protected function ProfileAccessControlHandler::checkCreateAccess in Profile 8
Performs create access checks.
This method is supposed to be overwritten by extending classes that do their own custom access checking.
Parameters
\Drupal\Core\Session\AccountInterface $account: The user for which to check access.
array $context: An array of key-value pairs to pass additional context when needed.
string|null $entity_bundle: (optional) The bundle of the entity. Required if the entity supports bundles, defaults to NULL otherwise.
Return value
\Drupal\Core\Access\AccessResultInterface The access result.
Overrides EntityAccessControlHandlerBase::checkCreateAccess
File
- src/
ProfileAccessControlHandler.php, line 24
Class
- ProfileAccessControlHandler
- Defines the access control handler for the profile entity type.
Namespace
Drupal\profileCode
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
$result = parent::checkCreateAccess($account, $context, $entity_bundle);
// Role checks are always done against the profile owner, but it's not safe
// to assume that $account will be the profile owner.
// That's why the check is performed only when the profile owner is
// explicitly provided (e.g. by ProfileFormWidget).
if ($result
->isAllowed() && !empty($context['profile_owner'])) {
$result = $result
->andIf($this
->checkRoleAccess($context['profile_owner'], $entity_bundle));
}
return $result;
}