function TemporaryJsonapiFileFieldUploader::checkFileUploadAccess

Same name in other branches
  1. 8.9.x core/modules/jsonapi/src/Controller/TemporaryJsonapiFileFieldUploader.php \Drupal\jsonapi\Controller\TemporaryJsonapiFileFieldUploader::checkFileUploadAccess()
  2. 10 core/modules/jsonapi/src/Controller/TemporaryJsonapiFileFieldUploader.php \Drupal\jsonapi\Controller\TemporaryJsonapiFileFieldUploader::checkFileUploadAccess()
  3. 11.x core/modules/jsonapi/src/Controller/TemporaryJsonapiFileFieldUploader.php \Drupal\jsonapi\Controller\TemporaryJsonapiFileFieldUploader::checkFileUploadAccess()

Checks if the current user has access to upload the file.

Parameters

\Drupal\Core\Session\AccountInterface $account: The account for which file upload access should be checked.

\Drupal\Core\Field\FieldDefinitionInterface $field_definition: The field definition for which to get validators.

\Drupal\Core\Entity\EntityInterface $entity: (optional) The entity to which the file is to be uploaded, if it exists. If the entity does not exist and it is not given, create access to the entity the file is attached to will be checked.

Return value

\Drupal\Core\Access\AccessResultInterface The file upload access result.

2 calls to TemporaryJsonapiFileFieldUploader::checkFileUploadAccess()
FileUpload::ensureFileUploadAccess in core/modules/jsonapi/src/Controller/FileUpload.php
Ensures that the given account is allowed to upload a file.
TemporaryJsonapiFileFieldUploaderTest::testCheckFileUploadAccessWithBaseField in core/modules/jsonapi/tests/src/Kernel/Controller/TemporaryJsonapiFileFieldUploaderTest.php
@covers ::checkFileUploadAccess

File

core/modules/jsonapi/src/Controller/TemporaryJsonapiFileFieldUploader.php, line 318

Class

TemporaryJsonapiFileFieldUploader
Reads data from an upload stream and creates a corresponding file entity.

Namespace

Drupal\jsonapi\Controller

Code

public static function checkFileUploadAccess(AccountInterface $account, FieldDefinitionInterface $field_definition, EntityInterface $entity = NULL) {
    assert(is_null($entity) || $field_definition->getTargetEntityTypeId() === $entity->getEntityTypeId() && (is_null($field_definition->getTargetBundle()) || $field_definition->getTargetBundle() === $entity->bundle()));
    $entity_type_manager = \Drupal::entityTypeManager();
    $entity_access_control_handler = $entity_type_manager->getAccessControlHandler($field_definition->getTargetEntityTypeId());
    $bundle = $entity_type_manager->getDefinition($field_definition->getTargetEntityTypeId())
        ->hasKey('bundle') ? $field_definition->getTargetBundle() : NULL;
    $entity_access_result = $entity ? $entity_access_control_handler->access($entity, 'update', $account, TRUE) : $entity_access_control_handler->createAccess($bundle, $account, [], TRUE);
    $field_access_result = $entity_access_control_handler->fieldAccess('edit', $field_definition, NULL, NULL, TRUE);
    return $entity_access_result->andIf($field_access_result);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.