You are here

public function RelationshipRouteAccessCheck::access in Drupal 9

Checks access to the relationship field on the given route.

Parameters

\Symfony\Component\Routing\Route $route: The route to check against.

\Drupal\Core\Routing\RouteMatchInterface $route_match: The route match.

\Drupal\Core\Session\AccountInterface $account: The currently logged in account.

Return value

\Drupal\Core\Access\AccessResultInterface The access result.

File

core/modules/jsonapi/src/Access/RelationshipRouteAccessCheck.php, line 63

Class

RelationshipRouteAccessCheck
Defines a class to check access to related and relationship routes.

Namespace

Drupal\jsonapi\Access

Code

public function access(Route $route, RouteMatchInterface $route_match, AccountInterface $account = NULL) {
  [
    $relationship_field_name,
    $field_operation,
  ] = explode('.', $route
    ->getRequirement(static::ROUTE_REQUIREMENT_KEY));
  assert(in_array($field_operation, [
    'view',
    'edit',
  ], TRUE));
  $entity_operation = $field_operation === 'view' ? 'view' : 'update';
  if ($resource_type = $route_match
    ->getParameter(Routes::RESOURCE_TYPE_KEY)) {
    assert($resource_type instanceof ResourceType);
    $entity = $route_match
      ->getParameter('entity');
    $internal_name = $resource_type
      ->getInternalName($relationship_field_name);
    if ($entity instanceof FieldableEntityInterface && $entity
      ->hasField($internal_name)) {
      $entity_access = $this->entityAccessChecker
        ->checkEntityAccess($entity, $entity_operation, $account);
      $field_access = $entity
        ->get($internal_name)
        ->access($field_operation, $account, TRUE);

      // Ensure that access is respected for different entity revisions.
      $access_result = $entity_access
        ->andIf($field_access);
      if (!$access_result
        ->isAllowed()) {
        $reason = "The current user is not allowed to {$field_operation} this relationship.";
        $access_reason = $access_result instanceof AccessResultReasonInterface ? $access_result
          ->getReason() : NULL;
        $detailed_reason = empty($access_reason) ? $reason : $reason . " {$access_reason}";
        $access_result
          ->setReason($detailed_reason);
      }
      return $access_result;
    }
  }
  return AccessResult::neutral();
}