public function UserController::accessCollectedData in General Data Protection Regulation 8

Same name and namespace in other branches

8.2 src/Controller/UserController.php \Drupal\gdpr\Controller\UserController::accessCollectedData()
3.0.x src/Controller/UserController.php \Drupal\gdpr\Controller\UserController::accessCollectedData()

Access check for the route.

Parameters

\Drupal\user\UserInterface $user: The given user.

Return value

\Drupal\Core\Access\AccessResultInterface The result.

1 string reference to 'UserController::accessCollectedData'

gdpr.routing.yml in ./gdpr.routing.yml: gdpr.routing.yml

File

src/Controller/UserController.php, line 53

Class

UserController: Class UserController.

Namespace

Drupal\gdpr\Controller

Code

public function accessCollectedData(UserInterface $user) {

  // Must have the appropriate permission to access the page.
  // This allows site admins to completely disable the View My Data page.
  if (!$this
    ->currentUser()
    ->hasPermission('view gdpr data summary')) {
    return AccessResult::forbidden();
  }

  // If access to the page is enabled, only show the tab if we're viewing our
  // OWN profile or we're a GDPR admin.
  if ($this
    ->currentUser()
    ->hasPermission('administer gdpr settings')) {
    return AccessResult::allowed();
  }
  if ((int) $user
    ->id() === (int) $this
    ->currentUser()
    ->id()) {
    return AccessResult::allowed();
  }
  return AccessResult::forbidden();
}

You are here

public function UserController::accessCollectedData in General Data Protection Regulation 8

Parameters

Return value

File

Class

Namespace

Code

API Navigation