Chris@18
|
1 <?php
|
Chris@18
|
2
|
Chris@18
|
3 namespace Drupal\jsonapi\Exception;
|
Chris@18
|
4
|
Chris@18
|
5 use Drupal\Core\Access\AccessResultInterface;
|
Chris@18
|
6 use Drupal\Core\Access\AccessResultReasonInterface;
|
Chris@18
|
7 use Drupal\Core\Cache\CacheableMetadata;
|
Chris@18
|
8 use Drupal\Core\DependencyInjection\DependencySerializationTrait;
|
Chris@18
|
9 use Drupal\Core\Entity\EntityInterface;
|
Chris@18
|
10 use Drupal\Core\Http\Exception\CacheableAccessDeniedHttpException;
|
Chris@18
|
11 use Drupal\jsonapi\JsonApiResource\ResourceIdentifier;
|
Chris@18
|
12 use Drupal\jsonapi\JsonApiResource\ResourceIdentifierInterface;
|
Chris@18
|
13 use Drupal\jsonapi\JsonApiResource\ResourceIdentifierTrait;
|
Chris@18
|
14
|
Chris@18
|
15 /**
|
Chris@18
|
16 * Enhances the access denied exception with information about the entity.
|
Chris@18
|
17 *
|
Chris@18
|
18 * @internal JSON:API maintains no PHP API. The API is the HTTP API. This class
|
Chris@18
|
19 * may change at any time and could break any dependencies on it.
|
Chris@18
|
20 *
|
Chris@18
|
21 * @see https://www.drupal.org/project/jsonapi/issues/3032787
|
Chris@18
|
22 * @see jsonapi.api.php
|
Chris@18
|
23 */
|
Chris@18
|
24 class EntityAccessDeniedHttpException extends CacheableAccessDeniedHttpException implements ResourceIdentifierInterface {
|
Chris@18
|
25
|
Chris@18
|
26 use DependencySerializationTrait;
|
Chris@18
|
27 use ResourceIdentifierTrait;
|
Chris@18
|
28
|
Chris@18
|
29 /**
|
Chris@18
|
30 * The error which caused the 403.
|
Chris@18
|
31 *
|
Chris@18
|
32 * The error contains:
|
Chris@18
|
33 * - entity: The entity which the current user doens't have access to.
|
Chris@18
|
34 * - pointer: A path in the JSON:API response structure pointing to the
|
Chris@18
|
35 * entity.
|
Chris@18
|
36 * - reason: (Optional) An optional reason for this failure.
|
Chris@18
|
37 *
|
Chris@18
|
38 * @var array
|
Chris@18
|
39 */
|
Chris@18
|
40 protected $error = [];
|
Chris@18
|
41
|
Chris@18
|
42 /**
|
Chris@18
|
43 * EntityAccessDeniedHttpException constructor.
|
Chris@18
|
44 *
|
Chris@18
|
45 * @param \Drupal\Core\Entity\EntityInterface|null $entity
|
Chris@18
|
46 * The entity, or NULL when an entity is being created.
|
Chris@18
|
47 * @param \Drupal\Core\Access\AccessResultInterface $entity_access
|
Chris@18
|
48 * The access result.
|
Chris@18
|
49 * @param string $pointer
|
Chris@18
|
50 * (optional) The pointer.
|
Chris@18
|
51 * @param string $message
|
Chris@18
|
52 * (Optional) The display to display.
|
Chris@18
|
53 * @param string $relationship_field
|
Chris@18
|
54 * (Optional) A relationship field name if access was denied because the
|
Chris@18
|
55 * user does not have permission to view an entity's relationship field.
|
Chris@18
|
56 * @param \Exception|null $previous
|
Chris@18
|
57 * The previous exception.
|
Chris@18
|
58 * @param int $code
|
Chris@18
|
59 * The code.
|
Chris@18
|
60 */
|
Chris@18
|
61 public function __construct($entity, AccessResultInterface $entity_access, $pointer, $message = 'The current user is not allowed to GET the selected resource.', $relationship_field = NULL, \Exception $previous = NULL, $code = 0) {
|
Chris@18
|
62 assert(is_null($entity) || $entity instanceof EntityInterface);
|
Chris@18
|
63 parent::__construct(CacheableMetadata::createFromObject($entity_access), $message, $previous, $code);
|
Chris@18
|
64 $error = [
|
Chris@18
|
65 'entity' => $entity,
|
Chris@18
|
66 'pointer' => $pointer,
|
Chris@18
|
67 'reason' => NULL,
|
Chris@18
|
68 'relationship_field' => $relationship_field,
|
Chris@18
|
69 ];
|
Chris@18
|
70 if ($entity_access instanceof AccessResultReasonInterface) {
|
Chris@18
|
71 $error['reason'] = $entity_access->getReason();
|
Chris@18
|
72 }
|
Chris@18
|
73 $this->error = $error;
|
Chris@18
|
74 // @todo: remove this ternary operation in https://www.drupal.org/project/jsonapi/issues/2997594.
|
Chris@18
|
75 $this->resourceIdentifier = $entity ? ResourceIdentifier::fromEntity($entity) : NULL;
|
Chris@18
|
76 }
|
Chris@18
|
77
|
Chris@18
|
78 /**
|
Chris@18
|
79 * Returns the error.
|
Chris@18
|
80 *
|
Chris@18
|
81 * @return array
|
Chris@18
|
82 * The error.
|
Chris@18
|
83 */
|
Chris@18
|
84 public function getError() {
|
Chris@18
|
85 return $this->error;
|
Chris@18
|
86 }
|
Chris@18
|
87
|
Chris@18
|
88 }
|