You are here

public static function AccessResult::allowedIfHasPermissions in Drupal 9

Same name and namespace in other branches
  1. 8 core/lib/Drupal/Core/Access/AccessResult.php \Drupal\Core\Access\AccessResult::allowedIfHasPermissions()

Creates an allowed access result if the permissions are present, neutral otherwise.

Checks the permission and adds a 'user.permissions' cache contexts.

Parameters

\Drupal\Core\Session\AccountInterface $account: The account for which to check permissions.

array $permissions: The permissions to check.

string $conjunction: (optional) 'AND' if all permissions are required, 'OR' in case just one. Defaults to 'AND'

Return value

\Drupal\Core\Access\AccessResult If the account has the permissions, isAllowed() will be TRUE, otherwise isNeutral() will be TRUE.

12 calls to AccessResult::allowedIfHasPermissions()
AccessResultTest::testAllowedIfHasPermissions in core/tests/Drupal/Tests/Core/Access/AccessResultTest.php
Tests allowedIfHasPermissions().
EntityTestAccessControlHandler::checkCreateAccess in core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php
Performs create access checks.
hook_jsonapi_ENTITY_TYPE_filter_access in core/modules/jsonapi/jsonapi.api.php
Controls access to filtering by entity data via JSON:API.
jsonapi_jsonapi_shortcut_filter_access in core/modules/jsonapi/jsonapi.module
Implements hook_jsonapi_ENTITY_TYPE_filter_access() for 'shortcut'.
LatestRevisionCheck::access in core/modules/content_moderation/src/Access/LatestRevisionCheck.php
Checks that there is a pending revision available.

... See full list

File

core/lib/Drupal/Core/Access/AccessResult.php, line 140

Class

AccessResult
Value object for passing an access result with cacheability metadata.

Namespace

Drupal\Core\Access

Code

public static function allowedIfHasPermissions(AccountInterface $account, array $permissions, $conjunction = 'AND') {
  $access = FALSE;
  if ($conjunction == 'AND' && !empty($permissions)) {
    $access = TRUE;
    foreach ($permissions as $permission) {
      if (!($permission_access = $account
        ->hasPermission($permission))) {
        $access = FALSE;
        break;
      }
    }
  }
  else {
    foreach ($permissions as $permission) {
      if ($permission_access = $account
        ->hasPermission($permission)) {
        $access = TRUE;
        break;
      }
    }
  }
  $access_result = static::allowedIf($access)
    ->addCacheContexts(empty($permissions) ? [] : [
    'user.permissions',
  ]);
  if ($access_result instanceof AccessResultReasonInterface) {
    if (count($permissions) === 1) {
      $access_result
        ->setReason("The '{$permission}' permission is required.");
    }
    elseif (count($permissions) > 1) {
      $quote = function ($s) {
        return "'{$s}'";
      };
      $access_result
        ->setReason(sprintf("The following permissions are required: %s.", implode(" {$conjunction} ", array_map($quote, $permissions))));
    }
  }
  return $access_result;
}