created materio_jsonapi custom module

web/modules/custom/materio_jsonapi/materio_jsonapi.info.yml

@@ -0,0 +1,7 @@
+name: Materio JsonAPI
+type: module
+description: Defines custom behaviours to jsonapi.
+core: 8.x
+package: Materio
+dependencies:
+  - drupal:jsonapi

web/modules/custom/materio_jsonapi/materio_jsonapi.module

@@ -0,0 +1,30 @@
+<?php
+
+use Drupal\Core\Entity\EntityInterface;
+use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Access\AccessResult;
+
+/**
+ * Implements hook_ENTITY_TYPE_access().
+ */
+function materio_jsonapi_user_role_access(EntityInterface $entity, $operation, AccountInterface $account) {
+  debug($operation, 'operation materio_jsonapi_user_role_access');
+  // watchdog('materio_jsonapi_user_role_access');
+  if ($operation === 'view') {
+    return AccessResult::allowedIfHasPermission($account, 'view role info');
+  }
+  return AccessResult::neutral();
+}
+
+
+/**
+ * Implements hook_entity_field_access_alter().
+ */
+function materio_jsonapi_entity_field_access_alter(array &$grants, array $context) {
+  debug($context, 'context materio_jsonapi_entity_field_access_alter');
+  // watchdog('materio_jsonapi_entity_field_access_alter');
+  $field = $context['field_definition']->getName();
+  if ($field == 'roles' && $context['operation'] == 'view') {
+    $grants[':default'] = AccessResult::allowedIfHasPermission($context['account'], 'view role info');
+  }
+}

web/modules/custom/materio_jsonapi/materio_jsonapi.permissions.yml

@@ -0,0 +1,9 @@
+materio_jsonapi roles:
+  title: 'view role info'
+  description: 'View any role info in jsonapi.'
+  restrict access: true
+
+materio_jsonapi ownroles:
+  title: 'view own role info'
+  description: 'View own role info in jsonapi.'
+  restrict access: true