/** * Responds to entity GET requests. * * @param \Drupal\Core\Entity\EntityInterface $entity * The entity object. * * @return \Drupal\rest\ResourceResponse * The response containing the entity with its accessible fields. * * @throws \Symfony\Component\HttpKernel\Exception\HttpException */ public function get(EntityInterface $entity) { if (!$entity->access('view')) { throw new AccessDeniedHttpException(); } foreach ($entity as $field_name => $field) { if (!$field->access('view')) { unset($entity->{$field_name}); } } $response = new ResourceResponse($entity, 200); // Make the response use the entity's cacheability metadata. // @todo include access cacheability metadata, for the access checks above. $response->addCacheableDependency($entity); return $response; }
/** * Responds to entity GET requests. * * @param \Drupal\Core\Entity\EntityInterface $entity * The entity object. * * @return \Drupal\rest\ResourceResponse * The response containing the entity with its accessible fields. * * @throws \Symfony\Component\HttpKernel\Exception\HttpException */ public function get(EntityInterface $entity) { $entity_access = $entity->access('view', NULL, TRUE); if (!$entity_access->isAllowed()) { throw new AccessDeniedHttpException(); } $response = new ResourceResponse($entity, 200); $response->addCacheableDependency($entity); $response->addCacheableDependency($entity_access); foreach ($entity as $field_name => $field) { /** @var \Drupal\Core\Field\FieldItemListInterface $field */ $field_access = $field->access('view', NULL, TRUE); $response->addCacheableDependency($field_access); if (!$field_access->isAllowed()) { $entity->set($field_name, NULL); } } return $response; }
/** * Responds to entity GET requests. * * @param \Drupal\Core\Entity\EntityInterface $entity * The entity object. * * @return \Drupal\rest\ResourceResponse * The response containing the entity with its accessible fields. * * @throws \Symfony\Component\HttpKernel\Exception\HttpException */ public function get(EntityInterface $entity) { if (!$entity->access('view')) { throw new AccessDeniedHttpException(); } $fields = $entity->getFields(); $display_id = $entity->getEntityTypeId() . '.' . $entity->bundle() . '.restx'; // Remove hidden fields (Display mode 'default'). $view_display = \Drupal::entityManager()->getStorage('entity_view_display')->load($display_id); if ($view_display) { $content = $view_display->get('content'); foreach ($fields as $field_name => $field) { if (!$field->access('view') || substr($field_name, 0, 6) === 'field_' && !isset($content[$field_name])) { unset($fields[$field_name]); } } } $output = array('data' => $fields); $response = new ResourceResponse($output, ResourceResponse::HTTP_OK); $response->addCacheableDependency($output); return $response; }
/** * Responds to entity POST requests and saves the new entity. * * @param \Drupal\Core\Entity\EntityInterface $entity * The entity. * * @return \Drupal\rest\ResourceResponse * The HTTP response object. * * @throws \Symfony\Component\HttpKernel\Exception\HttpException */ public function post(EntityInterface $entity = NULL) { if ($entity == NULL) { throw new BadRequestHttpException('No entity content received.'); } if (!$entity->access('create')) { throw new AccessDeniedHttpException(); } $definition = $this->getPluginDefinition(); // Verify that the deserialized entity is of the type that we expect to // prevent security issues. if ($entity->getEntityTypeId() != $definition['entity_type']) { throw new BadRequestHttpException('Invalid entity type'); } // POSTed entities must not have an ID set, because we always want to create // new entities here. if (!$entity->isNew()) { throw new BadRequestHttpException('Only new entities can be created'); } // Only check 'edit' permissions for fields that were actually // submitted by the user. Field access makes no difference between 'create' // and 'update', so the 'edit' operation is used here. foreach ($entity->_restSubmittedFields as $key => $field_name) { if (!$entity->get($field_name)->access('edit')) { throw new AccessDeniedHttpException("Access denied on creating field '{$field_name}'"); } } // Validate the received data before saving. $this->validate($entity); try { $entity->save(); $this->logger->notice('Created entity %type with ID %id.', array('%type' => $entity->getEntityTypeId(), '%id' => $entity->id())); // 201 Created responses have an empty body. $url = $entity->urlInfo('canonical', ['absolute' => TRUE])->toString(TRUE); $response = new ResourceResponse(NULL, 201, ['Location' => $url->getGeneratedUrl()]); $response->addCacheableDependency($url); return $response; } catch (EntityStorageException $e) { throw new HttpException(500, 'Internal Server Error', $e); } }
