Mercurial > hg > isophonics-drupal-site

comparison core/modules/jsonapi/src/Exception/EntityAccessDeniedHttpException.php @ 18:af1871eacc83

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update to Drupal core 8.7.1
author Chris Cannam
date Thu, 09 May 2019 15:33:08 +0100
parents
children
comparison
equal deleted inserted replaced
17:129ea1e6d783 18:af1871eacc83
1 <?php
2
3 namespace Drupal\jsonapi\Exception;
4
5 use Drupal\Core\Access\AccessResultInterface;
6 use Drupal\Core\Access\AccessResultReasonInterface;
7 use Drupal\Core\Cache\CacheableMetadata;
8 use Drupal\Core\DependencyInjection\DependencySerializationTrait;
9 use Drupal\Core\Entity\EntityInterface;
10 use Drupal\Core\Http\Exception\CacheableAccessDeniedHttpException;
11 use Drupal\jsonapi\JsonApiResource\ResourceIdentifier;
12 use Drupal\jsonapi\JsonApiResource\ResourceIdentifierInterface;
13 use Drupal\jsonapi\JsonApiResource\ResourceIdentifierTrait;
14
15 /**
16 * Enhances the access denied exception with information about the entity.
17 *
18 * @internal JSON:API maintains no PHP API. The API is the HTTP API. This class
19 * may change at any time and could break any dependencies on it.
20 *
21 * @see https://www.drupal.org/project/jsonapi/issues/3032787
22 * @see jsonapi.api.php
23 */
24 class EntityAccessDeniedHttpException extends CacheableAccessDeniedHttpException implements ResourceIdentifierInterface {
25
26 use DependencySerializationTrait;
27 use ResourceIdentifierTrait;
28
29 /**
30 * The error which caused the 403.
31 *
32 * The error contains:
33 * - entity: The entity which the current user doens't have access to.
34 * - pointer: A path in the JSON:API response structure pointing to the
35 * entity.
36 * - reason: (Optional) An optional reason for this failure.
37 *
38 * @var array
39 */
40 protected $error = [];
41
42 /**
43 * EntityAccessDeniedHttpException constructor.
44 *
45 * @param \Drupal\Core\Entity\EntityInterface|null $entity
46 * The entity, or NULL when an entity is being created.
47 * @param \Drupal\Core\Access\AccessResultInterface $entity_access
48 * The access result.
49 * @param string $pointer
50 * (optional) The pointer.
51 * @param string $message
52 * (Optional) The display to display.
53 * @param string $relationship_field
54 * (Optional) A relationship field name if access was denied because the
55 * user does not have permission to view an entity's relationship field.
56 * @param \Exception|null $previous
57 * The previous exception.
58 * @param int $code
59 * The code.
60 */
61 public function __construct($entity, AccessResultInterface $entity_access, $pointer, $message = 'The current user is not allowed to GET the selected resource.', $relationship_field = NULL, \Exception $previous = NULL, $code = 0) {
62 assert(is_null($entity) || $entity instanceof EntityInterface);
63 parent::__construct(CacheableMetadata::createFromObject($entity_access), $message, $previous, $code);
64 $error = [
65 'entity' => $entity,
66 'pointer' => $pointer,
67 'reason' => NULL,
68 'relationship_field' => $relationship_field,
69 ];
70 if ($entity_access instanceof AccessResultReasonInterface) {
71 $error['reason'] = $entity_access->getReason();
72 }
73 $this->error = $error;
74 // @todo: remove this ternary operation in https://www.drupal.org/project/jsonapi/issues/2997594.
75 $this->resourceIdentifier = $entity ? ResourceIdentifier::fromEntity($entity) : NULL;
76 }
77
78 /**
79 * Returns the error.
80 *
81 * @return array
82 * The error.
83 */
84 public function getError() {
85 return $this->error;
86 }
87
88 }