Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.We need generic code that will generate a full set of permissions for every entity type.
Ideally this code would live in Entity API.
https://github.com/fago/entity/pull/9 probably has ideas worth reusing
Comments
Comment #2
bojanz CreditAttribution: bojanz at Centarro commentedWe need to figure out the interaction between "administer $entity_type", "access $entity_type_overview", "bypass $entity_type access'.
(Which is used where, and do we need all 3?)
Comment #3
mglamanThis has a patch in the Entity API queue: #2801031: Provide a generic entity access handler and permissions
Once it lands just need patch here.
Comment #5
bojanz CreditAttribution: bojanz at Centarro commentedWe decided to commit the Entity API classes into Commerce for now, for quicker iteration while the patch gets reviewed.
We'll want to add per-bundle view permissions once we add query level access.
Comment #7
rgpublicHmm. In commerce_product.routing.yml there are various permissions referenced, but they don't appear in commerce_product.permissions.yml except for one. I'm trying to give a user rights to edit products. I think the permission is called "administer commerce_product" but it doesnt appear anywhere. What am I doing wrong? Or shouldn't this work yet anyway...?
Comment #8
rgpublicAh, found it. For anyone else stranding here on this issue due to missing Commerce permissions: Make sure you use the latest Entity API:
Comment #9
mglamanIf you are using Commerce then you should be using Composer to update your dependencies, not Drush.
Comment #10
themic8 CreditAttribution: themic8 at Trail 9 commentedI'm not seeing this for orders. Has this been updated for orders?