You are here

Home » API reference » Drupal 10 » TemporaryQueryGuard.php » TemporaryQueryGuard

protected static function TemporaryQueryGuard::getAccessResultsFromEntityFilterHook in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/jsonapi/src/Access/TemporaryQueryGuard.php \Drupal\jsonapi\Access\TemporaryQueryGuard::getAccessResultsFromEntityFilterHook()
  2. 9 core/modules/jsonapi/src/Access/TemporaryQueryGuard.php \Drupal\jsonapi\Access\TemporaryQueryGuard::getAccessResultsFromEntityFilterHook()

Gets the combined access result for each JSONAPI_FILTER_AMONG_* subset.

This invokes hook_jsonapi_entity_filter_access() and hook_jsonapi_ENTITY_TYPE_filter_access() and combines the results from all of the modules into a single set of results.

Parameters

\Drupal\Core\Entity\EntityTypeInterface $entity_type: The entity type for which to check filter access.

\Drupal\Core\Session\AccountInterface $account: The account for which to check access.

Return value

\Drupal\Core\Access\AccessResultInterface[] The array of access results, keyed by subset. See hook_jsonapi_entity_filter_access() for details.

File

core/modules/jsonapi/src/Access/TemporaryQueryGuard.php, line 432

Class

TemporaryQueryGuard
Adds sufficient access control to collection queries.

Namespace

Drupal\jsonapi\Access

Code

protected static function getAccessResultsFromEntityFilterHook(EntityTypeInterface $entity_type, AccountInterface $account) {

  /** @var \Drupal\Core\Access\AccessResultInterface[] $combined_access_results */
  $combined_access_results = [
    JSONAPI_FILTER_AMONG_ALL => AccessResult::neutral(),
    JSONAPI_FILTER_AMONG_PUBLISHED => AccessResult::neutral(),
    JSONAPI_FILTER_AMONG_ENABLED => AccessResult::neutral(),
    JSONAPI_FILTER_AMONG_OWN => AccessResult::neutral(),
  ];

  // Invoke hook_jsonapi_entity_filter_access() and
  // hook_jsonapi_ENTITY_TYPE_filter_access() for each module and merge its
  // results with the combined results.
  foreach ([
    'jsonapi_entity_filter_access',
    'jsonapi_' . $entity_type
      ->id() . '_filter_access',
  ] as $hook) {
    static::$moduleHandler
      ->invokeAllWith($hook, function (callable $hook, string $module) use (&$combined_access_results, $entity_type, $account) {
      $module_access_results = $hook($entity_type, $account);
      if ($module_access_results) {
        foreach ($module_access_results as $subset => $access_result) {
          $combined_access_results[$subset] = $combined_access_results[$subset]
            ->orIf($access_result);
        }
      }
    });
  }
  return $combined_access_results;
}