You are here

Home » API reference » Drupal 10 » UserRegistrationResource.php » UserRegistrationResource

protected function UserRegistrationResource::ensureAccountCanRegister in Drupal 10

Same name and namespace in other branches
  1. 8 core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource::ensureAccountCanRegister()
  2. 9 core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource::ensureAccountCanRegister()

Ensure the account can be registered in this request.

Parameters

\Drupal\user\UserInterface $account: The user account to register.

1 call to UserRegistrationResource::ensureAccountCanRegister()
UserRegistrationResource::post in core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php
Responds to user registration POST request.

File

core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php, line 131

Class

UserRegistrationResource
Represents user registration as a resource.

Namespace

Drupal\user\Plugin\rest\resource

Code

protected function ensureAccountCanRegister(UserInterface $account = NULL) {
  if ($account === NULL) {
    throw new BadRequestHttpException('No user account data for registration received.');
  }

  // POSTed user accounts must not have an ID set, because we always want to
  // create new entities here.
  if (!$account
    ->isNew()) {
    throw new BadRequestHttpException('An ID has been set and only new user accounts can be registered.');
  }

  // Only allow anonymous users to register, authenticated users with the
  // necessary permissions can POST a new user to the "user" REST resource.
  // @see \Drupal\rest\Plugin\rest\resource\EntityResource
  if (!$this->currentUser
    ->isAnonymous()) {
    throw new AccessDeniedHttpException('Only anonymous users can register a user.');
  }

  // Verify that the current user can register a user account.
  if ($this->userSettings
    ->get('register') == UserInterface::REGISTER_ADMINISTRATORS_ONLY) {
    throw new AccessDeniedHttpException('You cannot register a new user account.');
  }
  if (!$this->userSettings
    ->get('verify_mail')) {
    if (empty($account
      ->getPassword())) {

      // If no e-mail verification then the user must provide a password.
      throw new UnprocessableEntityHttpException('No password provided.');
    }
  }
  else {
    if (!empty($account
      ->getPassword())) {

      // If e-mail verification required then a password cannot provided.
      // The password will be set when the user logs in.
      throw new UnprocessableEntityHttpException('A Password cannot be specified. It will be generated on login.');
    }
  }
}