/** * Access control for the subscription settings user page. * * The user is checked for both global permissions and permissions to edit * his own subscriptions. * * @param \Drupal\Core\Entity\EntityInterface $user * The user object from the route. * * @return \Drupal\Core\Access\AccessResult * An access result object carrying the result of the check. */ public function access(EntityInterface $user) { if ($this->currentUser->hasPermission('manage all subscriptions')) { return AccessResult::allowed(); } elseif (!$this->currentUser->isAnonymous() && $this->currentUser->id() == $user->id() && $this->currentUser->hasPermission('manage own subscriptions')) { return AccessResult::allowed(); } return AccessResult::forbidden(); }
/** * Renders the main dashboard page. */ public function page() { $user_id = $this->currentUser->id(); $subscription_settings_url = Url::fromRoute('joinup_subscription.subscription_settings', ['user' => $user_id]); $links['subscription_settings'] = ['title' => $this->t('My subscriptions'), 'url' => $subscription_settings_url, 'attributes' => ['class' => ['button', 'button--small']]]; $licences_url = Url::fromRoute('joinup_licence.overview'); $links['licences'] = ['title' => $this->t('Licences overview'), 'url' => $licences_url, 'attributes' => ['class' => ['button', 'button--small']]]; $links = array_filter($links, function ($link) { return $link['url']->access(); }); $links = ['#theme' => 'links', '#links' => $links]; return $links; }