class EntityAccessDeniedHttpException

Enhances the access denied exception with information about the entity.

@internal JSON:API maintains no PHP API. The API is the HTTP API. This class may change at any time and could break any dependencies on it.

Hierarchy

  • class \Drupal\jsonapi\Exception\EntityAccessDeniedHttpException implements \Drupal\jsonapi\JsonApiResource\ResourceIdentifierInterface uses \Drupal\Core\DependencyInjection\DependencySerializationTrait, \Drupal\jsonapi\JsonApiResource\ResourceIdentifierTrait extends \Drupal\Core\Http\Exception\CacheableAccessDeniedHttpException

Expanded class hierarchy of EntityAccessDeniedHttpException

See also

https://www.drupal.org/project/drupal/issues/3032787

jsonapi.api.php

8 files declare their use of EntityAccessDeniedHttpException
Data.php in core/modules/jsonapi/src/JsonApiResource/Data.php
EntityAccessChecker.php in core/modules/jsonapi/src/Access/EntityAccessChecker.php
EntityAccessDeniedHttpExceptionNormalizer.php in core/modules/jsonapi/src/Normalizer/EntityAccessDeniedHttpExceptionNormalizer.php
EntityResource.php in core/modules/jsonapi/src/Controller/EntityResource.php
IncludedData.php in core/modules/jsonapi/src/JsonApiResource/IncludedData.php

... See full list

File

View on git.drupalcode.org

core/modules/jsonapi/src/Exception/EntityAccessDeniedHttpException.php, line 24

Namespace

Drupal\jsonapi\Exception
View source 
class EntityAccessDeniedHttpException extends CacheableAccessDeniedHttpException implements ResourceIdentifierInterface {
  use DependencySerializationTrait;
  use ResourceIdentifierTrait;
  
  /**
   * The error which caused the 403.
   *
   * The error contains:
   *   - entity: The entity which the current user does not have access to.
   *   - pointer: A path in the JSON:API response structure pointing to the
   *     entity.
   *   - reason: (Optional) An optional reason for this failure.
   *
   * @var array
   */
  protected $error = [];
  
  /**
   * EntityAccessDeniedHttpException constructor.
   *
   * @param \Drupal\Core\Entity\EntityInterface|null $entity
   *   The entity, or NULL when an entity is being created.
   * @param \Drupal\Core\Access\AccessResultInterface $entity_access
   *   The access result.
   * @param string $pointer
   *   (optional) The pointer.
   * @param string $message
   *   (Optional) The display to display.
   * @param string $relationship_field
   *   (Optional) A relationship field name if access was denied because the
   *   user does not have permission to view an entity's relationship field.
   * @param \Exception|null $previous
   *   The previous exception.
   * @param int $code
   *   The code.
   */
  public function __construct($entity, AccessResultInterface $entity_access, $pointer, $message = 'The current user is not allowed to GET the selected resource.', $relationship_field = NULL, ?\Exception $previous = NULL, $code = 0) {
    assert(is_null($entity) || $entity instanceof EntityInterface);
    parent::__construct(CacheableMetadata::createFromObject($entity_access), $message, $previous, $code);
    $error = [
      'entity' => $entity,
      'pointer' => $pointer,
      'reason' => NULL,
      'relationship_field' => $relationship_field,
    ];
    if ($entity_access instanceof AccessResultReasonInterface) {
      $error['reason'] = $entity_access->getReason();
    }
    $this->error = $error;
    // @todo remove this ternary operation in https://www.drupal.org/project/drupal/issues/2997594.
    $this->resourceIdentifier = $entity ? ResourceIdentifier::fromEntity($entity) : NULL;
  }
  
  /**
   * Returns the error.
   *
   * @return array
   *   The error.
   */
  public function getError() {
    return $this->error;
  }

}

Members

Title Modifiers Object type Summary Overriden Title Overrides
CacheableDependencyTrait::$cacheContexts protected property Cache contexts.
CacheableDependencyTrait::$cacheMaxAge protected property Cache max-age.
CacheableDependencyTrait::$cacheTags protected property Cache tags.
CacheableDependencyTrait::getCacheContexts public function 4
CacheableDependencyTrait::getCacheMaxAge public function 4
CacheableDependencyTrait::getCacheTags public function 4
CacheableDependencyTrait::setCacheability protected function Sets cacheability; useful for value object constructors.
DependencySerializationTrait::$_entityStorages protected property An array of entity type IDs keyed by the property name of their storages.
DependencySerializationTrait::$_serviceIds protected property An array of service IDs keyed by property name used for serialization.
DependencySerializationTrait::__sleep public function 2
DependencySerializationTrait::__wakeup public function #[\ReturnTypeWillChange] 2
EntityAccessDeniedHttpException::$error protected property The error which caused the 403.
EntityAccessDeniedHttpException::getError public function Returns the error.
EntityAccessDeniedHttpException::__construct public function EntityAccessDeniedHttpException constructor. Overrides CacheableAccessDeniedHttpException::__construct
ResourceIdentifierTrait::$resourceIdentifier protected property A ResourceIdentifier object.
ResourceIdentifierTrait::$resourceType protected property The JSON:API resource type of the identified resource object.
ResourceIdentifierTrait::getId public function
ResourceIdentifierTrait::getResourceType public function
ResourceIdentifierTrait::getTypeName public function

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.