountInterface $account) {
  if ($account
    ->isAnonymous()) {
    return AccessResult::forbidden('This UI only available to logged in users.');
  }

  /** @var \Drupal\apigee_edge_teams\Entity\TeamInterface $team */
  $team = $route_match
    ->getParameter('team');

  /** @var \Drupal\apigee_edge\Entity\DeveloperInterface|null $developer */
  $developer = $route_match
    ->getParameter('developer');

  // If the developer parameter is available in the route make sure it is
  // member of the team.
  if ($developer !== NULL) {
    if (!in_array($team
      ->id(), $this->teamMembershipManager
      ->getTeams($developer
      ->getEmail()))) {
      return AccessResultForbidden::forbidden("The {$developer->getEmail()} developer is not member of the {$team->id()} team.");
    }
  }
  $result = AccessResultAllowed::allowedIfHasPermissions($account, [
    'administer team',
    'manage team members',
  ], 'OR')
    ->cachePerPermissions();
  if ($result
    ->isNeutral()) {
    $result = AccessResultAllowed::allowedIf(in_array('team_manage_members', $this->teamPermissionHandler
      ->getDeveloperPermissionsByTeam($team, $account)))
      ->addCacheableDependency($team)
      ->cachePerUser();
  }
  return $result;
}