/** * {@inheritdoc} * * @throws \EntityMetadataWrapperException */ public function access($op, DataInterpreterInterface $interpreter) { // Perform basic access checks. if (!$this->decorated->access($op, $interpreter)) { return FALSE; } if (!$this->getProperty()) { // If there is no property we cannot check for property access. return TRUE; } // Perform field API access checks. if (!($property_wrapper = $this->propertyWrapper($interpreter))) { return FALSE; } if ($this->isWrapperMethodOnEntity() && $this->getWrapperMethod() && $this->getProperty()) { // Sometimes we define fields as $wrapper->getIdentifier. We need to // resolve that to $wrapper->nid to call $wrapper->nid->info(). $property_wrapper = $property_wrapper->{$this->getProperty()}; } $account = $interpreter->getAccount(); // Check format access for text fields. if ($op == 'edit' && $property_wrapper->type() == 'text_formatted' && $property_wrapper->value() && $property_wrapper->format->value()) { $format = (object) array('format' => $property_wrapper->format->value()); // Only check filter access on write contexts. if (!filter_access($format, $account)) { return FALSE; } } $info = $property_wrapper->info(); if ($op == 'edit' && empty($info['setter callback'])) { // Property does not allow setting. return FALSE; } // If $interpreter->getWrapper()->value() === FALSE it means that the entity // could not be loaded, thus checking properties on it will result in // errors. // Ex: this happens when the embedded author is the anonymous user. Doing // user_load(0) returns FALSE. $access = $interpreter->getWrapper()->value() !== FALSE && $property_wrapper->access($op, $account); return $access !== FALSE; }
/** * Checks if the data provider user has access to the property. * * @param \Drupal\restful\Plugin\resource\Field\ResourceFieldInterface $resource_field * The field to check access on. * @param string $op * The operation to be performed on the field. * @param \Drupal\restful\Plugin\resource\DataInterpreter\DataInterpreterInterface $interpreter * The data interpreter. * * @return bool * TRUE if the user has access to the property. */ protected static function checkPropertyAccess(ResourceFieldInterface $resource_field, $op, DataInterpreterInterface $interpreter) { return $resource_field->access($op, $interpreter); }
/** * {@inheritdoc} */ public function access($op, DataInterpreterInterface $interpreter) { return $this->decorated->access($op, $interpreter); }