You are here

Home » API reference » Bamboo Twig 8.5 » Security.php

class Security in Bamboo Twig 8.5

Same name and namespace in other branches
  1. 8 bamboo_twig_security/src/TwigExtension/Security.php \Drupal\bamboo_twig_security\TwigExtension\Security
  2. 8.2 bamboo_twig_security/src/TwigExtension/Security.php \Drupal\bamboo_twig_security\TwigExtension\Security
  3. 8.3 bamboo_twig_security/src/TwigExtension/Security.php \Drupal\bamboo_twig_security\TwigExtension\Security
  4. 8.4 bamboo_twig_security/src/TwigExtension/Security.php \Drupal\bamboo_twig_security\TwigExtension\Security

Provides a 'Security' Twig Extensions.

Hierarchy

  • class \Drupal\bamboo_twig\TwigExtension\TwigExtensionBase extends \Drupal\bamboo_twig\TwigExtension\Twig_Extension uses \Symfony\Component\DependencyInjection\ContainerAwareTrait
    • class \Drupal\bamboo_twig_security\TwigExtension\Security

Expanded class hierarchy of Security

1 string reference to 'Security'
bamboo_twig_security.services.yml in bamboo_twig_security/bamboo_twig_security.services.yml
bamboo_twig_security/bamboo_twig_security.services.yml
1 service uses Security
bamboo_twig_security.twig.security in bamboo_twig_security/bamboo_twig_security.services.yml
Drupal\bamboo_twig_security\TwigExtension\Security

File

bamboo_twig_security/src/TwigExtension/Security.php, line 11

Namespace

Drupal\bamboo_twig_security\TwigExtension
View source 
class Security extends TwigExtensionBase {

  /**
   * List of all Twig functions.
   */
  public function getFunctions() {
    return [
      new TwigFunction('bamboo_has_permission', [
        $this,
        'hasPermission',
      ]),
      new TwigFunction('bamboo_has_permissions', [
        $this,
        'hasPermissions',
      ]),
      new TwigFunction('bamboo_has_role', [
        $this,
        'hasRole',
      ]),
      new TwigFunction('bamboo_has_roles', [
        $this,
        'hasRoles',
      ]),
    ];
  }

  /**
   * Unique identifier for this Twig extension.
   */
  public function getName() {
    return 'bamboo_twig.twig.security';
  }

  /**
   * Does the current|given user has the given permission ?
   *
   * @param string $permission
   *   Drupal permission string.
   * @param int $user
   *   (Optional) user id to check permission. Otherwise current user is used.
   *
   * @return bool
   *   True if the current|given user has the given permission. Otherwise FALSE.
   */
  public function hasPermission($permission, $user = NULL) {

    // Get the current user when $user is not provided.
    if (!$user) {
      $user = $this
        ->getCurrentUser()
        ->id();
    }
    $account = $this
      ->getUserStorage()
      ->load($user);

    // If given user do not exists or is anonymous - don't go further.
    if (!$account || $account
      ->isAnonymous()) {
      return NULL;
    }
    return $account
      ->hasPermission($permission);
  }

  /**
   * Does the current|given user has the given permissions collection ?
   *
   * @param string[] $permissions
   *   Drupal permissions string.
   * @param string $conjunction
   *   (Optional) The conjunction to use againts user permissions.
   *   Allowing 'AND' or 'OR' values. Default to 'AND'.
   * @param int $user
   *   (Optional) user id to check permission. Otherwise current user is used.
   *
   * @return bool
   *   True if the current|given user has all the given permissions.
   *   Otherwise FALSE.
   */
  public function hasPermissions(array $permissions, $conjunction = 'AND', $user = NULL) {

    // Get the current user when $user is not provided.
    if (!$user) {
      $user = $this
        ->getCurrentUser()
        ->id();
    }
    $account = $this
      ->getUserStorage()
      ->load($user);

    // If given user do not exists or is anonymous - don't go further.
    if (!$account || $account
      ->isAnonymous()) {
      return NULL;
    }

    // Sanitize the conjunction to AND / OR values.
    if (!in_array($conjunction, [
      'AND',
      'OR',
    ])) {
      throw new \InvalidArgumentException(sprintf('Invalid conjunction type "%s".', $conjunction));
    }
    foreach ($permissions as $permission) {

      // When OR is requested, return TRUE on any match.
      if ($conjunction == 'OR' and $account
        ->hasPermission($permission)) {
        return TRUE;
      }

      // When AND is requested, return FALSE on any unmatch.
      if ($conjunction == 'AND' and !$account
        ->hasPermission($permission)) {
        return FALSE;
      }
    }

    // The previous loop may not return when:
    // - The conjunction is AND & the user has all roles.
    // - The conjunction is OR & the user has not any roles.
    return $conjunction == 'AND' ? TRUE : FALSE;
  }

