CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
getAdminPermission example
$entity_type1 = static::getEntityType();
$entity_type1->hasLinkTemplate('collection')->willReturn(FALSE);
$data['no_collection_link_template'] = [NULL, $entity_type1->reveal()];
$entity_type2 = static::getEntityType();
$entity_type2->hasLinkTemplate('collection')->willReturn(TRUE);
$entity_type2->hasListBuilderClass()->willReturn(FALSE);
$data['no_list_builder'] = [NULL, $entity_type2->reveal()];
$entity_type3 = static::getEntityType($entity_type2);
$entity_type3->hasListBuilderClass()->willReturn(TRUE);
$entity_type3->getAdminPermission()->willReturn(FALSE);
$data['no_admin_permission'] = [NULL, $entity_type3->reveal()];
$entity_type4 = static::getEntityType($entity_type3);
$entity_type4->getAdminPermission()->willReturn('administer the entity type');
$entity_type4->id()->willReturn('the_entity_type_id');
$entity_type4->getLabel()->willReturn('The entity type');
$entity_type4->getCollectionLabel()->willReturn(new TranslatableMarkup('Test entities'));
$entity_type4->getLinkTemplate('collection')->willReturn('/the/collection/link/template');
$entity_type4->entityClassImplements(FieldableEntityInterface::class)->willReturn(FALSE);
$route = (new Route('/the/collection/link/template'))
->setDefaults([
$entity_type1->hasLinkTemplate('collection')->willReturn(FALSE);
$data['no_collection_link_template'] = [NULL, $entity_type1->reveal()];
$entity_type2 = static::getEntityType();
$entity_type2->hasLinkTemplate('collection')->willReturn(TRUE);
$entity_type2->hasListBuilderClass()->willReturn(FALSE);
$data['no_list_builder'] = [NULL, $entity_type2->reveal()];
$entity_type3 = static::getEntityType($entity_type2);
$entity_type3->hasListBuilderClass()->willReturn(TRUE);
$entity_type3->getAdminPermission()->willReturn(FALSE);
$data['no_admin_permission'] = [NULL, $entity_type3->reveal()];
$entity_type4 = static::getEntityType($entity_type3);
$entity_type4->getAdminPermission()->willReturn('administer the entity type');
$entity_type4->id()->willReturn('the_entity_type_id');
$entity_type4->getLabel()->willReturn('The entity type');
$entity_type4->getCollectionLabel()->willReturn(new TranslatableMarkup('Test entities'));
$entity_type4->getLinkTemplate('collection')->willReturn('/the/collection/link/template');
$entity_type4->entityClassImplements(FieldableEntityInterface::class)->willReturn(FALSE);
$route = (new Route('/the/collection/link/template'))
->setDefaults([
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($operation == 'delete' && $entity->isNew()) {
return AccessResult::forbidden()->addCacheableDependency($entity);
}
if ($admin_permission = $this->entityType->getAdminPermission()) {
return AccessResult::allowedIfHasPermission($account, $admin_permission);
}
else {
// No opinion. return AccessResult::neutral();
}
}
/** * Tries to retrieve a previously cached access value from the static cache. * * @param string $cid * Unique string identifier for the entity/operation, for example the * entity UUID or a custom string. * @param string $operation * The entity operation. Usually one of 'view', 'update', 'create' or * 'delete'. * @param string $langcode * The language code for which to check access. * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. * * @return \Drupal\Core\Access\AccessResultInterface|null * The cached AccessResult, or NULL if there is no record for the given * user, operation, langcode and entity in the cache. */
/**
* Return the expected error message.
*
* @param string $method
* The HTTP method (GET, POST, PATCH, DELETE).
*
* @return string
* The error string.
