CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
entityAccess example
if (!$entity->access('view') && $entity->access('view label') && $field_access instanceof AccessResultReasonInterface && empty($field_access->getReason())) {
$field_access->setReason("The user only has authorization for the 'view label' operation.");
}
$via_link = Url::fromRoute(
sprintf('jsonapi.%s.%s.related', $entity->getEntityTypeId() . '--' . $entity->bundle(), $public_field_name),
['entity' => $entity->uuid()]
);
$collected_responses[] = static::getAccessDeniedResponse($entity, $field_access, $via_link, $field_name, 'The current user is not allowed to view this relationship.', $field_name);
break;
}
if ($target_entity = $entity->{$field_name}->entity) {
$target_access = static::entityAccess($target_entity, 'view', $this->account);
if (!$target_access->isAllowed()) {
$target_access = static::entityAccess($target_entity, 'view label', $this->account)->addCacheableDependency($target_access);
}
if (!$target_access->isAllowed()) {
$resource_identifier = static::toResourceIdentifier($target_entity);
if (!static::collectionHasResourceIdentifier($resource_identifier, $data['already_checked'])) {
$data['already_checked'][] = $resource_identifier;
$via_link = Url::fromRoute(
sprintf('jsonapi.%s.individual', $resource_identifier['type']),
['entity' => $resource_identifier['id']]
);
$field_access->setReason("The user only has authorization for the 'view label' operation.");
}
$via_link = Url::fromRoute(
sprintf('jsonapi.%s.%s.related', $entity->getEntityTypeId() . '--' . $entity->bundle(), $public_field_name),
['entity' => $entity->uuid()]
);
$collected_responses[] = static::getAccessDeniedResponse($entity, $field_access, $via_link, $field_name, 'The current user is not allowed to view this relationship.', $field_name);
break;
}
if ($target_entity = $entity->{$field_name}->entity) {
$target_access = static::entityAccess($target_entity, 'view', $this->account);
if (!$target_access->isAllowed()) {
$target_access = static::entityAccess($target_entity, 'view label', $this->account)->addCacheableDependency($target_access);
}
if (!$target_access->isAllowed()) {
$resource_identifier = static::toResourceIdentifier($target_entity);
if (!static::collectionHasResourceIdentifier($resource_identifier, $data['already_checked'])) {
$data['already_checked'][] = $resource_identifier;
$via_link = Url::fromRoute(
sprintf('jsonapi.%s.individual', $resource_identifier['type']),
['entity' => $resource_identifier['id']]
);
return parent::getExpectedUnauthorizedAccessCacheability()
->addCacheTags(['comment:1']);
}
/** * {@inheritdoc} */
protected static function entityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
// Also reset the 'entity_test' entity access control handler because // comment access also depends on access to the commented entity type. \Drupal::entityTypeManager()->getAccessControlHandler('entity_test')->resetCache();
return parent::entityAccess($entity, $operation, $account);
}
/** * {@inheritdoc} */
protected static function getIncludePermissions() {
return [
'type' => ['administer comment types'],
'uid' => ['access user profiles'],
];
}
->addCacheTags(['comment:1']);
}
/** * {@inheritdoc} */
protected static function entityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
// Also reset the 'entity_test' entity access control handler because // comment access also depends on access to the commented entity type. \Drupal::entityTypeManager()->getAccessControlHandler('entity_test')->resetCache();
return parent::entityAccess($entity, $operation, $account);
}
/** * {@inheritdoc} */
protected static function getIncludePermissions() {
return [
'type' => ['administer comment types'],
'uid' => ['access user profiles'],
];
}
return $entity;
}
/** * {@inheritdoc} */
protected static function entityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
// Also clear the 'field_storage_config' entity access handler cache because // the 'field_config' access handler delegates access to it. // @see \Drupal\field\FieldConfigAccessControlHandler::checkAccess() \Drupal::entityTypeManager()->getAccessControlHandler('field_storage_config')->resetCache();
return parent::entityAccess($entity, $operation, $account);
}
}
}
/** * {@inheritdoc} */
protected static function entityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
// Also clear the 'field_storage_config' entity access handler cache because // the 'field_config' access handler delegates access to it. // @see \Drupal\field\FieldConfigAccessControlHandler::checkAccess() \Drupal::entityTypeManager()->getAccessControlHandler('field_storage_config')->resetCache();
return parent::entityAccess($entity, $operation, $account);
}
}
$entity->setDefaultLangcode('site_default');
$entity->save();
return $entity;
}
/** * {@inheritdoc} */
protected static function getExpectedCollectionCacheability(AccountInterface $account, array $collection, array $sparse_fieldset = NULL, $filtered = FALSE) {
$cacheability = parent::getExpectedCollectionCacheability($account, $collection, $sparse_fieldset, $filtered);
if (static::entityAccess(reset($collection), 'view', $account)->isAllowed()) {
$cacheability->addCacheContexts(['languages:language_interface']);
}
return $cacheability;
}
}
$entity->save();
return $entity;
}
/** * {@inheritdoc} */
protected static function getExpectedCollectionCacheability(AccountInterface $account, array $collection, array $sparse_fieldset = NULL, $filtered = FALSE) {
$cacheability = parent::getExpectedCollectionCacheability($account, $collection, $sparse_fieldset, $filtered);
if (static::entityAccess(reset($collection), 'view', $account)->isAllowed()) {
$cacheability->addCacheContexts(['languages:language_interface']);
}
return $cacheability;
}
}
return $entity;
}
/** * {@inheritdoc} */
protected static function entityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
// Also reset the 'filter_format' entity access control handler because // editor access also depends on access to the configured filter format. \Drupal::entityTypeManager()->getAccessControlHandler('filter_format')->resetCache();
return parent::entityAccess($entity, $operation, $account);
}
}
}
/** * {@inheritdoc} */
protected static function entityAccess(EntityInterface $entity, $operation, AccountInterface $account) {
// Also reset the 'filter_format' entity access control handler because // editor access also depends on access to the configured filter format. \Drupal::entityTypeManager()->getAccessControlHandler('filter_format')->resetCache();
return parent::entityAccess($entity, $operation, $account);
}
}
protected static function getExpectedCollectionCacheability(AccountInterface $account, array $collection, array $sparse_fieldset = NULL, $filtered = FALSE) {
$cacheability = array_reduce($collection, function DCacheableMetadata $cacheability, EntityInterface $entity) use ($sparse_fieldset, $account) {
$access_result = static::entityAccess($entity, 'view', $account);
if (!$access_result->isAllowed()) {
$access_result = static::entityAccess($entity, 'view label', $account)->addCacheableDependency($access_result);
}
$cacheability->addCacheableDependency($access_result);
if ($access_result->isAllowed()) {
$cacheability->addCacheableDependency($entity);
if ($entity instanceof FieldableEntityInterface) {
foreach ($entity as $field_name => $field_item_list) {
/** @var \Drupal\Core\Field\FieldItemListInterface $field_item_list */
if (is_null($sparse_fieldset) || in_array($field_name, $sparse_fieldset)) {
$field_access = static::entityFieldAccess($entity, $field_name, 'view', $account);