You are here

public function EntityAccessChecker::getAccessCheckedResourceObject in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/jsonapi/src/Access/EntityAccessChecker.php \Drupal\jsonapi\Access\EntityAccessChecker::getAccessCheckedResourceObject()

Get the object to normalize and the access based on the provided entity.

Parameters

\Drupal\Core\Entity\EntityInterface $entity: The entity to test access for.

\Drupal\Core\Session\AccountInterface $account: (optional) The account with which access should be checked. Defaults to the current user.

Return value

\Drupal\jsonapi\JsonApiResource\ResourceObject|\Drupal\jsonapi\JsonApiResource\LabelOnlyResourceObject|\Drupal\jsonapi\Exception\EntityAccessDeniedHttpException The ResourceObject, a LabelOnlyResourceObject or an EntityAccessDeniedHttpException object if neither is accessible. All three possible return values carry the access result cacheability.

File

core/modules/jsonapi/src/Access/EntityAccessChecker.php, line 168

Class

EntityAccessChecker
Checks access to entities.

Namespace

Drupal\jsonapi\Access

Code

public function getAccessCheckedResourceObject(EntityInterface $entity, AccountInterface $account = NULL) {
  $account = $account ?: $this->currentUser;
  $resource_type = $this->resourceTypeRepository
    ->get($entity
    ->getEntityTypeId(), $entity
    ->bundle());
  $entity = $this->entityRepository
    ->getTranslationFromContext($entity, NULL, [
    'operation' => 'entity_upcast',
  ]);
  $access = $this
    ->checkEntityAccess($entity, 'view', $account);
  $entity
    ->addCacheableDependency($access);
  if (!$access
    ->isAllowed()) {

    // If this is the default revision or the entity is not revisionable, then
    // check access to the entity label. Revision support is all or nothing.
    if (!$entity
      ->getEntityType()
      ->isRevisionable() || $entity
      ->isDefaultRevision()) {
      $label_access = $entity
        ->access('view label', NULL, TRUE);
      $entity
        ->addCacheableDependency($label_access);
      if ($label_access
        ->isAllowed()) {
        return LabelOnlyResourceObject::createFromEntity($resource_type, $entity);
      }
      $access = $access
        ->orIf($label_access);
    }
    return new EntityAccessDeniedHttpException($entity, $access, '/data', 'The current user is not allowed to GET the selected resource.');
  }
  return ResourceObject::createFromEntity($resource_type, $entity);
}