*/
protected function getExpectedUnauthorizedAccessMessage($method) {
$permission = $this->entity->getEntityType()->getAdminPermission();
if ($permission !== FALSE) {
return "The '{$permission}' permission is required.";
}
return NULL;
}
/** * Grants permissions to the authenticated role. * * @param string[] $permissions * Permissions to grant. */
protected function getExpectedUnauthorizedAccessMessage($method) {
$permission = $this->entity->getEntityType()->getAdminPermission();
if ($permission !== FALSE) {
return "The '{$permission}' permission is required.";
}
return NULL;
}
/** * Grants permissions to the authenticated role. * * @param string[] $permissions * Permissions to grant. */
protected function getCollectionRoute(EntityTypeInterface $entity_type) {
// If the entity type does not provide an admin permission, there is no way // to control access, so we cannot provide a route in a sensible way. if ($entity_type->hasLinkTemplate('collection') && $entity_type->hasListBuilderClass() && ($admin_permission = $entity_type->getAdminPermission())) {
/** @var \Drupal\Core\StringTranslation\TranslatableMarkup $label */
$label = $entity_type->getCollectionLabel();
$route = new Route($entity_type->getLinkTemplate('collection'));
$route
->addDefaults([
'_entity_list' => $entity_type->id(),
'_title' => $label->getUntranslatedString(),
'_title_arguments' => $label->getArguments(),
'_title_context' => $label->getOption('context'),
])
$field_type_class = $field_definition->getItemDefinition()->getClass();
$normalized_entity[$field_name] = $field_type_class::generateSampleValue($field_definition);
}
return $normalized_entity;
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedAccessMessage($method) {
$permission = $this->entity->getEntityType()->getAdminPermission();
if ($permission !== FALSE) {
return "The '{$permission}' permission is required.";
}
$http_method_to_entity_operation = [
'GET' => 'view',
'POST' => 'create',
'PATCH' => 'update',
'DELETE' => 'delete',
];
$operation = $http_method_to_entity_operation[$method];
$normalized_entity[$field_name] = $field_type_class::generateSampleValue($field_definition);
}
return $normalized_entity;
}
/** * {@inheritdoc} */
protected function getExpectedUnauthorizedAccessMessage($method) {
$permission = $this->entity->getEntityType()->getAdminPermission();
if ($permission !== FALSE) {
return "The '{$permission}' permission is required.";
}
$http_method_to_entity_operation = [
'GET' => 'view',
'POST' => 'create',
'PATCH' => 'update',
'DELETE' => 'delete',
];
$operation = $http_method_to_entity_operation[$method];
function hook_jsonapi_entity_filter_access(\Drupal\Core\Entity\EntityTypeInterface $entity_type, \Drupal\Core\Session\AccountInterface $account) {
// For every entity type that has an admin permission, allow access to filter // by all entities of that type to users with that permission. if ($admin_permission = $entity_type->getAdminPermission()) {
return ([
JSONAPI_FILTER_AMONG_ALL => AccessResult::allowedIfHasPermission($account, $admin_permission),
]);
}
}
/** * Controls access to filtering by entity data via JSON:API. * * This is the entity-type-specific variant of * hook_jsonapi_entity_filter_access(). For implementations with logic that is * specific to a single entity type, it is recommended to implement this hook * rather than the generic hook_jsonapi_entity_filter_access() hook, which is * called for every entity type. * * @param \Drupal\Core\Entity\EntityTypeInterface $entity_type * The entity type of the entities to be filtered upon. * @param \Drupal\Core\Session\AccountInterface $account * The account for which to check access. * * @return \Drupal\Core\Access\AccessResultInterface[] * The array of access results, keyed by subset. See * hook_jsonapi_entity_filter_access() for details. * * @see hook_jsonapi_entity_filter_access() */
$entity_type,
$container->get('entity_type.manager'),
);
}
/** * {@inheritdoc} */
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\media\MediaInterface $entity */
// Allow admin permission to override all operations. if ($account->hasPermission($this->entityType->getAdminPermission())) {
return AccessResult::allowed()->cachePerPermissions();
}
$type = $entity->bundle();
$is_owner = ($account->id() && $account->id() === $entity->getOwnerId());
switch ($operation) {
case 'view':
if ($entity->isPublished()) {
$access_result = AccessResult::allowedIf($account->hasPermission('view media'))
->cachePerPermissions()
->addCacheableDependency($entity);
$container->get('entity_type.manager'),
);
}
/** * {@inheritdoc} */
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\media\MediaInterface $entity */
// Allow admin permission to override all operations. if ($account->hasPermission($this->entityType->getAdminPermission())) {
return AccessResult::allowed()->cachePerPermissions();
}
$type = $entity->bundle();
$is_owner = ($account->id() && $account->id() === $entity->getOwnerId());
switch ($operation) {
case 'view':
if ($entity->isPublished()) {
$access_result = AccessResult::allowedIf($account->hasPermission('view media'))
->cachePerPermissions()
->addCacheableDependency($entity);