Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
After implementing node grants, it becomes impossible to return a CacheableResponse from a controller which performs a query with 'node_access' specified. The code in node_query_node_access (see link below) grabs the current request stack and a renderer and renders an array with node access cache tags. This causes EarlyRenderingControllerWrapperSubscriber (linked below) to throw a LogicException.
https://api.drupal.org/api/drupal/core%21modules%21node%21node.module/fu...
https://api.drupal.org/api/drupal/core%21lib%21Drupal%21Core%21EventSubs... (see source, line 154)
Comments
Comment #2
Wim LeersWhere is the controller code?
We added that auto-cache-context-bubbling thing to
node_query_node_access_alter()
in #2557815: Automatically bubble the "user.node_grants:$op" cache context in node_query_node_access_alter(), and it comes with test coverage that uses a controller. So I'm surprised it doesn't work for you, because it does work in the test.Comment #3
gabesullice@Wim Leers I believe the reason those tests pass is because they are returning a renderable array, the issue is with returning a CacheableResponse. See comment here: http://cgit.drupalcode.org/drupal/tree/core/lib/Drupal/Core/EventSubscri...
This is effectively the code http://cgit.drupalcode.org/jsonapi/tree/src/Resource/EntityResource.php#...
Comment #4
Wim LeersThe problem is that
node_query_node_access_alter()
runs during the controller, you want it to run lazily, then this is not a problem.(Sorry had this response sitting here from before #3, lost this browser tab somewhere.)
Comment #9
gabesulliceWhoa, blast from the past. This is outdated since #2984964: JSON API + hook_node_grants() implementations: accessing /jsonapi/node/article as non-admin user results in a cacheability metadata leak
Comment #10
bkosborneSo glad to have found this issue as I was debugging the problem. I have a custom controller that returns a CacheableJsonResponse directly and I thought I was capturing all the relevant metadata until I executed a query with node_access cache tag. I got the logic exception!
Note that #2984964: JSON API + hook_node_grants() implementations: accessing /jsonapi/node/article as non-admin user results in a cacheability metadata leak doesn't make this issue outdated exactly. That issue fixed the problem specifically for JSON API only. For any custom module developers that return cacheable JSON, they need to wrap the query being executed in a render context and pop the cache metadata off of it!
See the patch in #2984964 for example.