protected function EntityResourceAccessTrait::checkEditFieldAccess in Drupal 9
Same name and namespace in other branches
- 8 core/modules/rest/src/Plugin/rest/resource/EntityResourceAccessTrait.php \Drupal\rest\Plugin\rest\resource\EntityResourceAccessTrait::checkEditFieldAccess()
Performs edit access checks for fields.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity whose fields edit access should be checked for.
Throws
\Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException Throws access denied when the user does not have permissions to edit a field.
2 calls to EntityResourceAccessTrait::checkEditFieldAccess()
- EntityResource::post in core/
modules/ rest/ src/ Plugin/ rest/ resource/ EntityResource.php - Responds to entity POST requests and saves the new entity.
- UserRegistrationResource::post in core/
modules/ user/ src/ Plugin/ rest/ resource/ UserRegistrationResource.php - Responds to user registration POST request.
File
- core/
modules/ rest/ src/ Plugin/ rest/ resource/ EntityResourceAccessTrait.php, line 24
Class
- EntityResourceAccessTrait
- @internal @todo Consider making public in https://www.drupal.org/node/2300677
Namespace
Drupal\rest\Plugin\rest\resourceCode
protected function checkEditFieldAccess(EntityInterface $entity) {
// Only check 'edit' permissions for fields that were actually submitted by
// the user. Field access makes no difference between 'create' and 'update',
// so the 'edit' operation is used here.
foreach ($entity->_restSubmittedFields as $key => $field_name) {
if (!$entity
->get($field_name)
->access('edit')) {
throw new AccessDeniedHttpException("Access denied on creating field '{$field_name}'.");
}
}
}