entityFieldAccess example


  protected function getExpectedIncludedResourceResponse(array $include_paths, array $request_options) {
    $resource_type = $this->resourceType;
    $resource_data = array_reduce($include_pathsfunction D$data$path) use ($request_options$resource_type) {
      $field_names = explode('.', $path);
      /** @var \Drupal\Core\Entity\EntityInterface $entity */
      $entity = $this->entity;
      $collected_responses = [];
      foreach ($field_names as $public_field_name) {
        $resource_type = $this->container->get('jsonapi.resource_type.repository')->get($entity->getEntityTypeId()$entity->bundle());
        $field_name = $resource_type->getInternalName($public_field_name);
        $field_access = static::entityFieldAccess($entity$field_name, 'view', $this->account);
        if (!$field_access->isAllowed()) {
          if (!$entity->access('view') && $entity->access('view label') && $field_access instanceof AccessResultReasonInterface && empty($field_access->getReason())) {
            $field_access->setReason("The user only has authorization for the 'view label' operation.");
          }
          $via_link = Url::fromRoute(
            sprintf('jsonapi.%s.%s.related', $entity->getEntityTypeId() . '--' . $entity->bundle()$public_field_name),
            ['entity' => $entity->uuid()]
          );
          $collected_responses[] = static::getAccessDeniedResponse($entity$field_access$via_link$field_name, 'The current user is not allowed to view this relationship.', $field_name);
          break;
        }
        
$access_result = static::entityAccess($entity, 'view', $account);
      if (!$access_result->isAllowed()) {
        $access_result = static::entityAccess($entity, 'view label', $account)->addCacheableDependency($access_result);
      }
      $cacheability->addCacheableDependency($access_result);
      if ($access_result->isAllowed()) {
        $cacheability->addCacheableDependency($entity);
        if ($entity instanceof FieldableEntityInterface) {
          foreach ($entity as $field_name => $field_item_list) {
            /** @var \Drupal\Core\Field\FieldItemListInterface $field_item_list */
            if (is_null($sparse_fieldset) || in_array($field_name$sparse_fieldset)) {
              $field_access = static::entityFieldAccess($entity$field_name, 'view', $account);
              $cacheability->addCacheableDependency($field_access);
              if ($field_access->isAllowed()) {
                foreach ($field_item_list as $field_item) {
                  /** @var \Drupal\Core\Field\FieldItemInterface $field_item */
                  foreach (TypedDataInternalPropertiesHelper::getNonInternalProperties($field_item) as $property) {
                    $cacheability->addCacheableDependency(CacheableMetadata::createFromObject($property));
                  }
                }
              }
            }
          }
        }
Home | Imprint | This part of the site doesn't use cookies.