Hi, i have a site were i use Views and ECK. In my view i list a bunch of different bundle stuff from one Entity type. Like an event, activity or heartbeat log. In some bundle i render entity reference of node who is display. All that stuf work great.

I notice one thing when i begin to play with the permission. I remove the Node->View published content for the anonymous and the content disapear in the refrence display of the entity who is excellent. But is there a way to have the same kind of permission for entity bundle with ECK ? Maybe it's the permission section itself who do not work with views ?!? I dot know. We should be able to control that the same way node and views work or have a similar reaction when user are not able to acces the entity.

If you need more detail let me know.

Thanks

Comments

a.milkovsky’s picture

a.milkovsky
he/him
Location UTC +2
CreditAttribution: a.milkovsky as a volunteer commented
Issue summary: View changes

Node have better access implementation than other entities. See _node_query_node_access_alter(). I think we should implement something similar for ECK entities. Currently it is not possible because you will need hook_node_access and hook_node_access_records.
But hook_query_TAG_alter will work. See node_view_permissions_query_node_access_alter() as an example.

a.milkovsky’s picture

a.milkovsky
he/him
Location UTC +2
CreditAttribution: a.milkovsky as a volunteer commented

Example of hook_query_TAG_alter() for entity type 'task'. 'task_access' tag is added authomatically:

/**
 * Implements hook_query_TAG_alter().
 */
function MYMODULE_query_task_access_alter(QueryAlterableInterface $query) {
  global $user;
  // Read meta-data from query, if provided.
  if (!$account = $query->getMetaData('account')) {
    $account = $user;
  }
  if (!$op = $query->getMetaData('op')) {
    $op = 'view';
  }

  // If $account can bypass eck access we don't need to alter the query.
  if (user_access('eck view entities', $account)) {
    return;
  }

  if ($op == 'view') {
    $eck_type = 'task';
    $tables = $query->getTables();
    $eck_type_table_alias = FALSE;
    foreach ($tables as $alias => $table) {
      if ($table['table'] == "eck_$eck_type") {
        $eck_type_table_alias = $alias;
        break;
      }
    }
    if ($eck_type_table_alias) {
      $alias = $eck_type_table_alias;
      $entity_type = EntityType::loadByName($eck_type);
      $bundles = array();
      foreach (Bundle::loadByEntityType($entity_type) as $bundle) {
        if (user_access("eck view {$entity_type->name} {$bundle->name} entities", $account)) {
          $bundles[] = $bundle->name;
        }
      }
      $query->condition("$alias.type", $bundles, 'IN');
    }
  }
}

You can easily extend it for any eck type using foreach (EntityType::loadAll() as $entity_type) {