You are here

public function EntityAccessChecker::checkEntityAccess in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()
  2. 9 core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::checkEntityAccess()

Checks access to the given entity.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity for which access should be evaluated.

string $operation: The entity operation for which access should be evaluated.

\Drupal\Core\Session\AccountInterface $account: (optional) The account with which access should be checked. Defaults to the current user.

Return value

\Drupal\Core\Access\AccessResultInterface|\Drupal\Core\Access\AccessResultReasonInterface The access check result.

File

core/modules/jsonapi/src/Access/EntityAccessChecker.php, line 158

Class

EntityAccessChecker
Checks access to entities.

Namespace

Drupal\jsonapi\Access

Code

public function checkEntityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
  $access = $entity
    ->access($operation, $account, TRUE);
  if ($entity
    ->getEntityType()
    ->isRevisionable()) {
    $access = AccessResult::neutral()
      ->addCacheContexts([
      'url.query_args:' . JsonApiSpec::VERSION_QUERY_PARAMETER,
    ])
      ->orIf($access);
    if (!$entity
      ->isDefaultRevision()) {
      assert($operation === 'view', 'JSON:API does not yet support mutable operations on revisions.');
      $revision_access = $this
        ->checkRevisionViewAccess($entity, $account);
      $access = $access
        ->andIf($revision_access);

      // The revision access reason should trump the primary access reason.
      if (!$access
        ->isAllowed()) {
        $reason = $access instanceof AccessResultReasonInterface ? $access
          ->getReason() : '';
        $access
          ->setReason(trim('The user does not have access to the requested version. ' . $reason));
      }
    }
  }
  return $access;
}