You are here

protected function EntityAccess::bypassAccessResult in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/workspaces/src/EntityAccess.php \Drupal\workspaces\EntityAccess::bypassAccessResult()
  2. 9 core/modules/workspaces/src/EntityAccess.php \Drupal\workspaces\EntityAccess::bypassAccessResult()

Checks the 'bypass' permissions.

Parameters

\Drupal\Core\Session\AccountInterface $account: The user account making the to check access for.

Return value

\Drupal\Core\Access\AccessResult The result of the access check.

File

core/modules/workspaces/src/EntityAccess.php, line 121

Class

EntityAccess
Service wrapper for hooks relating to entity access control.

Namespace

Drupal\workspaces

Code

protected function bypassAccessResult(AccountInterface $account) {

  // This approach assumes that the current "global" active workspace is
  // correct, i.e. if you're "in" a given workspace then you get ALL THE PERMS
  // to ALL THE THINGS! That's why this is a dangerous permission.
  $active_workspace = $this->workspaceManager
    ->getActiveWorkspace();
  return AccessResult::allowedIf($active_workspace
    ->getOwnerId() == $account
    ->id())
    ->cachePerUser()
    ->addCacheableDependency($active_workspace)
    ->andIf(AccessResult::allowedIfHasPermission($account, 'bypass entity access own workspace'));
}