You are here

public function GroupPermissionAccessCheck::access in Group 2.0.x

Same name and namespace in other branches
  1. 8 src/Access/GroupPermissionAccessCheck.php \Drupal\group\Access\GroupPermissionAccessCheck::access()

Checks access.

Parameters

\Symfony\Component\Routing\Route $route: The route to check against.

\Drupal\Core\Routing\RouteMatchInterface $route_match: The parametrized route.

\Drupal\Core\Session\AccountInterface $account: The account to check access for.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

File

src/Access/GroupPermissionAccessCheck.php, line 31

Class

GroupPermissionAccessCheck
Determines access to routes based on permissions defined via $module.group_permissions.yml files.

Namespace

Drupal\group\Access

Code

public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account) {
  $permission = $route
    ->getRequirement('_group_permission');

  // Don't interfere if no permission was specified.
  if ($permission === NULL) {
    return AccessResult::neutral();
  }

  // Don't interfere if no group was specified.
  $parameters = $route_match
    ->getParameters();
  if (!$parameters
    ->has('group')) {
    return AccessResult::neutral();
  }

  // Don't interfere if the group isn't a real group.
  $group = $parameters
    ->get('group');
  if (!$group instanceof GroupInterface) {
    return AccessResult::neutral();
  }

  // Allow to conjunct the permissions with OR ('+') or AND (',').
  $split = explode(',', $permission);
  if (count($split) > 1) {
    return GroupAccessResult::allowedIfHasGroupPermissions($group, $account, $split, 'AND');
  }
  else {
    $split = explode('+', $permission);
    return GroupAccessResult::allowedIfHasGroupPermissions($group, $account, $split, 'OR');
  }
}