You are here

class GroupPermissionAccessCheck in Group 2.0.x

Same name and namespace in other branches
  1. 8 src/Access/GroupPermissionAccessCheck.php \Drupal\group\Access\GroupPermissionAccessCheck

Determines access to routes based on permissions defined via $module.group_permissions.yml files.

Hierarchy

Expanded class hierarchy of GroupPermissionAccessCheck

1 string reference to 'GroupPermissionAccessCheck'
group.services.yml in ./group.services.yml
group.services.yml
1 service uses GroupPermissionAccessCheck
access_check.group.permission in ./group.services.yml
Drupal\group\Access\GroupPermissionAccessCheck

File

src/Access/GroupPermissionAccessCheck.php, line 16

Namespace

Drupal\group\Access
View source
class GroupPermissionAccessCheck implements AccessInterface {

  /**
   * Checks access.
   *
   * @param \Symfony\Component\Routing\Route $route
   *   The route to check against.
   * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
   *   The parametrized route.
   * @param \Drupal\Core\Session\AccountInterface $account
   *   The account to check access for.
   *
   * @return \Drupal\Core\Access\AccessResultInterface
   *   The access result.
   */
  public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account) {
    $permission = $route
      ->getRequirement('_group_permission');

    // Don't interfere if no permission was specified.
    if ($permission === NULL) {
      return AccessResult::neutral();
    }

    // Don't interfere if no group was specified.
    $parameters = $route_match
      ->getParameters();
    if (!$parameters
      ->has('group')) {
      return AccessResult::neutral();
    }

    // Don't interfere if the group isn't a real group.
    $group = $parameters
      ->get('group');
    if (!$group instanceof GroupInterface) {
      return AccessResult::neutral();
    }

    // Allow to conjunct the permissions with OR ('+') or AND (',').
    $split = explode(',', $permission);
    if (count($split) > 1) {
      return GroupAccessResult::allowedIfHasGroupPermissions($group, $account, $split, 'AND');
    }
    else {
      $split = explode('+', $permission);
      return GroupAccessResult::allowedIfHasGroupPermissions($group, $account, $split, 'OR');
    }
  }

}

Members