protected function AccessControlTrait::combinedPermissionCheck in Group 2.0.x
Checks the provided permission alongside the admin permission.
Important: Only one permission needs to match.
Parameters
\Drupal\group\Entity\GroupInterface $group: The group to check for access.
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
string $permission: The names of the permission to check for.
bool $return_as_object: Whether to return the result as an object or boolean.
Return value
bool|\Drupal\Core\Access\AccessResult The access result. Returns a boolean if $return_as_object is FALSE (this is the default) and otherwise an AccessResultInterface object. When a boolean is returned, the result of AccessInterface::isAllowed() is returned, i.e. TRUE means access is explicitly allowed, FALSE means access is either explicitly forbidden or "no opinion".
2 calls to AccessControlTrait::combinedPermissionCheck()
- AccessControl::entityCreateAccess in src/
Plugin/ Group/ RelationHandlerDefault/ AccessControl.php - Checks access to create an entity.
- AccessControl::relationCreateAccess in src/
Plugin/ Group/ RelationHandlerDefault/ AccessControl.php - Checks access to create a relation.
File
- src/
Plugin/ Group/ RelationHandler/ AccessControlTrait.php, line 101
Class
- AccessControlTrait
- Trait for group relation permission providers.
Namespace
Drupal\group\Plugin\Group\RelationHandlerCode
protected function combinedPermissionCheck(GroupInterface $group, AccountInterface $account, $permission, $return_as_object) {
$result = AccessResult::neutral();
// Add in the admin permission and filter out the unsupported permissions.
$permissions = [
$permission,
$this->permissionProvider
->getAdminPermission(),
];
$permissions = array_filter($permissions);
// If we still have permissions left, check for access.
if (!empty($permissions)) {
$result = GroupAccessResult::allowedIfHasGroupPermissions($group, $account, $permissions, 'OR');
}
return $return_as_object ? $result : $result
->isAllowed();
}