You are here

Home » API reference » Organic groups 8 » OgAccessInterface.php » OgAccessInterface

public function OgAccessInterface::userAccess in Organic groups 8

Determines whether a user has a group permission in a given group.

The following conditions will result in a positive result:

  • The user is the global super user (UID 1).
  • The user has the global permission to administer all organic groups.
  • The user is the owner of the group, and OG has been configured to allow full access to the group owner.
  • The user has the role of administrator in the group.
  • The user has a role in the group that specifically grants the permission.
  • The user is not a member of the group, and the permission has been granted to non-members.
  • The access result can be altered (granted or denied) by implementing hook_og_user_access().

For access to be granted, at least one of the above checks should grant access, and none of the checks should deny access. A neutral result is returned only if all checks are neutral.

All access checks in OG should go through this function. This way we guarantee consistent behavior, and ensure that the superuser and group administrators can perform all actions.

Parameters

\Drupal\Core\Entity\EntityInterface $group: The group entity.

string $permission: The name of the OG permission being checked. This includes both group level permissions such as 'subscribe without approval' and group content entity operation permissions such as 'edit own article content'.

\Drupal\Core\Session\AccountInterface|null $user: (optional) The user to check. Defaults to the current user.

bool $skip_alter: (optional) If TRUE then user access will not be sent to other modules using drupal_alter(). This can be used by modules implementing hook_og_user_access_alter() that still want to use og_user_access(), but without causing a recursion. Defaults to FALSE.

Return value

\Drupal\Core\Access\AccessResultInterface An access result object.

1 method overrides OgAccessInterface::userAccess()
OgAccess::userAccess in src/OgAccess.php
Determines whether a user has a group permission in a given group.

File

src/OgAccessInterface.php, line 56

Class

OgAccessInterface
Interface for classes that handle access checks in Organic Groups.

Namespace

Drupal\og

Code

public function userAccess(EntityInterface $group, string $permission, ?AccountInterface $user = NULL, bool $skip_alter = FALSE) : AccessResultInterface;