Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem/Motivation
The scope of the bypass entity access own workspace
permission is to allow any users that have access to switch to a workspace to also be allowed to add and edit any content on that workspace. At the moment that permission actually don't grant the user to add and edit content on a workspace where the user is not the owner.
Proposed resolution
Fix user access with the bypass entity access own workspace
permission.
Remaining tasks
User interface changes
None
API changes
None
Data model changes
None
Release notes snippet
None
Comment | File | Size | Author |
---|---|---|---|
#4 | 3021247-4.patch | 1.61 KB | jeqq |
#5 | 3021247-5-test-only.patch | 883 bytes | jeqq |
#5 | 3021247-5.patch | 1.61 KB | jeqq |
Comments
Comment #2
alexpottNote the unnecessary use of
he
in this comment is being tackled in #2286655: Gender neutral languageComment #4
jeqqThis issue reveals that the bypass permission doesn't work correctly.
Comment #5
jeqqThe same patch + test-only.
Comment #6
amateescu CreditAttribution: amateescu for Pfizer, Inc. commentedAwesome, thanks for figuring this out! :)
Comment #8
jeqq.
Comment #9
jeqqComment #10
jeqqComment #11
alexpottCommitted 6253899 and pushed to 8.8.x. Thanks!
Committed a54ef47 and pushed to 8.7.x. Thanks!
I discussed this a bit with @Wim Leers and we agreed that since this is access it's important the code is clear whats happening so something like
is preferable because it makes it clear where the or is happening and that cacheability is dealt with correctly. I've made this change on commit.
Also I think we should add a test case that access is denied - so something like
Ahhh!!! We already have coverage of this in
\Drupal\Tests\workspaces\Functional\WorkspacePermissionsTest::testEditOwnWorkspace
. So let's not do that here.I think we should open a follow-up to consider merging the test with
\Drupal\Tests\workspaces\Functional\WorkspaceViewTest
and\Drupal\Tests\workspaces\Functional\WorkspacePermissionsTest
as then it easier to spot holes in our coverage.Comment #14
alexpottComment #15
rosinegrean CreditAttribution: rosinegrean at PitechPlus commented