When the Entity Reference processor fetches entities, some can fail authorization. In this case, it would be useful if this was logged as warnings.
Process the authorisation failures in the JSONAPI. These are of the form:
"meta": {
"omitted": {
"detail": "Some resources have been omitted because of insufficient authorization.",
"links": {
"help": {
"href": "https:\/\/www.drupal.org\/docs\/8\/modules\/json-api\/filtering#filters-access-control"
},
"item--h1tlUJh": {
"href": "https:\/\/EXAMPLE.COM\/jsonapi\/paragraphs_library_item\/paragraphs_library_item\/a73c8f1c-5cc0-4eda-9d75-3ee6a64bf468",
"meta": {
"rel": "item",
"detail": "The current user is not allowed to GET the selected resource."
}
},
SNIP
Active
4.0
Code
Here's a rough start.
Needs work, as other processors call importUrl() too, and they're not always reference fields, so the new parameter being $field_internal_name doesn't always make sense, and nor does the "omitted from reference field @field" part of the log message.
Need to figure out how to make this generic.