function EntityAccessChecker::checkEntityAccess

Same name in other branches
  1. 9 core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()
  2. 8.9.x core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()
  3. 11.x core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()

Checks access to the given entity.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which access should be evaluated.

string $operation: The entity operation for which access should be evaluated.

\Drupal\Core\Session\AccountInterface $account: (optional) The account with which access should be checked. Defaults to the current user.

Return value

\Drupal\Core\Access\AccessResultInterface|\Drupal\Core\Access\AccessResultReasonInterface The access check result.

1 call to EntityAccessChecker::checkEntityAccess()
EntityAccessChecker::getAccessCheckedResourceObject in core/modules/jsonapi/src/Access/EntityAccessChecker.php
Get the object to normalize and the access based on the provided entity.

File

core/modules/jsonapi/src/Access/EntityAccessChecker.php, line 158

Class

EntityAccessChecker
Checks access to entities.

Namespace

Drupal\jsonapi\Access

Code

public function checkEntityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
    $access = $entity->access($operation, $account, TRUE);
    if ($entity->getEntityType()
        ->isRevisionable()) {
        $access = AccessResult::neutral()->addCacheContexts([
            'url.query_args:' . JsonApiSpec::VERSION_QUERY_PARAMETER,
        ])
            ->orIf($access);
        if (!$entity->isDefaultRevision()) {
            assert($operation === 'view', 'JSON:API does not yet support mutable operations on revisions.');
            $revision_access = $this->checkRevisionViewAccess($entity, $account);
            $access = $access->andIf($revision_access);
            // The revision access reason should trump the primary access reason.
            if (!$access->isAllowed()) {
                $reason = $access instanceof AccessResultReasonInterface ? $access->getReason() : '';
                $access->setReason(trim('The user does not have access to the requested version. ' . $reason));
            }
        }
    }
    return $access;
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.