function masquerade_masquerade_access in Masquerade 8.2

Implements hook_masquerade_access().

This default implementation only returns TRUE and never FALSE, since alternative access implementations could not work otherwise.

File

./masquerade.module, line 124: Allows privileged users to masquerade as another user.

Code

function masquerade_masquerade_access($user, UserInterface $target_account) {

  // Uid 1 may masquerade as anyone.
  if ($user
    ->id() == 1) {
    return TRUE;
  }

  // Uid 1 gets special treatment with its own permission.
  if ($target_account
    ->id() == 1) {
    if ($user
      ->hasPermission('masquerade as super user')) {
      return TRUE;
    }
    else {
      return NULL;
    }
  }

  // The current user must be allowed to masquerade.
  if ($user
    ->hasPermission('masquerade as any user')) {
    return TRUE;
  }

  // Permissions may be granted on a per-role basis.
  $target_account_roles = $target_account
    ->getRoles();
  foreach ($target_account_roles as $role_id) {
    if (!$user
      ->hasPermission("masquerade as {$role_id}")) {
      return NULL;
    }
  }

  // Only allow masquerade if a user has access to all the target account roles.
  return TRUE;
}

You are here

function masquerade_masquerade_access in Masquerade 8.2

File

Code

API Navigation