diff --git a/core/modules/user/src/Access/PermissionAccessCheck.php b/core/modules/user/src/Access/PermissionAccessCheck.php index 25a52f4..a261481 100644 --- a/core/modules/user/src/Access/PermissionAccessCheck.php +++ b/core/modules/user/src/Access/PermissionAccessCheck.php @@ -31,14 +31,14 @@ class PermissionAccessCheck implements AccessInterface { */ public function access(Route $route, AccountInterface $account) { $permission = $route->getRequirement('_permission'); - // Allow to conjunct the permissions with OR (',') or AND ('+'). + // Allow to conjunct the permissions with OR ('+') or AND (','). $split = explode(',', $permission); if (count($split) > 1) { - return AccessResult::allowedIfHasPermissions($account, $split, 'OR'); + return AccessResult::allowedIfHasPermissions($account, $split, 'AND'); } else { $split = explode('+', $permission); - return AccessResult::allowedIfHasPermissions($account, $split, 'AND'); + return AccessResult::allowedIfHasPermissions($account, $split, 'OR'); } } diff --git a/core/modules/user/tests/src/Unit/PermissionAccessCheckTest.php b/core/modules/user/tests/src/Unit/PermissionAccessCheckTest.php index b5f4af0..a6e57e1 100644 --- a/core/modules/user/tests/src/Unit/PermissionAccessCheckTest.php +++ b/core/modules/user/tests/src/Unit/PermissionAccessCheckTest.php @@ -7,7 +7,6 @@ namespace Drupal\Tests\user\Unit; -use Drupal\Core\Access\AccessCheckInterface; use Drupal\Core\Access\AccessResult; use Drupal\Tests\UnitTestCase; use Drupal\user\Access\PermissionAccessCheck; @@ -48,9 +47,9 @@ public function providerTestAccess() { [[], $neutral], [['_permission' => 'allowed'], $allowed], [['_permission' => 'denied'], $neutral], - [['_permission' => 'allowed,denied'], $allowed], - [['_permission' => 'allowed,denied,other'], $allowed], - [['_permission' => 'allowed+denied'], $neutral], + [['_permission' => 'allowed+denied'], $allowed], + [['_permission' => 'allowed+denied+other'], $allowed], + [['_permission' => 'allowed-denied'], $neutral], ]; }