--- /dev/null
+<?php
+
+namespace Drupal\Core\Access;
+
+use Symfony\Component\HttpFoundation\Request;
+use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Routing\RouteMatchInterface;
+
+/**
+ * Provides an interface for attaching and running access check services.
+ */
+interface AccessManagerInterface {
+
+ /**
+ * Checks a named route with parameters against applicable access check services.
+ *
+ * Determines whether the route is accessible or not.
+ *
+ * @param string $route_name
+ * The route to check access to.
+ * @param array $parameters
+ * Optional array of values to substitute into the route path pattern.
+ * @param \Drupal\Core\Session\AccountInterface $account
+ * (optional) Run access checks for this account. Defaults to the current
+ * user.
+ * @param bool $return_as_object
+ * (optional) Defaults to FALSE.
+ *
+ * @return bool|\Drupal\Core\Access\AccessResultInterface
+ * The access result. Returns a boolean if $return_as_object is FALSE (this
+ * is the default) and otherwise an AccessResultInterface object.
+ * When a boolean is returned, the result of AccessInterface::isAllowed() is
+ * returned, i.e. TRUE means access is explicitly allowed, FALSE means
+ * access is either explicitly forbidden or "no opinion".
+ */
+ public function checkNamedRoute($route_name, array $parameters = [], AccountInterface $account = NULL, $return_as_object = FALSE);
+
+ /**
+ * Execute access checks against the incoming request.
+ *
+ * @param Request $request
+ * The incoming request.
+ * @param \Drupal\Core\Session\AccountInterface $account
+ * (optional) Run access checks for this account. Defaults to the current
+ * user.
+ * @param bool $return_as_object
+ * (optional) Defaults to FALSE.
+ *
+ * @return bool|\Drupal\Core\Access\AccessResultInterface
+ * The access result. Returns a boolean if $return_as_object is FALSE (this
+ * is the default) and otherwise an AccessResultInterface object.
+ * When a boolean is returned, the result of AccessInterface::isAllowed() is
+ * returned, i.e. TRUE means access is explicitly allowed, FALSE means
+ * access is either explicitly forbidden or "no opinion".
+ */
+ public function checkRequest(Request $request, AccountInterface $account = NULL, $return_as_object = FALSE);
+
+ /**
+ * Checks a route against applicable access check services.
+ *
+ * Determines whether the route is accessible or not.
+ *
+ * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
+ * The route match.
+ * @param \Drupal\Core\Session\AccountInterface $account
+ * (optional) Run access checks for this account. Defaults to the current
+ * user.
+ * @param \Symfony\Component\HttpFoundation\Request $request
+ * Optional, a request. Only supply this parameter when checking the
+ * incoming request, do not specify when checking routes on output.
+ * @param bool $return_as_object
+ * (optional) Defaults to FALSE.
+ *
+ * @return bool|\Drupal\Core\Access\AccessResultInterface
+ * The access result. Returns a boolean if $return_as_object is FALSE (this
+ * is the default) and otherwise an AccessResultInterface object.
+ * When a boolean is returned, the result of AccessInterface::isAllowed() is
+ * returned, i.e. TRUE means access is explicitly allowed, FALSE means
+ * access is either explicitly forbidden or "no opinion".
+ */
+ public function check(RouteMatchInterface $route_match, AccountInterface $account = NULL, Request $request = NULL, $return_as_object = FALSE);
+
+}