Problem/Motivation
#2808233: REST 403 responses don't tell the user *why* access is not granted: requires deep Drupal understanding to figure out fixed this for Drupal core: it introduced the necessary infrastructure and made the REST module use it. #2824572: Write EntityResourceTestBase subclasses for every other entity type. then improved the "403 reason" for many entity types.
Let's give JSON API users the same vastly improved DX.
Proposed resolution
Update \Drupal\jsonapi\Controller\EntityResource::getIndividual()
and friends.
Remaining tasks
TBD
User interface changes
None.
API changes
More helpful error messages than 'The current user is not allowed to POST the selected resource.'
.
Data model changes
None.
Comments
Comment #2
Wim LeersAnd it just so happens that I run into an issue where a key reason for lack of progress is the problem this issue aims to solve: #2927037: Provide a mechanism to get information about the current user: "me" meta link in /jsonapi, and make /jsonapi accessible to all.
Comment #3
gabesulliceThis is already implemented \o/ no work to be done.