  /**
   * Does the current|given user has the given role ?
   *
   * @param string $role
   *   Drupal role name.
   * @param int $user
   *   (Optional) user id to check role. Otherwise current user is used.
   *
   * @return bool
   *   True if the current|given user has the given role. Otherwise FALSE.
   */
  public function hasRole($role, $user = NULL) {

    // Get the current user when $user is not provided.
    if (!$user) {
      $user = $this
        ->getCurrentUser()
        ->id();
    }
    $account = $this
      ->getUserStorage()
      ->load($user);

    // If given user do not exists or is anonymous - don't go further.
    if (!$account || $account
      ->isAnonymous()) {
      return NULL;
    }
    return $account
      ->hasRole($role);
  }

  /**
   * Does the current|given user has the given roles collection ?
   *
   * @param string[] $roles
   *   Drupal roles name.
   * @param string $conjunction
   *   (Optional) The conjunction to use againts user permissions.
   *   Allowing 'AND' or 'OR' values. Default to 'AND'.
   * @param int $user
   *   (Optional) user id to check permission. Otherwise current user is used.
   *
   * @return bool
   *   True if the current|given user has the given permission. Otherwise FALSE.
   */
  public function hasRoles(array $roles, $conjunction = 'AND', $user = NULL) {

    // Get the current user when $user is not provided.
    if (!$user) {
      $user = $this
        ->getCurrentUser()
        ->id();
    }
    $account = $this
      ->getUserStorage()
      ->load($user);

    // If given user do not exists or is anonymous - don't go further.
    if (!$account || $account
      ->isAnonymous()) {
      return NULL;
    }

    // Sanitize the conjunction to AND / OR values.
    if (!in_array($conjunction, [
      'AND',
      'OR',
    ])) {
      throw new \InvalidArgumentException(sprintf('Invalid conjunction type "%s".', $conjunction));
    }
    foreach ($roles as $role) {

      // When OR is requested, return TRUE on any match.
      if ($conjunction == 'OR' and $account
        ->hasRole($role)) {
        return TRUE;
      }

      // When AND is requested, return FALSE on any unmatch.
      if ($conjunction == 'AND' and !$account
        ->hasRole($role)) {
        return FALSE;
      }
    }

    // The previous loop may not return when:
    // - The conjunction is AND & the user has all roles.
    // - The conjunction is OR & the user has not any roles.
    return $conjunction == 'AND' ? TRUE : FALSE;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
Security::getFunctions public function List of all Twig functions.
Security::getName public function Unique identifier for this Twig extension. Overrides TwigExtensionBase::getName
Security::hasPermission public function Does the current|given user has the given permission ?
Security::hasPermissions public function Does the current|given user has the given permissions collection ?
Security::hasRole public function Does the current|given user has the given role ?
Security::hasRoles public function Does the current|given user has the given roles collection ?
TwigExtensionBase::getBlockStorage protected function Return the block storage.
TwigExtensionBase::getConfigFactory protected function Provides an interface for a configuration object factory.
TwigExtensionBase::getCurrentRouteMatch protected function Return the current route match.
TwigExtensionBase::getCurrentUser protected function Lazy loading for the Drupal current user account proxy.
TwigExtensionBase::getDateFormatter protected function Provides a service to handle various date related functionality.
TwigExtensionBase::getEntityRepository protected function Lazy loading for the Drupal entity repository.
TwigExtensionBase::getEntityTypeManager protected function Lazy loading for the Drupal entity type manager.
TwigExtensionBase::getExtensionGuesser protected function Return a singleton mime type to file extension guesser.
TwigExtensionBase::getFieldTypeManager protected function Return the factory for image objects.
TwigExtensionBase::getFileStorage protected function Return the file storage.
TwigExtensionBase::getFileSystemObject protected function Provides helpers to operate on files and stream wrappers.
TwigExtensionBase::getFormBuilder protected function Provides an interface for form building and processing.
TwigExtensionBase::getImageFactory protected function Return the factory for image objects.
TwigExtensionBase::getImageStyleStorage protected function Provides an interface defining an image style.
TwigExtensionBase::getLanguageManager protected function Returns the language manager service.
TwigExtensionBase::getMenuLinkTree protected function Interface for loading, transforming and rendering menu link trees.
TwigExtensionBase::getPluginManagerBlock protected function Manages discovery and instantiation of block plugins.
TwigExtensionBase::getSettingsSingleton protected function Read only settings singleton.
TwigExtensionBase::getStateFactory protected function The state storage service.
TwigExtensionBase::getStreamWrapperManager protected function Provides a StreamWrapper manager.
TwigExtensionBase::getToken protected function Return the token service.
TwigExtensionBase::getUserStorage protected function Return the user storage.