Problem/Motivation

Per #2914486-119: Add granular permissions to the Layout Builder:

  1. +++ b/core/modules/layout_builder/src/Access/LayoutSectionAccessCheck.php
@@ -27,6 +27,7 @@ class LayoutSectionAccessCheck implements AccessInterface {
+    @trigger_error(__NAMESPACE__ . '\LayoutSectionAccessCheck is deprecated in Drupal 8.7.x and will be removed before Drupal 9.0.0. Use \Drupal\layout_builder\Access\LayoutBuilderAccessCheck instead. See https://www.drupal.org/node/3039551.', E_USER_DEPRECATED);

    This should say "deprecated in 8.7.0" (not 8.7.x).

    @todo Followup issue to talk about deprecations of access checks (and as compared to tagged services generally).

All known cases in Drupal core:

  1. \Drupal\layout_builder\Access\LayoutSectionAccessCheck#2914486: Add granular permissions to the Layout Builder
  2. \Drupal\Core\Access\CsrfRequestHeaderAccessCheck#2753681: Move CSRF header token out of REST module so that user module can use it, as well as any contrib module
  3. \Drupal\quickedit\Access\EditEntityFieldAccessCheck#2267621: Deprecate and rename EditEntityFieldAccessCheck now that the module is named Quick Edit
  4. \Drupal\workflows\WorkflowDeleteAccessCheck#2896726: Expand the entity access model for workflow states and transitions.

Proposed resolution

TBD

Remaining tasks

Determine if changes are needed on Drupal deprecation policy. If so, make them. Otherwise close this.

User interface changes

API changes

Data model changes

Release notes snippet

Comments

Wim Leers created an issue. See original summary.

tim.plunkett’s picture

tim.plunkett
he/him
Primary language English
Location Philadelphia
commented
Issue summary: View changes

Of those 4, LayoutSectionAccessCheck and WorkflowDeleteAccessCheck have @trigger_errors in their access() method, and the other two have none.

The key thing is that the trigger_error CANNOT live outside the class (like most other cases) because when they are gathered as tagged services, they are instantiated. Even if they are not being used.

xjm’s picture

xjm
she/her
Primary language English
commented
Title: [DISCUSSION] How to deprecate access checks? » [Policy, no patch] How to deprecate access checks?
berdir’s picture

berdir
Primary language German
Location Switzerland
commented

Yeah, seems pretty obvious, @deprecated on the class and @trigger_error() in the access() method when it is actually used :)

Version: 8.8.x-dev » 8.9.x-dev

Drupal 8.8.0-alpha1 will be released the week of October 14th, 2019, which means new developments and disruptive changes should now be targeted against the 8.9.x-dev branch. (Any changes to 8.9.x will also be committed to 9.0.x in preparation for Drupal 9’s release, but some changes like significant feature additions will be deferred to 9.1.x.). For more information see the Drupal 8 and 9 minor version schedule and the Allowed changes during the Drupal 8 and 9 release cycles.

Version: 8.9.x-dev » 9.1.x-dev

Drupal 8.9.0-beta1 was released on March 20, 2020. 8.9.x is the final, long-term support (LTS) minor release of Drupal 8, which means new developments and disruptive changes should now be targeted against the 9.1.x-dev branch. For more information see the Drupal 8 and 9 minor version schedule and the Allowed changes during the Drupal 8 and 9 release cycles.

Version: 9.1.x-dev » 9.2.x-dev

Drupal 9.1.0-alpha1 will be released the week of October 19, 2020, which means new developments and disruptive changes should now be targeted for the 9.2.x-dev branch. For more information see the Drupal 9 minor version schedule and the Allowed changes during the Drupal 9 release cycle.

Version: 9.2.x-dev » 9.3.x-dev

Drupal 9.2.0-alpha1 will be released the week of May 3, 2021, which means new developments and disruptive changes should now be targeted for the 9.3.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

quietone’s picture

quietone commented
Issue summary: View changes

Reviewing @deprecated issues.

I think the last thing to do here is to make sure that Drupal deprecation policy is up to date regarding access checks.

Can someone confirm that?

Version: 9.3.x-dev » 9.4.x-dev

Drupal 9.3.0-rc1 was released on November 26, 2021, which means new developments and disruptive changes should now be targeted for the 9.4.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.4.x-dev » 9.5.x-dev

Drupal 9.4.0-alpha1 was released on May 6, 2022, which means new developments and disruptive changes should now be targeted for the 9.5.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 9.5.x-dev » 10.1.x-dev

Drupal 9.5.0-beta2 and Drupal 10.0.0-beta2 were released on September 29, 2022, which means new developments and disruptive changes should now be targeted for the 10.1.x-dev branch. For more information see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

Version: 10.1.x-dev » 11.x-dev

Drupal core is moving towards using a “main” branch. As an interim step, a new 11.x branch has been opened, as Drupal.org infrastructure cannot currently fully support a branch named main. New developments and disruptive changes should now be targeted for the 11.x branch, which currently accepts only minor-version allowed changes. For more information, see the Drupal core minor version schedule and the Allowed changes during the Drupal core release cycle.

quietone’s picture

quietone commented
Status: Active » Reviewed & tested by the community

I have checked the policy and what is said in #4 is documented, https://www.drupal.org/about/core/policies/core-change-policies/drupal-d.... There is also a section for services, https://www.drupal.org/node/2856615/revisions/10420324/view#how-service

I think this can be closed as outdated.

catch’s picture

catch
he/him
Primary language English
commented
Status: Reviewed & tested by the community » Closed (outdated)

Yep we figured this out in the interim.

quietone’s picture

quietone commented
Version: 11.x-dev » 10.3.x-dev

Changing to latest version when this was closed.

xjm’s picture

xjm
she/her
Primary language English
commented

Crediting discussion participants (not myself; all I did was fix the title).