EZP-30028: Note about using sudo in API (ibexa#523)

ezecosystem · Feb 4, 2019 · 41356b8 · 41356b8
1 parent 7c903aa
commit 41356b8
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/docs/api/public_php_api_managing_content.md b/docs/api/public_php_api_managing_content.md
@@ -14,6 +14,22 @@ $user = $userService->loadUserByCredentials( $username, $password );
 $permissionResolver->setCurrentUserReference($user);
 ```
 
+!!! tip "Using `sudo()`"
+
+    To skip permission checks, you can use the `sudo()` method.
+    It allows API execution to be performed with full access, sand-boxed.
+
+    You can use this method to perform an action that the current user does not have permissions for.
+    This option is recommended instead of setting the admin user as the current user.
+
+    For example, to [hide a Location](public_php_api_locations.md#hideunhide-location), use:
+
+    ``` php
+    $hiddenLocation = $repository->sudo(function ($repository) use ($location) {
+        return $repository->getLocationService()->hideLocation($location);
+    });
+    ```
+
 ## Creating content
 
 !!! note "Full code"