protected function PermissionsHashGenerator::doGenerate in Zircon Profile 8
Same name and namespace in other branches
- 8.0 core/lib/Drupal/Core/Session/PermissionsHashGenerator.php \Drupal\Core\Session\PermissionsHashGenerator::doGenerate()
Generates a hash that uniquely identifies the user's permissions.
Parameters
string[] $roles: The user's roles.
Return value
string The permissions hash.
1 call to PermissionsHashGenerator::doGenerate()
- PermissionsHashGenerator::generate in core/
lib/ Drupal/ Core/ Session/ PermissionsHashGenerator.php - Cached by role, invalidated whenever permissions change.
File
- core/
lib/ Drupal/ Core/ Session/ PermissionsHashGenerator.php, line 100 - Contains \Drupal\Core\Session\PermissionsHashGenerator.
Class
- PermissionsHashGenerator
- Generates and caches the permissions hash for a user.
Namespace
Drupal\Core\SessionCode
protected function doGenerate(array $roles) {
// @todo Once Drupal gets rid of user_role_permissions(), we should be able
// to inject the user role controller and call a method on that instead.
$permissions_by_role = user_role_permissions($roles);
foreach ($permissions_by_role as $role => $permissions) {
sort($permissions);
// Note that for admin roles (\Drupal\user\RoleInterface::isAdmin()), the
// permissions returned will be empty ($permissions = []). Therefore the
// presence of the role ID as a key in $permissions_by_role is essential
// to ensure that the hash correctly recognizes admin roles. (If the hash
// was based solely on the union of $permissions, the admin roles would
// effectively be no-ops, allowing for hash collisions.)
$permissions_by_role[$role] = $permissions;
}
return $this
->hash(serialize($permissions_by_role));
}