Chris@0: <?php
Chris@0: 
Chris@0: namespace Drupal\Core\Condition;
Chris@0: 
Chris@0: use Drupal\Component\Plugin\Exception\ContextException;
Chris@0: 
Chris@0: /**
Chris@0:  * Resolves a set of conditions.
Chris@0:  */
Chris@0: trait ConditionAccessResolverTrait {
Chris@0: 
Chris@0:   /**
Chris@0:    * Resolves the given conditions based on the condition logic ('and'/'or').
Chris@0:    *
Chris@0:    * @param \Drupal\Core\Condition\ConditionInterface[] $conditions
Chris@0:    *   A set of conditions.
Chris@0:    * @param string $condition_logic
Chris@0:    *   The logic used to compute access, either 'and' or 'or'.
Chris@0:    *
Chris@0:    * @return bool
Chris@0:    *   Whether these conditions grant or deny access.
Chris@0:    */
Chris@0:   protected function resolveConditions($conditions, $condition_logic) {
Chris@0:     foreach ($conditions as $condition) {
Chris@0:       try {
Chris@0:         $pass = $condition->execute();
Chris@0:       }
Chris@0:       catch (ContextException $e) {
Chris@0:         // If a condition is missing context and is not negated, consider that a
Chris@0:         // fail.
Chris@0:         $pass = $condition->isNegated();
Chris@0:       }
Chris@0: 
Chris@0:       // If a condition fails and all conditions were needed, deny access.
Chris@0:       if (!$pass && $condition_logic == 'and') {
Chris@0:         return FALSE;
Chris@0:       }
Chris@0:       // If a condition passes and only one condition was needed, grant access.
Chris@0:       elseif ($pass && $condition_logic == 'or') {
Chris@0:         return TRUE;
Chris@0:       }
Chris@0:     }
Chris@0: 
Chris@0:     // Return TRUE if logic was 'and', meaning all rules passed.
Chris@0:     // Return FALSE if logic was 'or', meaning no rule passed.
Chris@0:     return $condition_logic == 'and';
Chris@0:   }
Chris@0: 
Chris@0: }