public function UserController::accessCollectedData in General Data Protection Regulation 8.2
Same name and namespace in other branches
- 8 src/Controller/UserController.php \Drupal\gdpr\Controller\UserController::accessCollectedData()
- 3.0.x src/Controller/UserController.php \Drupal\gdpr\Controller\UserController::accessCollectedData()
Access check for the route.
Parameters
\Drupal\user\UserInterface $user: The given user.
Return value
\Drupal\Core\Access\AccessResultInterface The result.
1 string reference to 'UserController::accessCollectedData'
File
- src/
Controller/ UserController.php, line 53
Class
- UserController
- Class UserController.
Namespace
Drupal\gdpr\ControllerCode
public function accessCollectedData(UserInterface $user) {
// Must have the appropriate permission to access the page.
// This allows site admins to completely disable the View My Data page.
if (!$this
->currentUser()
->hasPermission('view gdpr data summary')) {
return AccessResult::forbidden();
}
// If access to the page is enabled, only show the tab if we're viewing our
// OWN profile or we're a GDPR admin.
if ($this
->currentUser()
->hasPermission('administer gdpr settings')) {
return AccessResult::allowed();
}
if ((int) $user
->id() === (int) $this
->currentUser()
->id()) {
return AccessResult::allowed();
}
return AccessResult::forbidden();
}