EntityResourceAccessTrait.php
Same filename in other branches
Namespace
Drupal\rest\Plugin\rest\resourceFile
-
core/
modules/ rest/ src/ Plugin/ rest/ resource/ EntityResourceAccessTrait.php
View source
<?php
namespace Drupal\rest\Plugin\rest\resource;
use Drupal\Core\Entity\EntityInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
/**
* @internal
* @todo Consider making public in https://www.drupal.org/node/2300677
*/
trait EntityResourceAccessTrait {
/**
* Performs edit access checks for fields.
*
* @param \Drupal\Core\Entity\EntityInterface $entity
* The entity whose fields edit access should be checked for.
*
* @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
* Throws access denied when the user does not have permissions to edit a
* field.
*/
protected function checkEditFieldAccess(EntityInterface $entity) {
// Only check 'edit' permissions for fields that were actually submitted by
// the user. Field access makes no difference between 'create' and 'update',
// so the 'edit' operation is used here.
foreach ($entity->_restSubmittedFields as $key => $field_name) {
if (!$entity->get($field_name)
->access('edit')) {
throw new AccessDeniedHttpException("Access denied on creating field '{$field_name}'.");
}
}
}
}
Traits
Title | Deprecated | Summary |
---|---|---|
EntityResourceAccessTrait | @internal @todo Consider making public in https://www.drupal.org/node/2300677 |
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.