diff --git a/core/lib/Drupal/Core/Access/AccessCheckInterface.php b/core/lib/Drupal/Core/Access/AccessCheckInterface.php index 0280330..9622295 100644 --- a/core/lib/Drupal/Core/Access/AccessCheckInterface.php +++ b/core/lib/Drupal/Core/Access/AccessCheckInterface.php @@ -16,6 +16,21 @@ interface AccessCheckInterface { /** + * @TODO + */ + const ACCEPT = TRUE; + + /** + * @TODO + */ + const KILL = FALSE; + + /** + * @TODO + */ + const DENY = NULL; + + /** * Declares whether the access check applies to a specific route or not. * * @param \Symfony\Component\Routing\Route $route diff --git a/core/lib/Drupal/Core/Access/AccessManager.php b/core/lib/Drupal/Core/Access/AccessManager.php index 879ddb9..8743664 100644 --- a/core/lib/Drupal/Core/Access/AccessManager.php +++ b/core/lib/Drupal/Core/Access/AccessManager.php @@ -135,11 +135,11 @@ protected function checkAnd(array $checks, Route $route, Request $request) { } $service_access = $this->checks[$service_id]->access($route, $request); - if ($service_access === FALSE) { + if ($service_access === AccessCheckInterface::KILL) { $access = FALSE; break; } - if ($service_access === TRUE) { + if ($service_access === AccessCheckInterface::ACCEPT) { $access = TRUE; } } @@ -170,12 +170,11 @@ protected function checkOr(array $checks, $route, $request) { } $service_access = $this->checks[$service_id]->access($route, $request); - if ($service_access === TRUE) { + if ($service_access === AccessCheckinterface::ACCEPT) { return TRUE; } - if ($service_access === FALSE) { - $access = FALSE; - break; + if ($service_access === AccessCheckInterface::KILL) { + return FALSE; } } diff --git a/core/lib/Drupal/Core/Access/DefaultAccessCheck.php b/core/lib/Drupal/Core/Access/DefaultAccessCheck.php index 224e206..20f2f16 100644 --- a/core/lib/Drupal/Core/Access/DefaultAccessCheck.php +++ b/core/lib/Drupal/Core/Access/DefaultAccessCheck.php @@ -23,17 +23,18 @@ public function applies(Route $route) { } /** - * Implements AccessCheckInterface::access(). + * {@inheritdoc} */ public function access(Route $route, Request $request) { if ($route->getRequirement('_access') === 'TRUE') { - return TRUE; + return static::ACCEPT; } elseif ($route->getRequirement('_access') === 'FALSE') { - return FALSE; + return static::KILL; } else { - return NULL; + return static::DENY; } } + } diff --git a/core/modules/user/lib/Drupal/user/Access/PermissionAccessCheck.php b/core/modules/user/lib/Drupal/user/Access/PermissionAccessCheck.php index 9318189..2b3fc59 100644 --- a/core/modules/user/lib/Drupal/user/Access/PermissionAccessCheck.php +++ b/core/modules/user/lib/Drupal/user/Access/PermissionAccessCheck.php @@ -31,6 +31,6 @@ public function access(Route $route, Request $request) { // @todo Replace user_access() with a correctly injected and session-using // alternative. // If user_access() fails, return NULL to give other checks a chance. - return user_access($permission) ? TRUE : NULL; + return user_access($permission) ? static::ACCEPT : static::DENY; } } diff --git a/core/modules/user/lib/Drupal/user/Access/RoleAccessCheck.php b/core/modules/user/lib/Drupal/user/Access/RoleAccessCheck.php index 104763d..9e50de7 100644 --- a/core/modules/user/lib/Drupal/user/Access/RoleAccessCheck.php +++ b/core/modules/user/lib/Drupal/user/Access/RoleAccessCheck.php @@ -42,19 +42,19 @@ public function access(Route $route, Request $request) { if (count($explode_and) > 1) { $diff = array_diff($explode_and, array_keys($account->roles)); if (empty($diff)) { - return TRUE; + return static::ACCEPT; } } else { $explode_or = array_filter(array_map('trim', explode(',', $rid_string))); $intersection = array_intersect($explode_or, array_keys($account->roles)); if (!empty($intersection)) { - return TRUE; + return static::ACCEPT; } } - // If there is no allowed role, return NULL to give other checks a chance. - return NULL; + // If there is no allowed role, return DENY to give other checks a chance. + return static::DENY; } }