function UserRegistrationResource::ensureAccountCanRegister

Same name and namespace in other branches
  1. 8.9.x core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource::ensureAccountCanRegister()
  2. 10 core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource::ensureAccountCanRegister()
  3. 11.x core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource::ensureAccountCanRegister()

Ensure the account can be registered in this request.

Parameters

\Drupal\user\UserInterface $account: The user account to register.

1 call to UserRegistrationResource::ensureAccountCanRegister()
UserRegistrationResource::post in core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php
Responds to user registration POST request.

File

core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php, line 131

Class

UserRegistrationResource
Represents user registration as a resource.

Namespace

Drupal\user\Plugin\rest\resource

Code

protected function ensureAccountCanRegister(UserInterface $account = NULL) {
    if ($account === NULL) {
        throw new BadRequestHttpException('No user account data for registration received.');
    }
    // POSTed user accounts must not have an ID set, because we always want to
    // create new entities here.
    if (!$account->isNew()) {
        throw new BadRequestHttpException('An ID has been set and only new user accounts can be registered.');
    }
    // Only allow anonymous users to register, authenticated users with the
    // necessary permissions can POST a new user to the "user" REST resource.
    // @see \Drupal\rest\Plugin\rest\resource\EntityResource
    if (!$this->currentUser
        ->isAnonymous()) {
        throw new AccessDeniedHttpException('Only anonymous users can register a user.');
    }
    // Verify that the current user can register a user account.
    if ($this->userSettings
        ->get('register') == UserInterface::REGISTER_ADMINISTRATORS_ONLY) {
        throw new AccessDeniedHttpException('You cannot register a new user account.');
    }
    if (!$this->userSettings
        ->get('verify_mail')) {
        if (empty($account->getPassword())) {
            // If no e-mail verification then the user must provide a password.
            throw new UnprocessableEntityHttpException('No password provided.');
        }
    }
    else {
        if (!empty($account->getPassword())) {
            // If e-mail verification required then a password cannot provided.
            // The password will be set when the user logs in.
            throw new UnprocessableEntityHttpException('A Password cannot be specified. It will be generated on login.');
        }
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.