trait EntityResourceAccessTrait in Drupal 8
Same name and namespace in other branches
- 9 core/modules/rest/src/Plugin/rest/resource/EntityResourceAccessTrait.php \Drupal\rest\Plugin\rest\resource\EntityResourceAccessTrait
- 10 core/modules/rest/src/Plugin/rest/resource/EntityResourceAccessTrait.php \Drupal\rest\Plugin\rest\resource\EntityResourceAccessTrait
@internal @todo Consider making public in https://www.drupal.org/node/2300677
Hierarchy
- trait \Drupal\rest\Plugin\rest\resource\EntityResourceAccessTrait
1 file declares its use of EntityResourceAccessTrait
- UserRegistrationResource.php in core/
modules/ user/ src/ Plugin/ rest/ resource/ UserRegistrationResource.php
File
- core/
modules/ rest/ src/ Plugin/ rest/ resource/ EntityResourceAccessTrait.php, line 12
Namespace
Drupal\rest\Plugin\rest\resourceView source
trait EntityResourceAccessTrait {
/**
* Performs edit access checks for fields.
*
* @param \Drupal\Core\Entity\EntityInterface $entity
* The entity whose fields edit access should be checked for.
*
* @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
* Throws access denied when the user does not have permissions to edit a
* field.
*/
protected function checkEditFieldAccess(EntityInterface $entity) {
// Only check 'edit' permissions for fields that were actually submitted by
// the user. Field access makes no difference between 'create' and 'update',
// so the 'edit' operation is used here.
foreach ($entity->_restSubmittedFields as $key => $field_name) {
if (!$entity
->get($field_name)
->access('edit')) {
throw new AccessDeniedHttpException("Access denied on creating field '{$field_name}'.");
}
}
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
EntityResourceAccessTrait:: |
protected | function | Performs edit access checks for fields. |