Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
See parent issue #3200985: [meta] Fix undesirable access checking on entity query usages for context and test coverage policy.
The aggregator module uses entity queries in many places that implicitly check access, but this is probably not intended.
Issue fork drupal-3203369
Show commands
Start within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
Comments
Comment #3
jonathanshawComment #4
jonathanshawMajor because it blocks #2785449: It's too easy to write entity queries with access checks that must not have them
Comment #5
jonathanshawComment #6
andypostAs all this places are used to work without access checks, if someone will add access checks the decoration of storage will be required
Comment #9
catchPatch looks good, and agreed we don't need explicit test coverage here because query access on aggregator feeds is an extreme edge case.