public function get($entityType) { // /{offset}/{limit}/{sort}/{direction} // , $offset=0, $limit=10, $sort='nid', $direction='ASC' if ($entityType) { $request = \Drupal::request(); $offset = is_null($request->query->get('offset')) ? 0 : $request->query->get('offset'); $limit = is_null($request->query->get('limit')) ? 20 : $request->query->get('limit'); $sort = is_null($request->query->get('sort')) ? "nid" : $request->query->get('sort'); $direction = is_null($request->query->get('direction')) ? "ASC" : $request->query->get('direction'); $lat = is_null($request->query->get('lat')) ? "" : $request->query->get('lat'); $lon = is_null($request->query->get('lon')) ? "" : $request->query->get('lon'); $termid = is_null($request->query->get('termid')) ? "" : $request->query->get('termid'); $permission = 'View published content'; //if(!$this->currentUser->hasPermission($permission)) { // throw new AccessDeniedHttpException(); // } if (!empty($lat) && !empty($lon)) { $query = db_select('node_field_data', 'n'); $query->join('node__field_location_coordinates', 'c', 'n.nid=c.entity_id'); $title_field = $query->addField('n', 'title', 'title'); $nid_field = $query->addField('n', 'nid', 'nid'); $lon_field = $query->addField('c', 'field_location_coordinates_lon', 'lon'); $lon_field = $query->addField('c', 'field_location_coordinates_lat', 'lat'); $query->addExpression('st_distance(POINT(c.field_location_coordinates_lon,c.field_location_coordinates_lat),POINT(' . $lon . ',' . $lat . '))', 'distance'); $query->condition('status', NODE_PUBLISHED); $query->condition('type', $entityType); $query->range($offset, $limit); $query->orderBy('distance', 'ASC'); if (!empty($termid)) { $query->join('node__field_business_category', 'bc', 'n.nid= bc.entity_id'); $query->condition('field_business_category_target_id', $termid); } $result = $query->execute(); // Ensure that we got the right record. $nodes = array(); foreach ($result as $row) { $fields['nid'] = $row->nid; $fields['title'] = $row->title; $fields['lat'] = $row->lat; $fields['lon'] = $row->lon; $fields['distance'] = $this->distanceCalculation($row->distance, 'mi', 1); $nodes[$row->nid] = $fields; } } else { $query = \Drupal::entityQuery('node')->condition('type', $entityType)->condition('status', NODE_PUBLISHED)->sort($sort, $direction)->range($offset, $limit); $nids = $query->execute(); $queryNodes = entity_load_multiple('node', $nids); $nodes = array(); foreach ($queryNodes as $node) { $field_names = array_keys($node->getFieldDefinitions()); $field_definitions = $node->getFieldDefinitions(); $fields = array(); $drumo_listing_checked = false; foreach ($field_definitions as $name => $definition) { $field_values = $node->get($name)->getValue(); $entityTypeId = $node->getEntityTypeId(); $bundleId = $node->getType(); if ($name == 'nid' || $name == 'title') { $fields[$name] = $field_values; } else { $fieldConfig = FieldConfig::loadByName($entityTypeId, $bundleId, $name); if ($fieldConfig != null) { $drumo_listing_checked = $fieldConfig->getThirdPartySetting('drumo', 'drumo_listing'); } if ($drumo_listing_checked) { $fields[$name] = $field_values; } } } $nodes[$node->id()] = $fields; } } \Drupal::logger('drumo')->debug("offset: @offset, limit: @limit", array('@offset' => $offset, '@limit' => $limit)); if (!empty($nodes)) { $response = new ResourceResponse($nodes); $account = \Drupal::currentUser()->getAccount(); $response->addCacheableDependency($account); return $response; } throw new NotFoundHttpException(t('No content found for @entityType were not found', array('@entityType' => $entityType))); } throw new HttpException(t('Entity Type was not provided')); }