function EntityAccessChecker::checkEntityAccess

Same name and namespace in other branches
  1. 9 core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()
  2. 8.9.x core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()
  3. 11.x core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()

Checks access to the given entity.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which access should be evaluated.

string $operation: The entity operation for which access should be evaluated.

\Drupal\Core\Session\AccountInterface $account: (optional) The account with which access should be checked. Defaults to the current user.

Return value

\Drupal\Core\Access\AccessResultInterface|\Drupal\Core\Access\AccessResultReasonInterface The access check result.

1 call to EntityAccessChecker::checkEntityAccess()
EntityAccessChecker::getAccessCheckedResourceObject in core/modules/jsonapi/src/Access/EntityAccessChecker.php
Get the object to normalize and the access based on the provided entity.

File

core/modules/jsonapi/src/Access/EntityAccessChecker.php, line 158

Class

EntityAccessChecker
Checks access to entities.

Namespace

Drupal\jsonapi\Access

Code

public function checkEntityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
  $access = $entity->access($operation, $account, TRUE);
  if ($entity->getEntityType()
    ->isRevisionable()) {
    $access = AccessResult::neutral()->addCacheContexts([
      'url.query_args:' . JsonApiSpec::VERSION_QUERY_PARAMETER,
    ])
      ->orIf($access);
    if (!$entity->isDefaultRevision()) {
      assert($operation === 'view', 'JSON:API does not yet support mutable operations on revisions.');
      $revision_access = $this->checkRevisionViewAccess($entity, $account);
      $access = $access->andIf($revision_access);
      // The revision access reason should trump the primary access reason.
      if (!$access->isAllowed()) {
        $reason = $access instanceof AccessResultReasonInterface ? $access->getReason() : '';
        $access->setReason(trim('The user does not have access to the requested version. ' . $reason));
      }
    }
  }
  return $access;
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.