Automattic\WooCommerce\Api\Infrastructure
ResolverHelpers::build_field_authorization_error
Like {@see self::build_authorization_error()} but carries a structured subject payload identifying what was denied — the enclosing type, the field (when applicable), and the attribute class name driving the decision. Clients can branch on extensions.subject.field to tell a field-level deny apart from an operation-level one.
The error code (UNAUTHORIZED / FORBIDDEN) is preserved verbatim so existing client handlers continue to work; the subject payload is additive.
Method of the class: ResolverHelpers{}
No Hooks.
Returns
null. Nothing (null).
Usage
$result = ResolverHelpers::build_field_authorization_error( $principal, $type, ?string $field, $attribute_short ): Error;
- $principal(object) (required)
- The resolved request principal.
- $type(string) (required)
- GraphQL type name carrying the gate.
- ?string $field(required)
- .
- $attribute_short(string) (required)
- Short class name of the deciding authorization attribute (no namespace).
ResolverHelpers::build_field_authorization_error() ResolverHelpers::build field authorization error code WC 10.9.1
public static function build_field_authorization_error( object $principal, string $type, ?string $field, string $attribute_short ): Error {
$is_anonymous = method_exists( $principal, 'is_authenticated' ) && ! $principal->is_authenticated();
$subject = array(
'type' => $type,
'attribute' => $attribute_short,
);
if ( null !== $field ) {
$subject['field'] = $field;
}
return new Error(
$is_anonymous ? 'Authentication required.' : 'You do not have permission to perform this action.',
extensions: array(
'code' => $is_anonymous ? 'UNAUTHORIZED' : 'FORBIDDEN',
'subject' => $subject,
)
);
}