Why Gemfury?
Push, build, and install
RubyGems
npm packages
Python packages
Maven artifacts
PHP packages
Go Modules
Debian packages
RPM packages
NuGet packages
novicell / novicell/dds_editors php
Repository URL to install this package:
|
Version:
2.0.0 ▾
|
<?php
namespace Drupal\dds_editors\Access;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\DependencyInjection\ContainerInjectionInterface;
use Drupal\Core\Routing\RouteMatchInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\user\Entity\User;
use Symfony\Component\DependencyInjection\ContainerInterface;
/**
* Class DDSEditorAccessCheck
* @package Drupal\dds_editors\Access
*/
class DDSEditorsAccessCheck implements ContainerInjectionInterface
{
/**
* @var \Drupal\Core\Routing\RouteMatch
*/
private $routeMatch;
/**
* DDSEditorsAccessCheck constructor.
*
* @param \Drupal\Core\Routing\RouteMatchInterface $routeMatch
*/
public function __construct(RouteMatchInterface $routeMatch)
{
$this->routeMatch = $routeMatch;
}
public static function create(ContainerInterface $container)
{
return new static(
$container->get('current_route_match')
);
}
public function accessUserEdit(AccountInterface $account)
{
/** @var User $user */
$user = $this->routeMatch->getParameter('user');
// If the user for some reason doesn't exist, we return a neutral response.
if (!$user) {
return AccessResult::neutral();
}
// user will always be allowed to edit their own profile.
if ($user->id() == $account->id()) {
return AccessResult::allowed();
}
// User will only be allowed to edit profile, if they are allowed to assign
// all of the users roles.
foreach ($user->getRoles(TRUE) as $role) {
// If the user doesn't have access to assign the role of the user, deny
// access.
if (!$account->hasPermission('assign ' . $role . ' role')) {
return AccessResult::forbidden();
}
}
return AccessResult::allowed();
}
}