You are here

protected static function FileUpload::ensureFileUploadAccess in JSON:API 8.2

Ensures that the given account is allowed to upload a file.

Parameters

\Drupal\Core\Session\AccountInterface $account: The account for which access should be checked.

\Drupal\Core\Field\FieldDefinitionInterface $field_definition: The field for which the file is to be uploaded.

\Drupal\Core\Entity\FieldableEntityInterface|null $entity: The entity, if one exists, for which the file is to be uploaded.

2 calls to FileUpload::ensureFileUploadAccess()
FileUpload::handleFileUploadForExistingResource in src/Controller/FileUpload.php
Handles JSON:API file upload requests.
FileUpload::handleFileUploadForNewResource in src/Controller/FileUpload.php
Handles JSON:API file upload requests.

File

src/Controller/FileUpload.php, line 201

Class

FileUpload
Handles file upload requests.

Namespace

Drupal\jsonapi\Controller

Code

protected static function ensureFileUploadAccess(AccountInterface $account, FieldDefinitionInterface $field_definition, FieldableEntityInterface $entity = NULL) {
  $access_result = $entity ? TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($account, $field_definition, $entity) : TemporaryJsonapiFileFieldUploader::checkFileUploadAccess($account, $field_definition);
  if (!$access_result
    ->isAllowed()) {
    $reason = 'The current user is not permitted to upload a file for this field.';
    if ($access_result instanceof AccessResultReasonInterface) {
      $reason .= ' ' . $access_result
        ->getReason();
    }
    throw new AccessDeniedHttpException($reason);
  }
}