Same name and namespace in other branches

1. 10 core/lib/Drupal/Core/Session/AccessPolicyInterface.php \Drupal\Core\Session\AccessPolicyInterface::alterPermissions()

Alter the permissions after all policies have finished building them.

This should only be used to revoke permissions. If you wish to add permissions, you should write another access policy that uses the calculatePermissions method instead.

Keep in mind that there are many ways to alter access policy results. Because each access policy itself is a service, the best way to get rid of a specific access policy's permissions as a whole, is by removing said access policy in your module's service provider.

A good example use case of alterPermissions would be to revoke a banned list of permissions outside of office hours. This would make it so no-one can perform any destructive actions while the help desk is offline.

Parameters

\Drupal\Core\Session\AccountInterface $account: The user account for which to alter the permissions.

string $scope: The scope to alter the permissions for.

\Drupal\Core\Session\RefinableCalculatedPermissionsInterface $calculated_permissions: The completely built calculated permissions.

1 method overrides AccessPolicyInterface::alterPermissions()

AccessPolicyBase::alterPermissions in core/lib/Drupal/Core/Session/AccessPolicyBase.php

Alter the permissions after all policies have finished building them.

File

core/lib/Drupal/Core/Session/AccessPolicyInterface.php, line 73

Class

AccessPolicyInterface

Defines the access policy interface.

Namespace

Drupal\Core\Session

Code

public function alterPermissions(AccountInterface $account, string $scope, RefinableCalculatedPermissionsInterface $calculated_permissions) : void;

---