authorize_access_allowed

authorize_access_allowed(Request $request)

Determines if the current user is allowed to run authorize.php.

The killswitch in settings.php overrides all else, otherwise, the user must have access to the 'administer software updates' permission.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The incoming request.

Return value

bool TRUE if the current user can run authorize.php, and FALSE if not.

File

core/authorize.php, line 57: Administrative script for running authorized file operations.

Code

function authorize_access_allowed(Request $request) {
  $account = \Drupal::service('authentication')->authenticate($request);
  if ($account) {
    \Drupal::currentUser()->setAccount($account);
  }
  return Settings::get('allow_authorize_operations', TRUE) && \Drupal::currentUser()->hasPermission('administer software updates');
}

Links:

https://api.drupal.org/api/drupal/core%21authorize.php/function/authorize_access_allowed/8.2.x

doc_Drupal

2016-10-29 08:45:17

Comments