You are here

protected function RestfulEntityBase::isValidEntity in RESTful 7

Determine if an entity is valid, and accessible.

Parameters

$op: The operation to perform on the entity (view, update, delete).

$entity_id: The entity ID.

Return value

bool TRUE if entity is valid, and user can access it.

Throws

RestfulUnprocessableEntityException

RestfulForbiddenException

3 calls to RestfulEntityBase::isValidEntity()
RestfulEntityBase::deleteEntity in plugins/restful/RestfulEntityBase.php
Delete an entity using DELETE.
RestfulEntityBase::updateEntity in plugins/restful/RestfulEntityBase.php
Update an entity.
RestfulEntityBase::viewEntity in plugins/restful/RestfulEntityBase.php
View an entity.

File

plugins/restful/RestfulEntityBase.php, line 1157
Contains RestfulEntityBase.

Class

RestfulEntityBase
An abstract implementation of RestfulEntityInterface.

Code

protected function isValidEntity($op, $entity_id) {
  $entity_type = $this->entityType;
  $params = array(
    '@id' => $entity_id,
    '@resource' => $this
      ->getPluginKey('label'),
  );
  if (!($entity = entity_load_single($entity_type, $entity_id))) {
    throw new RestfulUnprocessableEntityException(format_string('The entity ID @id for @resource does not exist.', $params));
  }
  list(, , $bundle) = entity_extract_ids($entity_type, $entity);
  $resource_bundle = $this
    ->getBundle();
  if ($resource_bundle && $bundle != $resource_bundle) {
    throw new RestfulUnprocessableEntityException(format_string('The entity ID @id is not a valid @resource.', $params));
  }
  if ($this
    ->checkEntityAccess($op, $entity_type, $entity) === FALSE) {
    if ($op == 'view' && !$this
      ->getPath()) {

      // Just return FALSE, without an exception, for example when a list of
      // entities is requested, and we don't want to fail all the list because
      // of a single item without access.
      return FALSE;
    }

    // Entity was explicitly requested so we need to throw an exception.
    throw new RestfulForbiddenException(format_string('You do not have access to entity ID @id of resource @resource', $params));
  }
  return TRUE;
}