function EntityAccessChecker::checkEntityAccess
Same name in other branches
- 9 core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()
- 8.9.x core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()
- 10 core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()
Checks access to the given entity.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity for which access should be evaluated.
string $operation: The entity operation for which access should be evaluated.
\Drupal\Core\Session\AccountInterface $account: (optional) The account with which access should be checked. Defaults to the current user.
Return value
\Drupal\Core\Access\AccessResultInterface|\Drupal\Core\Access\AccessResultReasonInterface The access check result.
1 call to EntityAccessChecker::checkEntityAccess()
- EntityAccessChecker::getAccessCheckedResourceObject in core/
modules/ jsonapi/ src/ Access/ EntityAccessChecker.php - Get the object to normalize and the access based on the provided entity.
File
-
core/
modules/ jsonapi/ src/ Access/ EntityAccessChecker.php, line 158
Class
- EntityAccessChecker
- Checks access to entities.
Namespace
Drupal\jsonapi\AccessCode
public function checkEntityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
$access = $entity->access($operation, $account, TRUE);
if ($entity->getEntityType()
->isRevisionable()) {
$access = AccessResult::neutral()->addCacheContexts([
'url.query_args:' . JsonApiSpec::VERSION_QUERY_PARAMETER,
])
->orIf($access);
if (!$entity->isDefaultRevision()) {
assert($operation === 'view', 'JSON:API does not yet support mutable operations on revisions.');
$revision_access = $this->checkRevisionViewAccess($entity, $account);
$access = $access->andIf($revision_access);
// The revision access reason should trump the primary access reason.
if (!$access->isAllowed()) {
$reason = $access instanceof AccessResultReasonInterface ? $access->getReason() : '';
$access->setReason(trim('The user does not have access to the requested version. ' . $reason));
}
}
}
return $access;
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.