Commit e562b763 authored by Dries's avatar Dries
Browse files

Issue #1866908 by klausi, moshe weitzman: Honor access controlled Fields in REST Services.

parent d63188d8
......@@ -191,4 +191,18 @@ public function delete($id) {
}
throw new NotFoundHttpException(t('Entity with ID @id not found', array('@id' => $id)));
}
/**
* Overrides ResourceBase::permissions().
*/
public function permissions() {
$permissions = parent::permissions();
// Mark all items as administrative permissions for now.
// @todo Remove this restriction once proper entity access control is
// implemented. See http://drupal.org/node/1866908
foreach ($permissions as $name => $permission) {
$permissions[$name]['restrict access'] = TRUE;
}
return $permissions;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment