function hook_block_access

Control access to a block instance.

Modules may implement this hook if they want to have a say in whether or not a given user has access to perform a given operation on a block instance.

Parameters

\Drupal\block\Entity\Block $block: The block instance.

string $operation: The operation to be performed; for instance, 'view', 'create', 'delete', or 'update'.

\Drupal\Core\Session\AccountInterface $account: The user object to perform the access check operation on.

Return value

\Drupal\Core\Access\AccessResultInterface The access result. If all implementations of this hook return AccessResultInterface objects whose value is !isAllowed() and !isForbidden(), then default access rules from \Drupal\block\BlockAccessControlHandler::checkAccess() are used.

See also

\Drupal\Core\Entity\EntityAccessControlHandler::access()

\Drupal\block\BlockAccessControlHandler::checkAccess()

Related topics

Block API
Information about the classes and interfaces that make up the Block API.
Hooks
Define functions that alter the behavior of Drupal core.

File

core/modules/block/block.api.php, line 236

Code

function hook_block_access(Block $block, $operation, AccountInterface $account) {
    // Example code that would prevent displaying the 'Powered by Drupal' block in
    // a region different than the footer.
    if ($operation == 'view' && $block->getPluginId() == 'system_powered_by_block') {
        return AccessResult::forbiddenIf($block->getRegion() != 'footer')
            ->addCacheableDependency($block);
    }
    // No opinion.
    return AccessResult::neutral();
}