function masquerade_target_user_access in Masquerade 8.2
Returns whether the current user is allowed to masquerade as a target user.
Parameters
\Drupal\user\UserInterface $target_account: The user account object to masquerade as.
Return value
bool TRUE if allowed, FALSE otherwise.
See also
3 calls to masquerade_target_user_access()
- MasqueradeCallbacks::renderCacheLink in src/
MasqueradeCallbacks.php - #post_render_cache callback; replaces placeholder with masquerade link.
- masquerade_entity_operation in ./
masquerade.module - Implements hook_entity_operation().
- masquerade_switch_user_validate in ./
masquerade.module - Validates whether the current user can masquerade as a given target user.
File
- ./
masquerade.module, line 87 - Allows privileged users to masquerade as another user.
Code
function masquerade_target_user_access(UserInterface $target_account) {
$user = \Drupal::currentUser();
// Deny access if the current user is masquerading already or tries to
// masquerade as himself.
if (\Drupal::service('masquerade')
->isMasquerading() || $user
->id() == $target_account
->id()) {
return FALSE;
}
// Invoke hook_masquerade_access() implementations.
$access = NULL;
foreach (\Drupal::moduleHandler()
->getImplementations('masquerade_access') as $module) {
$function = $module . '_masquerade_access';
$result = $function($user, $target_account);
// If an implementation explicitly denies access, then there is nothing else
// to check.
if ($result === FALSE) {
$access = FALSE;
break;
}
elseif ($result === TRUE) {
$access = TRUE;
}
}
// If no module granted access, then access is denied.
if (!isset($access) || !$access) {
return FALSE;
}
return TRUE;
}