protected PermissionsHashGenerator::doGenerate(array $roles)
Generates a hash that uniquely identifies the user's permissions.
string[] $roles: The user's roles.
string The permissions hash.
protected function doGenerate(array $roles) {
// @todo Once Drupal gets rid of user_role_permissions(), we should be able
// to inject the user role controller and call a method on that instead.
$permissions_by_role = user_role_permissions($roles);
foreach ($permissions_by_role as $role => $permissions) {
sort($permissions);
// Note that for admin roles (\Drupal\user\RoleInterface::isAdmin()), the
// permissions returned will be empty ($permissions = []). Therefore the
// presence of the role ID as a key in $permissions_by_role is essential
// to ensure that the hash correctly recognizes admin roles. (If the hash
// was based solely on the union of $permissions, the admin roles would
// effectively be no-ops, allowing for hash collisions.)
$permissions_by_role[$role] = $permissions;
}
return $this->hash(serialize($permissions_by_role));
}
© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/core!lib!Drupal!Core!Session!PermissionsHashGenerator.php/function/PermissionsHashGenerator::doGenerate/8.1.x