Permission issue in panels ipe requirement: read

Right now in panels_ipe.routing.yml a _panels_storage_access requirement: 'read' get's defined. This requirement get's passed by panelizer to entity->access() which doesn't know about read but only the view permission.
Should this be handled by panelizer? I attached a patch for panels for now.

This is critical since only users who bypass panelizer access control can use panelizer IPE right now.

Comment	File	Size	Author
#2	2791569-Permission-issue-in-panels-ipe-requirement-read.patch	2.92 KB	muschpusch
#2	8.x-3.x: PHP 5.5 & MySQL 5.5, D8.5 21 pass, 2 fail

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

29 August 2016 at 10:32

muschpusch created an issue. See original summary.

Log in or register to post comments

Comment #2

muschpusch CreditAttribution: muschpusch at Factorial GmbH commented 29 August 2016 at 10:34

File	Size
2791569-Permission-issue-in-panels-ipe-requirement-read.patch	2.92 KB
8.x-3.x: PHP 5.5 & MySQL 5.5, D8.5 21 pass, 2 fail

Log in or register to post comments

DamienMcKenna’s picture

Comment #3

NH, USA

CreditAttribution: DamienMcKenna at Mediacurrent commented 28 September 2017 at 03:18

Version:	8.x-3.x-dev	» 8.x-4.x-dev
Status:	Active	» Needs review

Log in or register to post comments

Comment #4

28 September 2017 at 03:21

Status:

Needs review

» Needs work

The last submitted patch, 2: 2791569-Permission-issue-in-panels-ipe-requirement-read.patch, failed testing. View results

Log in or register to post comments