getAdminPermission example

$entity_type1 = static::getEntityType();
    $entity_type1->hasLinkTemplate('collection')->willReturn(FALSE);
    $data['no_collection_link_template'] = [NULL, $entity_type1->reveal()];

    $entity_type2 = static::getEntityType();
    $entity_type2->hasLinkTemplate('collection')->willReturn(TRUE);
    $entity_type2->hasListBuilderClass()->willReturn(FALSE);
    $data['no_list_builder'] = [NULL, $entity_type2->reveal()];

    $entity_type3 = static::getEntityType($entity_type2);
    $entity_type3->hasListBuilderClass()->willReturn(TRUE);
    $entity_type3->getAdminPermission()->willReturn(FALSE);
    $data['no_admin_permission'] = [NULL, $entity_type3->reveal()];

    $entity_type4 = static::getEntityType($entity_type3);
    $entity_type4->getAdminPermission()->willReturn('administer the entity type');
    $entity_type4->id()->willReturn('the_entity_type_id');
    $entity_type4->getLabel()->willReturn('The entity type');
    $entity_type4->getCollectionLabel()->willReturn(new TranslatableMarkup('Test entities'));
    $entity_type4->getLinkTemplate('collection')->willReturn('/the/collection/link/template');
    $entity_type4->entityClassImplements(FieldableEntityInterface::class)->willReturn(FALSE);
    $route = (new Route('/the/collection/link/template'))
      ->setDefaults([
        

  protected function checkAccess(EntityInterface $entity$operation, AccountInterface $account) {
    if ($operation == 'delete' && $entity->isNew()) {
      return AccessResult::forbidden()->addCacheableDependency($entity);
    }
    if ($admin_permission = $this->entityType->getAdminPermission()) {
      return AccessResult::allowedIfHasPermission($account$admin_permission);
    }
    else {
      // No opinion.       return AccessResult::neutral();
    }
  }

  /** * Tries to retrieve a previously cached access value from the static cache. * * @param string $cid * Unique string identifier for the entity/operation, for example the * entity UUID or a custom string. * @param string $operation * The entity operation. Usually one of 'view', 'update', 'create' or * 'delete'. * @param string $langcode * The language code for which to check access. * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. * * @return \Drupal\Core\Access\AccessResultInterface|null * The cached AccessResult, or NULL if there is no record for the given * user, operation, langcode and entity in the cache. */
/** * Return the expected error message. * * @param string $method * The HTTP method (GET, POST, PATCH, DELETE). * * @return string * The error string. */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    $permission = $this->entity->getEntityType()->getAdminPermission();
    if ($permission !== FALSE) {
      return "The '{$permission}' permission is required.";
    }

    return NULL;
  }

  /** * Grants permissions to the authenticated role. * * @param string[] $permissions * Permissions to grant. */

  protected function getCollectionRoute(EntityTypeInterface $entity_type) {
    // If the entity type does not provide an admin permission, there is no way     // to control access, so we cannot provide a route in a sensible way.     if ($entity_type->hasLinkTemplate('collection') && $entity_type->hasListBuilderClass() && ($admin_permission = $entity_type->getAdminPermission())) {
      /** @var \Drupal\Core\StringTranslation\TranslatableMarkup $label */
      $label = $entity_type->getCollectionLabel();

      $route = new Route($entity_type->getLinkTemplate('collection'));
      $route
        ->addDefaults([
          '_entity_list' => $entity_type->id(),
          '_title' => $label->getUntranslatedString(),
          '_title_arguments' => $label->getArguments(),
          '_title_context' => $label->getOption('context'),
        ])
        
$field_type_class = $field_definition->getItemDefinition()->getClass();
      $normalized_entity[$field_name] = $field_type_class::generateSampleValue($field_definition);
    }

    return $normalized_entity;
  }

  /** * {@inheritdoc} */
  protected function getExpectedUnauthorizedAccessMessage($method) {
    $permission = $this->entity->getEntityType()->getAdminPermission();
    if ($permission !== FALSE) {
      return "The '{$permission}' permission is required.";
    }

    $http_method_to_entity_operation = [
      'GET' => 'view',
      'POST' => 'create',
      'PATCH' => 'update',
      'DELETE' => 'delete',
    ];
    $operation = $http_method_to_entity_operation[$method];
    

function hook_jsonapi_entity_filter_access(\Drupal\Core\Entity\EntityTypeInterface $entity_type, \Drupal\Core\Session\AccountInterface $account) {
  // For every entity type that has an admin permission, allow access to filter   // by all entities of that type to users with that permission.   if ($admin_permission = $entity_type->getAdminPermission()) {
    return ([
      JSONAPI_FILTER_AMONG_ALL => AccessResult::allowedIfHasPermission($account$admin_permission),
    ]);
  }
}

/** * Controls access to filtering by entity data via JSON:API. * * This is the entity-type-specific variant of * hook_jsonapi_entity_filter_access(). For implementations with logic that is * specific to a single entity type, it is recommended to implement this hook * rather than the generic hook_jsonapi_entity_filter_access() hook, which is * called for every entity type. * * @param \Drupal\Core\Entity\EntityTypeInterface $entity_type * The entity type of the entities to be filtered upon. * @param \Drupal\Core\Session\AccountInterface $account * The account for which to check access. * * @return \Drupal\Core\Access\AccessResultInterface[] * The array of access results, keyed by subset. See * hook_jsonapi_entity_filter_access() for details. * * @see hook_jsonapi_entity_filter_access() */
$entity_type,
      $container->get('entity_type.manager'),
    );
  }

  /** * {@inheritdoc} */
  protected function checkAccess(EntityInterface $entity$operation, AccountInterface $account) {
    /** @var \Drupal\media\MediaInterface $entity */
    // Allow admin permission to override all operations.     if ($account->hasPermission($this->entityType->getAdminPermission())) {
      return AccessResult::allowed()->cachePerPermissions();
    }

    $type = $entity->bundle();
    $is_owner = ($account->id() && $account->id() === $entity->getOwnerId());
    switch ($operation) {
      case 'view':
        if ($entity->isPublished()) {
          $access_result = AccessResult::allowedIf($account->hasPermission('view media'))
            ->cachePerPermissions()
            ->addCacheableDependency($entity);
          
Home | Imprint | This part of the site doesn't use cookies.