getAccessDeniedResponse example


  protected function getExpectedGetRelationshipResponse($relationship_field_name, EntityInterface $entity = NULL) {
    $entity = $entity ?: $this->entity;
    $access = AccessResult::neutral()->addCacheContexts($entity->getEntityType()->isRevisionable() ? ['url.query_args:resourceVersion'] : []);
    $access = $access->orIf(static::entityFieldAccess($entity$this->resourceType->getInternalName($relationship_field_name), 'view', $this->account));
    if (!$access->isAllowed()) {
      $via_link = Url::fromRoute(
        sprintf('jsonapi.%s.%s.relationship.get', static::$resourceTypeName$relationship_field_name),
        ['entity' => $entity->uuid()]
      );
      return static::getAccessDeniedResponse($this->entity, $access$via_link$relationship_field_name, 'The current user is not allowed to view this relationship.', FALSE);
    }
    $expected_document = $this->getExpectedGetRelationshipDocument($relationship_field_name$entity);
    $expected_cacheability = (new CacheableMetadata())
      ->addCacheTags(['http_response'])
      ->addCacheContexts([
        'url.site',
        'url.query_args:include',
        'url.query_args:fields',
      ])
      ->addCacheableDependency($entity)
      ->addCacheableDependency($access);
    
$resource_type = $this->container->get('jsonapi.resource_type.repository')->get($entity->getEntityTypeId()$entity->bundle());
        $field_name = $resource_type->getInternalName($public_field_name);
        $field_access = static::entityFieldAccess($entity$field_name, 'view', $this->account);
        if (!$field_access->isAllowed()) {
          if (!$entity->access('view') && $entity->access('view label') && $field_access instanceof AccessResultReasonInterface && empty($field_access->getReason())) {
            $field_access->setReason("The user only has authorization for the 'view label' operation.");
          }
          $via_link = Url::fromRoute(
            sprintf('jsonapi.%s.%s.related', $entity->getEntityTypeId() . '--' . $entity->bundle()$public_field_name),
            ['entity' => $entity->uuid()]
          );
          $collected_responses[] = static::getAccessDeniedResponse($entity$field_access$via_link$field_name, 'The current user is not allowed to view this relationship.', $field_name);
          break;
        }
        if ($target_entity = $entity->{$field_name}->entity) {
          $target_access = static::entityAccess($target_entity, 'view', $this->account);
          if (!$target_access->isAllowed()) {
            $target_access = static::entityAccess($target_entity, 'view label', $this->account)->addCacheableDependency($target_access);
          }
          if (!$target_access->isAllowed()) {
            $resource_identifier = static::toResourceIdentifier($target_entity);
            if (!static::collectionHasResourceIdentifier($resource_identifier$data['already_checked'])) {
              $data['already_checked'][] = $resource_identifier;
              
Home | Imprint | This part of the site doesn't use cookies.