You are here

public function UserController::checkAccess in Profile 8

Checks access for the single/multiple pages.

Parameters

\Drupal\user\UserInterface $user: The user account.

\Drupal\profile\Entity\ProfileTypeInterface $profile_type: The profile type.

\Drupal\Core\Session\AccountInterface $account: The currently logged in account.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

1 string reference to 'UserController::checkAccess'
profile.routing.yml in ./profile.routing.yml
profile.routing.yml

File

src/Controller/UserController.php, line 123

Class

UserController
Provides the profile UI for users.

Namespace

Drupal\profile\Controller

Code

public function checkAccess(UserInterface $user, ProfileTypeInterface $profile_type, AccountInterface $account) {
  $user_access = $user
    ->access('view', $account, TRUE);
  if (!$user_access
    ->isAllowed()) {

    // The account does not have access to the user's canonical page
    // ("/user/{user}"), don't allow access to any sub-pages either.
    return $user_access;
  }
  $access_control_handler = $this
    ->entityTypeManager()
    ->getAccessControlHandler('profile');
  $profile_storage = $this
    ->entityTypeManager()
    ->getStorage('profile');
  $profile_stub = $profile_storage
    ->create([
    'type' => $profile_type
      ->id(),
    'uid' => $user
      ->id(),
  ]);
  $operation = $profile_type
    ->allowsMultiple() ? 'view' : 'update';
  $result = $access_control_handler
    ->access($profile_stub, $operation, $account, TRUE);
  return $result;
}