/** * Control access to a block instance. * * Modules may implement this hook if they want to have a say in whether or not * a given user has access to perform a given operation on a block instance. * * @param \Drupal\block\Entity\Block $block * The block instance. * @param string $operation * The operation to be performed, e.g., 'view', 'create', 'delete', 'update'. * @param \Drupal\user\Entity\User $account * The user object to perform the access check operation on. * @param string $langcode * The language code to perform the access check operation on. * * @return bool|null * FALSE denies access. TRUE allows access unless another module returns * FALSE. If all modules return NULL, then default access rules from * \Drupal\block\BlockAccessController::checkAccess() are used. * * @see \Drupal\Core\Entity\EntityAccessController::access() * @see \Drupal\block\BlockAccessController::checkAccess() * @ingroup block_api */ function hook_block_access(\Drupal\block\Entity\Block $block, $operation, \Drupal\user\Entity\User $account, $langcode) { // Example code that would prevent displaying the 'Powered by Drupal' block in // a region different than the footer. if ($operation == 'view' && $block->get('plugin') == 'system_powered_by_block' && $block->get('region') != 'footer') { return FALSE; } }
/** * Control access to a block instance. * * Modules may implement this hook if they want to have a say in whether or not * a given user has access to perform a given operation on a block instance. * * @param \Drupal\block\Entity\Block $block * The block instance. * @param string $operation * The operation to be performed, e.g., 'view', 'create', 'delete', 'update'. * @param \Drupal\user\Entity\User $account * The user object to perform the access check operation on. * @param string $langcode * The language code to perform the access check operation on. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. If all implementations of this hook return * AccessResultInterface objects whose value is !isAllowed() and * !isForbidden(), then default access rules from * \Drupal\block\BlockAccessControlHandler::checkAccess() are used. * * @see \Drupal\Core\Entity\EntityAccessControlHandler::access() * @see \Drupal\block\BlockAccessControlHandler::checkAccess() * @ingroup block_api */ function hook_block_access(\Drupal\block\Entity\Block $block, $operation, \Drupal\user\Entity\User $account, $langcode) { // Example code that would prevent displaying the 'Powered by Drupal' block in // a region different than the footer. if ($operation == 'view' && $block->get('plugin') == 'system_powered_by_block') { return AccessResult::forbiddenIf($block->get('region') != 'footer')->cacheUntilEntityChanges($block); } // No opinion. return AccessResult::neutral(); }