You are here

protected function AccessControlTrait::combinedPermissionCheck in Group 2.0.x

Checks the provided permission alongside the admin permission.

Important: Only one permission needs to match.

Parameters

\Drupal\group\Entity\GroupInterface $group: The group to check for access.

\Drupal\Core\Session\AccountInterface $account: The user for which to check access.

string $permission: The names of the permission to check for.

bool $return_as_object: Whether to return the result as an object or boolean.

Return value

bool|\Drupal\Core\Access\AccessResult The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".

2 calls to AccessControlTrait::combinedPermissionCheck()
AccessControl::entityCreateAccess in src/Plugin/Group/RelationHandlerDefault/AccessControl.php
Checks access to create an entity.
AccessControl::relationCreateAccess in src/Plugin/Group/RelationHandlerDefault/AccessControl.php
Checks access to create a relation.

File

src/Plugin/Group/RelationHandler/AccessControlTrait.php, line 101

Class

AccessControlTrait
Trait for group relation permission providers.

Namespace

Drupal\group\Plugin\Group\RelationHandler

Code

protected function combinedPermissionCheck(GroupInterface $group, AccountInterface $account, $permission, $return_as_object) {
  $result = AccessResult::neutral();

  // Add in the admin permission and filter out the unsupported permissions.
  $permissions = [
    $permission,
    $this->permissionProvider
      ->getAdminPermission(),
  ];
  $permissions = array_filter($permissions);

  // If we still have permissions left, check for access.
  if (!empty($permissions)) {
    $result = GroupAccessResult::allowedIfHasGroupPermissions($group, $account, $permissions, 'OR');
  }
  return $return_as_object ? $result : $result
    ->isAllowed();
}