Problem/Motivation

I would like to add custom access check to routing entity.group.group_request_membership with RouteSubscriber.

  protected function alterRoutes(RouteCollection $collection) {
    if ($route = $collection->get('entity.group.group_request_membership')) {
      $route->setRequirement('_my_custom_access', 'FALSE');
    }
  }

The problem is when the modul rendering "Request group membership" or "Request membership" link then it has own logic in code. We must use $url->access($account) to render link when route is available.

When own logic needed it's ok to extend, but I suggest to also use $url->access($account) because if it's false then route is unavailable.

For example:

Old:

      if ($group->hasPermission('request group membership', $this->currentUser)) {
        $build = $group->toLink($this->t('Request Membership'), 'group-request-membership')
          ->toString();
      }

New:

      $link = $group->toLink($this->t('Request Membership'), 'group-request-membership');
      if($link->getUrl()->access($this->currentUser)){
        $build = $link->toString();
      }
CommentFileSizeAuthor
#5 3299945-5.patch2.16 KBkecsot
#2 3299945-2.patch2.2 KBkecsot

Issue fork grequest-3299945

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

kecsot created an issue. See original summary.

kecsot’s picture

kecsot
he/him
commented
StatusFileSize
new 3299945-2.patch2.2 KB
kecsot’s picture

kecsot
he/him
commented
Status: Active » Needs review
kecsot’s picture

kecsot
he/him
commented
Issue summary: View changes
kecsot’s picture

kecsot
he/him
commented
StatusFileSize
new 3299945-5.patch2.16 KB

new patch without useless row :)

LOBsTerr made their first commit to this issue’s fork.

LOBsTerr opened merge request !15

lobsterr’s picture

lobsterr commented

@kecsot, I have used your changes and also I added a custom access handler to be sure that we have group request membership plugin enabled. In other case we could get Exception.
Please, check and if it is fine. We can tag another release.

kecsot’s picture

kecsot
he/him
commented

Thank you @LOBsTerr !

Ah! You right, you found a bug. If the plugin is not installed and we go to /group/{id}/request-membership then it throw an exception.

I've found an access class in group module called GroupInstalledContentAccessCheck
This can replace your linkAccess() function.

So I suggest to use it instead of linkAccess.

   -  _custom_access: '\Drupal\grequest\Controller\GroupMembershipRequestController::linkAccess'
   +  _group_installed_content: 'group_membership_request'

also I don't understand why did u check 'request group membership' permission in linkAccess function.

What you think?

lobsterr’s picture

lobsterr commented

A nice catch, I didn't know it exists. Now it is nice and clean :)

kecsot’s picture

kecsot
he/him
commented

I've tested it manually.
Works well and code looks good.

Thank you :)

lobsterr’s picture

lobsterr commented

Thank you for your contribution

  • LOBsTerr committed 69bc713 on 1.0.x 
    Issue #3299945 by LOBsTerr, kecsot: Use route access not custom code
lobsterr’s picture

lobsterr commented
Status: Needs review » Fixed

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.