You are here

protected static function TemporaryQueryGuard::applyAccessConditions in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/jsonapi/src/Access/TemporaryQueryGuard.php \Drupal\jsonapi\Access\TemporaryQueryGuard::applyAccessConditions()
  2. 10 core/modules/jsonapi/src/Access/TemporaryQueryGuard.php \Drupal\jsonapi\Access\TemporaryQueryGuard::applyAccessConditions()

Applies access conditions to ensure 'view' access is respected.

Since the given entity type might not be the base entity type of the query, the field prefix should be applied to ensure that the conditions are applied to the right subset of entities in the query.

Parameters

\Drupal\Core\Entity\Query\QueryInterface $query: The query to which access conditions should be applied.

string $entity_type_id: The entity type for which to access conditions should be applied.

string|null $field_prefix: A prefix to add before any query condition fields. NULL if no prefix should be added.

\Drupal\Core\Cache\CacheableMetadata $cacheability: Collects cacheability for the query.

1 call to TemporaryQueryGuard::applyAccessConditions()
TemporaryQueryGuard::secureQuery in core/modules/jsonapi/src/Access/TemporaryQueryGuard.php
Applies tags, metadata and conditions to secure an entity query.

File

core/modules/jsonapi/src/Access/TemporaryQueryGuard.php, line 197

Class

TemporaryQueryGuard
Adds sufficient access control to collection queries.

Namespace

Drupal\jsonapi\Access

Code

protected static function applyAccessConditions(QueryInterface $query, $entity_type_id, $field_prefix, CacheableMetadata $cacheability) {
  $access_condition = static::getAccessCondition($entity_type_id, $cacheability);
  if ($access_condition) {
    $prefixed_condition = !is_null($field_prefix) ? static::addConditionFieldPrefix($access_condition, $field_prefix) : $access_condition;
    $filter = new Filter($prefixed_condition);
    $query
      ->condition($filter
      ->queryCondition($query));
  }
}