function AccessPolicyInterface::alterPermissions
Same name in other branches
- 10 core/lib/Drupal/Core/Session/AccessPolicyInterface.php \Drupal\Core\Session\AccessPolicyInterface::alterPermissions()
Alter the permissions after all policies have finished building them.
This should only be used to revoke permissions. If you wish to add permissions, you should write another access policy that uses the calculatePermissions method instead.
Keep in mind that there are many ways to alter access policy results. Because each access policy itself is a service, the best way to get rid of a specific access policy's permissions as a whole, is by removing said access policy in your module's service provider.
A good example use case of alterPermissions would be to revoke a banned list of permissions outside of office hours. This would make it so no-one can perform any destructive actions while the help desk is offline.
Parameters
\Drupal\Core\Session\AccountInterface $account: The user account for which to alter the permissions.
string $scope: The scope to alter the permissions for.
\Drupal\Core\Session\RefinableCalculatedPermissionsInterface $calculated_permissions: The completely built calculated permissions.
1 method overrides AccessPolicyInterface::alterPermissions()
- AccessPolicyBase::alterPermissions in core/
lib/ Drupal/ Core/ Session/ AccessPolicyBase.php - Alter the permissions after all policies have finished building them.
File
-
core/
lib/ Drupal/ Core/ Session/ AccessPolicyInterface.php, line 73
Class
- AccessPolicyInterface
- Defines the access policy interface.
Namespace
Drupal\Core\SessionCode
public function alterPermissions(AccountInterface $account, string $scope, RefinableCalculatedPermissionsInterface $calculated_permissions) : void;
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.