Unverified Commit f928fe9d authored by alexpott's avatar alexpott
Browse files

Issue #3147244 by bbrala, pavnish, naresh_bavaskar, Wim Leers, alexpott:...

Issue #3147244 by bbrala, pavnish, naresh_bavaskar, Wim Leers, alexpott: Inject @current_user service into JSON:API's FieldResolver
parent 02bf7534
......@@ -90,7 +90,7 @@ services:
- { name: route_enhancer }
jsonapi.field_resolver:
class: Drupal\jsonapi\Context\FieldResolver
arguments: ['@entity_type.manager', '@entity_field.manager', '@entity_type.bundle.info', '@jsonapi.resource_type.repository', '@module_handler']
arguments: ['@entity_type.manager', '@entity_field.manager', '@entity_type.bundle.info', '@jsonapi.resource_type.repository', '@module_handler', '@current_user']
jsonapi.include_resolver:
class: Drupal\jsonapi\IncludeResolver
arguments:
......
......@@ -22,6 +22,7 @@
use Drupal\jsonapi\ResourceType\ResourceTypeRelationship;
use Drupal\jsonapi\ResourceType\ResourceTypeRepositoryInterface;
use Drupal\Core\Http\Exception\CacheableBadRequestHttpException;
use Drupal\Core\Session\AccountInterface;
/**
* A service that evaluates external path expressions against Drupal fields.
......@@ -107,6 +108,13 @@ class FieldResolver {
*/
protected $moduleHandler;
/**
* The current user account.
*
* @var \Drupal\Core\Session\AccountInterface
*/
protected $currentUser;
/**
* Creates a FieldResolver instance.
*
......@@ -120,8 +128,16 @@ class FieldResolver {
* The resource type repository.
* @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
* The module handler.
* @param \Drupal\Core\Session\AccountInterface|null $current_user
* The current user account.
*/
public function __construct(EntityTypeManagerInterface $entity_type_manager, EntityFieldManagerInterface $field_manager, EntityTypeBundleInfoInterface $entity_type_bundle_info, ResourceTypeRepositoryInterface $resource_type_repository, ModuleHandlerInterface $module_handler) {
public function __construct(EntityTypeManagerInterface $entity_type_manager, EntityFieldManagerInterface $field_manager, EntityTypeBundleInfoInterface $entity_type_bundle_info, ResourceTypeRepositoryInterface $resource_type_repository, ModuleHandlerInterface $module_handler, AccountInterface $current_user = NULL) {
if (is_null($current_user)) {
@trigger_error('Calling ' . __METHOD__ . '() without the $current_user argument is deprecated in drupal:9.3.0 and will be required in drupal:10.0.0.', E_USER_DEPRECATED);
$current_user = \Drupal::currentUser();
}
$this->currentUser = $current_user;
$this->entityTypeManager = $entity_type_manager;
$this->fieldManager = $field_manager;
$this->entityTypeBundleInfo = $entity_type_bundle_info;
......@@ -743,7 +759,7 @@ protected function getFieldAccess(ResourceType $resource_type, $internal_field_n
$definitions = $this->fieldManager->getFieldDefinitions($resource_type->getEntityTypeId(), $resource_type->getBundle());
assert(isset($definitions[$internal_field_name]), 'The field name should have already been validated.');
$field_definition = $definitions[$internal_field_name];
$filter_access_results = $this->moduleHandler->invokeAll('jsonapi_entity_field_filter_access', [$field_definition, \Drupal::currentUser()]);
$filter_access_results = $this->moduleHandler->invokeAll('jsonapi_entity_field_filter_access', [$field_definition, $this->currentUser]);
$filter_access_result = array_reduce($filter_access_results, function (AccessResultInterface $combined_result, AccessResultInterface $result) {
return $combined_result->orIf($result);
}, AccessResult::neutral());
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment