Dynamic permissions for site_setting types

This patch makes it possible to allow certain roles to only be able to edit certain settings entity types and not all of them.

Currently the admin page that lists all types (admin/content/site-settings) can only be viewed if the user has access to all types, but its not a big problem as direct links can be added to the edit form of a type.

Also with the contextual patch: #2994006: Contextual links we can have an edit link directly on the rendered entity.

I think this could be committed as a first step, and then later it can be improved in further patches if required.

Apologies again for the long delay getting back to you on this.

In principal this is good, but in some cases, people make 50-100 site settings types. It depends whether the approach they use is creating one type and adding all fields within it (2 db tables per field) or create multiple site settings types and reuse the same field for each (like field_label). The latter is more configuration but results in less db tables and quicker initial load into cache. If there are 50-100 site settings types, the permissions UI page will quick get out of hand and run slow with the large number of fields on the page for users with older machines.

For this reason I would prefer to make this optional, either:

1. Following the Paragraphs example where they have created a submodule `paragraph_type_permissions` https://git.drupalcode.org/project/paragraphs/tree/8.x-1.x/modules
2. Making this opt-in via /src/Form/SiteSettingsConfigForm.php

Thanks for your work on this thus far!

Putting it back to needs work due typo.

Putting it back to needs work for now.

We are checking if we can add a generic permission "access site settings overview".

This would replace the requirement in the route.

Then it could make this admin list available even if the user only has access to some of the types.

I think this would be the best option, as core also has access content overview and separate administer content.

Added post update hook as now the new permission which is needed for the overview page is "access site settings overview" while previously it was "edit site setting entities".

Also fixed the ListBuilder after further testing.

#17 is a patch that can be applied together with the patch from https://www.drupal.org/project/site_settings/issues/3059909, so the test cannot run on that one separately.

Excellent thank you! I have made a few small modifications to make the code a bit more readable, particularly around the SiteSettingEntityListBuilder when there are missing bundles. I was unable to apply to D9 deprecated mixed patch.

Thanks for all your hard work on this, I am sure this feature will be useful for others!

Thanks!

We will reroll the d9 patch next week in the other issue.

No need, I am almost done sorting it, the majority still applied anyways. Thanks!