public static function EntityResource::getEntityAndAccess in JSON:API 8
Get the object to normalize and the access based on the provided entity.
Parameters
\Drupal\Core\Entity\EntityInterface $entity: The entity to test access for.
Return value
array An array containing the keys:
- entity: the loaded entity or an access exception.
- access: the access object.
3 calls to EntityResource::getEntityAndAccess()
- EntityResource::getRelated in src/
Controller/ EntityResource.php - Gets the related resource.
- EntityResource::loadEntitiesWithAccess in src/
Controller/ EntityResource.php - Build a collection of the entities to respond with and access objects.
- RelationshipItemNormalizer::normalize in src/
Normalizer/ RelationshipItemNormalizer.php - This normalizer leaves JSON API normalizer land and enters the land of Drupal core's serialization system. That system was never designed with cacheability in mind, and hence bubbles cacheability out of band. This must catch it, and pass it to…
File
- src/
Controller/ EntityResource.php, line 1084
Class
- EntityResource
- Process all entity requests.
Namespace
Drupal\jsonapi\ControllerCode
public static function getEntityAndAccess(EntityInterface $entity) {
/** @var \Drupal\Core\Entity\EntityRepositoryInterface $entity_repository */
$entity_repository = \Drupal::service('entity.repository');
$entity = $entity_repository
->getTranslationFromContext($entity, NULL, [
'operation' => 'entity_upcast',
]);
$access = $entity
->access('view', NULL, TRUE);
// Accumulate the cacheability metadata for the access.
$output = [
'access' => $access,
'entity' => $entity,
];
if ($entity instanceof AccessibleInterface && !$access
->isAllowed()) {
// Pass an exception to the list of things to normalize.
$output['entity'] = new EntityAccessDeniedHttpException($entity, $access, '/data', 'The current user is not allowed to GET the selected resource.');
}
return $output;
}