I've created a view that allows some users to see some emails of other users. However the UserAccessControlHandler::checkFieldAccess has code like this:
// Administrative users are allowed to edit and view all fields.
if (!in_array($field_definition->getName(), $explicit_check_fields) && $account->hasPermission('administer users')) {
return AccessResult::allowed()->cachePerPermissions();
}and
case 'mail':
// Allow view access to own mail address and other personalization
// settings.
if ($operation == 'view') {
return $is_own_account ? AccessResult::allowed()->cachePerUser() : AccessResult::forbidden();
}
// Anyone that can edit the user can also edit this field.
return AccessResult::allowed()->cachePerPermissions();which basically only allows users with "administer users" or if they are that user access to view the email.
However in UserViewsData it has help text as follows:
'Email address for a given user. This field is normally not shown to users, so be cautious when using it.'
The help text is misleading because it doesn't take the above conditions into consideration. We either need to get rid of the email condition (which I doubt is going to happen) or create a custom views field which bypasses checkFieldAccess. Are there any other recommended solutions out there?
Comments
Comment #2
Greenstack commentedThis is still true as of Drupal 8.3.x.
Comment #3
berdirTHis is in purpose locked down.
#2773645: Allow hook_entity_field_access() to grant field-level access to User fields: 'forbidden' -> 'neutral' is about making it easier to make it accessible with a bit of custom code but I think it is the correct default behavior. Once the related issue is resolved there might be a contrib module to make it easier by exposing a special permission or so.
The help text is a indeed a bit strange but I'd suggest a separate issue to reword that.