PermissionsHashGenerator::doGenerate

protected PermissionsHashGenerator::doGenerate(array $roles)

Generates a hash that uniquely identifies the user's permissions.

Parameters

string[] $roles: The user's roles.

Return value

string The permissions hash.

File

core/lib/Drupal/Core/Session/PermissionsHashGenerator.php, line 95

Class

PermissionsHashGenerator: Generates and caches the permissions hash for a user.

Namespace

Drupal\Core\Session

Code

protected function doGenerate(array $roles) {
  // @todo Once Drupal gets rid of user_role_permissions(), we should be able
  // to inject the user role controller and call a method on that instead.
  $permissions_by_role = user_role_permissions($roles);
  foreach ($permissions_by_role as $role => $permissions) {
    sort($permissions);
    // Note that for admin roles (\Drupal\user\RoleInterface::isAdmin()), the
    // permissions returned will be empty ($permissions = []). Therefore the
    // presence of the role ID as a key in $permissions_by_role is essential
    // to ensure that the hash correctly recognizes admin roles. (If the hash
    // was based solely on the union of $permissions, the admin roles would
    // effectively be no-ops, allowing for hash collisions.)
    $permissions_by_role[$role] = $permissions;
  }
  return $this->hash(serialize($permissions_by_role));
}

Links:

https://api.drupal.org/api/drupal/core%21lib%21Drupal%21Core%21Session%21PermissionsHashGenerator.php/function/PermissionsHashGenerator%3A%3AdoGenerate/8.2.x

doc_Drupal

2025-01-10 15:47:30

Comments