diff --git a/core/modules/user/lib/Drupal/user/Access/RoleAccessCheck.php b/core/modules/user/lib/Drupal/user/Access/RoleAccessCheck.php index 9180dd2..507a829 100644 --- a/core/modules/user/lib/Drupal/user/Access/RoleAccessCheck.php +++ b/core/modules/user/lib/Drupal/user/Access/RoleAccessCheck.php @@ -33,9 +33,8 @@ public function access(Route $route, Request $request) { // @todo Replace the role check with a correctly injected and session-using // alternative. $account = $GLOBALS['user']; - $roles = array_keys($account->roles); - $diff = array_diff(array_filter($rids), $roles); + $diff = array_diff(array_filter($rids), array_keys($account->roles)); if (empty($diff)) { return TRUE; }