Chris@0: <?php
Chris@0: 
Chris@0: namespace Drupal\system\Access;
Chris@0: 
Chris@0: use Drupal\Core\Routing\Access\AccessInterface;
Chris@0: use Drupal\Core\Access\AccessResult;
Chris@0: use Drupal\Core\Session\AccountInterface;
Chris@0: use Drupal\Core\Site\Settings;
Chris@0: 
Chris@0: /**
Chris@0:  * Access check for database update routes.
Chris@0:  */
Chris@0: class DbUpdateAccessCheck implements AccessInterface {
Chris@0: 
Chris@0:   /**
Chris@0:    * Checks access for update routes.
Chris@0:    *
Chris@0:    * @param \Drupal\Core\Session\AccountInterface $account
Chris@0:    *   The currently logged in account.
Chris@0:    *
Chris@0:    * @return string
Chris@0:    *   A \Drupal\Core\Access\AccessInterface constant value.
Chris@0:    */
Chris@0:   public function access(AccountInterface $account) {
Chris@0:     // Allow the global variable in settings.php to override the access check.
Chris@0:     if (Settings::get('update_free_access')) {
Chris@0:       return AccessResult::allowed()->setCacheMaxAge(0);
Chris@0:     }
Chris@0: 
Chris@0:     if ($account->hasPermission('administer software updates')) {
Chris@0:       return AccessResult::allowed()->cachePerPermissions();
Chris@0:     }
Chris@0:     else {
Chris@0:       return AccessResult::forbidden()->cachePerPermissions();
Chris@0:     }
Chris@0:   }
Chris@0: 
Chris@0: }