if ( !
$source->
isAllowed('user:update'
) &&
$source->
getUserId() !==
$data['id'
] ) { throw new PermissionDeniedException();
} /** @var EntityWrittenContainerEvent $events */
$events =
$context->
scope(Context::SYSTEM_SCOPE,
fn (Context
$context) =>
$this->userRepository->
upsert([$data],
$context));
/** @var EntityWrittenEvent $event */
$event =
$events->
getEventByEntityName(UserDefinition::ENTITY_NAME
);
$eventIds =
$event->
getIds();
$entityId =
array_pop($eventIds);
return $factory->
createRedirectResponse($this->userRepository->
getDefinition(),
$entityId,
$request,
$context);
} #[Route(path: '/api/user/{userId}', name: 'api.user.update', defaults: ['auth_required' => true, '_acl' => ['user:update']], methods: ['PATCH'])]
public function updateUser(?string
$userId, Request
$request, Context
$context, ResponseFactoryInterface
$factory): Response
{ return $this->
upsertUser($userId,
$request,
$context,
$factory);
}