trait ConfigurationAccessControlTrait in Rules 8.3
Implements access related functions for plugins.
Hierarchy
- trait \Drupal\rules\Core\ConfigurationAccessControlTrait
File
- src/
Core/ ConfigurationAccessControlTrait.php, line 11
Namespace
Drupal\rules\CoreView source
trait ConfigurationAccessControlTrait {
/**
* Checks configuration permission.
*
* @param \Drupal\Core\Session\AccountInterface $account
* (optional) The user for which to check access, or NULL to check access
* for the current user. Defaults to NULL.
* @param bool $return_as_object
* (optional) Defaults to FALSE.
*
* @return bool|\Drupal\Core\Access\AccessResultInterface
* The access result. Returns a boolean if $return_as_object is FALSE (this
* is the default) and otherwise an AccessResultInterface object.
* When a boolean is returned, the result of AccessInterface::isAllowed() is
* returned, i.e. TRUE means access is explicitly allowed, FALSE means
* access is either explicitly forbidden or "no opinion".
*/
public function checkConfigurationAccess(AccountInterface $account = NULL, $return_as_object = FALSE) {
if (!$account) {
$account = \Drupal::currentUser();
}
// We treat these as our "super-user" accesses. We let the reaction
// rule and component permissions control the main admin UI.
$admin_perms = [
'administer rules',
'bypass rules access',
];
$access = FALSE;
foreach ($admin_perms as $perm) {
if ($account
->hasPermission($perm)) {
$access = TRUE;
break;
}
}
if (!$access) {
// See if the plugin has a configuration_access annotation.
$definition = $this
->getPluginDefinition();
if (!empty($definition['configure_permissions']) && is_array($definition['configure_permissions'])) {
foreach ($definition['configure_permissions'] as $perm) {
if ($account
->hasPermission($perm)) {
$access = TRUE;
break;
}
}
}
}
if ($return_as_object) {
return $access ? AccessResult::allowed() : AccessResult::neutral();
}
return $access;
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
ConfigurationAccessControlTrait:: |
public | function | Checks configuration permission. |