function PermissionsHashGenerator::doGenerate

Same name in other branches
  1. 8.9.x core/lib/Drupal/Core/Session/PermissionsHashGenerator.php \Drupal\Core\Session\PermissionsHashGenerator::doGenerate()
  2. 10 core/lib/Drupal/Core/Session/PermissionsHashGenerator.php \Drupal\Core\Session\PermissionsHashGenerator::doGenerate()

Generates a hash that uniquely identifies the user's permissions.

Parameters

string[] $roles: The user's roles.

Return value

string The permissions hash.

1 call to PermissionsHashGenerator::doGenerate()
PermissionsHashGenerator::generate in core/lib/Drupal/Core/Session/PermissionsHashGenerator.php
Cached by role, invalidated whenever permissions change.

File

core/lib/Drupal/Core/Session/PermissionsHashGenerator.php, line 95

Class

PermissionsHashGenerator
Generates and caches the permissions hash for a user.

Namespace

Drupal\Core\Session

Code

protected function doGenerate(array $roles) {
    // @todo Once Drupal gets rid of user_role_permissions(), we should be able
    // to inject the user role controller and call a method on that instead.
    $permissions_by_role = user_role_permissions($roles);
    foreach ($permissions_by_role as $role => $permissions) {
        sort($permissions);
        // Note that for admin roles (\Drupal\user\RoleInterface::isAdmin()), the
        // permissions returned will be empty ($permissions = []). Therefore the
        // presence of the role ID as a key in $permissions_by_role is essential
        // to ensure that the hash correctly recognizes admin roles. (If the hash
        // was based solely on the union of $permissions, the admin roles would
        // effectively be no-ops, allowing for hash collisions.)
        $permissions_by_role[$role] = $permissions;
    }
    return $this->hash(serialize($permissions_by_role));
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.