function UserRegistrationResource::ensureAccountCanRegister
Same name in other branches
- 9 core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource::ensureAccountCanRegister()
- 8.9.x core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource::ensureAccountCanRegister()
- 10 core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource::ensureAccountCanRegister()
Ensure the account can be registered in this request.
Parameters
\Drupal\user\UserInterface $account: The user account to register.
1 call to UserRegistrationResource::ensureAccountCanRegister()
- UserRegistrationResource::post in core/
modules/ user/ src/ Plugin/ rest/ resource/ UserRegistrationResource.php - Responds to user registration POST request.
File
-
core/
modules/ user/ src/ Plugin/ rest/ resource/ UserRegistrationResource.php, line 134
Class
- UserRegistrationResource
- Represents user registration as a resource.
Namespace
Drupal\user\Plugin\rest\resourceCode
protected function ensureAccountCanRegister(?UserInterface $account = NULL) {
if ($account === NULL) {
throw new BadRequestHttpException('No user account data for registration received.');
}
// POSTed user accounts must not have an ID set, because we always want to
// create new entities here.
if (!$account->isNew()) {
throw new BadRequestHttpException('An ID has been set and only new user accounts can be registered.');
}
// Only allow anonymous users to register, authenticated users with the
// necessary permissions can POST a new user to the "user" REST resource.
// @see \Drupal\rest\Plugin\rest\resource\EntityResource
if (!$this->currentUser
->isAnonymous()) {
throw new AccessDeniedHttpException('Only anonymous users can register a user.');
}
// Verify that the current user can register a user account.
if ($this->userSettings
->get('register') == UserInterface::REGISTER_ADMINISTRATORS_ONLY) {
throw new AccessDeniedHttpException('You cannot register a new user account.');
}
if (!$this->userSettings
->get('verify_mail')) {
if (empty($account->getPassword())) {
// If no email verification then the user must provide a password.
throw new UnprocessableEntityHttpException('No password provided.');
}
}
else {
if (!empty($account->getPassword())) {
// If email verification required then a password cannot provided.
// The password will be set when the user logs in.
throw new UnprocessableEntityHttpException('A Password cannot be specified. It will be generated on login.');
}
}
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.