Updated: Comment #10
In a D7 module, I could define a permission with hook_permission() and then I could define access on menu items etc. with a simple user_access('permission_name') or in some cases, just putting something like
access => 'permission_name' in a hook_menu() array item.
Now we come to D8. I'm looking at this nice page on how to create a config entity:
So let's say I have a 'administer foo_bars' permission, and I want to say that to do any operations on this config entity, you have to have this permission. Which would be the normal thing for config entities, I think.
In order to do this, it appears that I have to create a whole EntityAccess class just to override the checkAccess() method and tell it to return user_access('permission_name').
It seems like it would be a whole lot easier if I could just put this permission name in my annotation, and the default class for entity access would take over and do this for me? This doesn't seem like it would be too hard to do.
- Create a simple access controller for entities.
- Make it so that if you add annotation to the entity type giving an administrative permission name, the default access controller will do a simple user_access('the permission you gave') to check permissions for all operations.
- Decide on the annotation key. It should probably be something like admin_permission, since it will be similar to "administer nodes" in its effect (allow full CRUD).
- Add the new annotation key to EntityType and document it.
- Create the simple access controller class.
- Refactor existing entity types to use the new system.
Assuming the last step (refactoring) is done, we probably do not need to have any explicit tests added for this, because many existing tests will implicitly be using the system.
User interface changes
We'll have a simpler way to create entity types, and fewer access classes needed, especially for config entity types.
PASSED: [[SimpleTest]]: [MySQL] 58,798 pass(es).
PASSED: [[SimpleTest]]: [MySQL] 58,651 pass(es).
FAILED: [[SimpleTest]]: [MySQL] 58,724 pass(es), 105 fail(s), and 9 exception(s).