class EntityAccessDeniedHttpException in Drupal 9
Same name and namespace in other branches
- 8 core/modules/jsonapi/src/Exception/EntityAccessDeniedHttpException.php \Drupal\jsonapi\Exception\EntityAccessDeniedHttpException
Enhances the access denied exception with information about the entity.
@internal JSON:API maintains no PHP API. The API is the HTTP API. This class may change at any time and could break any dependencies on it.
Hierarchy
- class \Drupal\Core\Http\Exception\CacheableAccessDeniedHttpException extends \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException implements CacheableDependencyInterface uses CacheableDependencyTrait
- class \Drupal\jsonapi\Exception\EntityAccessDeniedHttpException implements ResourceIdentifierInterface uses DependencySerializationTrait, ResourceIdentifierTrait
Expanded class hierarchy of EntityAccessDeniedHttpException
See also
https://www.drupal.org/project/drupal/issues/3032787
8 files declare their use of EntityAccessDeniedHttpException
- Data.php in core/
modules/ jsonapi/ src/ JsonApiResource/ Data.php - EntityAccessChecker.php in core/
modules/ jsonapi/ src/ Access/ EntityAccessChecker.php - EntityAccessDeniedHttpExceptionNormalizer.php in core/
modules/ jsonapi/ src/ Normalizer/ EntityAccessDeniedHttpExceptionNormalizer.php - EntityResource.php in core/
modules/ jsonapi/ src/ Controller/ EntityResource.php - IncludedData.php in core/
modules/ jsonapi/ src/ JsonApiResource/ IncludedData.php
File
- core/
modules/ jsonapi/ src/ Exception/ EntityAccessDeniedHttpException.php, line 24
Namespace
Drupal\jsonapi\ExceptionView source
class EntityAccessDeniedHttpException extends CacheableAccessDeniedHttpException implements ResourceIdentifierInterface {
use DependencySerializationTrait;
use ResourceIdentifierTrait;
/**
* The error which caused the 403.
*
* The error contains:
* - entity: The entity which the current user does not have access to.
* - pointer: A path in the JSON:API response structure pointing to the
* entity.
* - reason: (Optional) An optional reason for this failure.
*
* @var array
*/
protected $error = [];
/**
* EntityAccessDeniedHttpException constructor.
*
* @param \Drupal\Core\Entity\EntityInterface|null $entity
* The entity, or NULL when an entity is being created.
* @param \Drupal\Core\Access\AccessResultInterface $entity_access
* The access result.
* @param string $pointer
* (optional) The pointer.
* @param string $message
* (Optional) The display to display.
* @param string $relationship_field
* (Optional) A relationship field name if access was denied because the
* user does not have permission to view an entity's relationship field.
* @param \Exception|null $previous
* The previous exception.
* @param int $code
* The code.
*/
public function __construct($entity, AccessResultInterface $entity_access, $pointer, $message = 'The current user is not allowed to GET the selected resource.', $relationship_field = NULL, \Exception $previous = NULL, $code = 0) {
assert(is_null($entity) || $entity instanceof EntityInterface);
parent::__construct(CacheableMetadata::createFromObject($entity_access), $message, $previous, $code);
$error = [
'entity' => $entity,
'pointer' => $pointer,
'reason' => NULL,
'relationship_field' => $relationship_field,
];
if ($entity_access instanceof AccessResultReasonInterface) {
$error['reason'] = $entity_access
->getReason();
}
$this->error = $error;
// @todo: remove this ternary operation in https://www.drupal.org/project/drupal/issues/2997594.
$this->resourceIdentifier = $entity ? ResourceIdentifier::fromEntity($entity) : NULL;
}
/**
* Returns the error.
*
* @return array
* The error.
*/
public function getError() {
return $this->error;
}
}