EntityAccessControlHandlers miss entity admin access [#2409691]

Problem

#2350509: Implement auto-route generation for all core entities and convert all of the core entities. needs to be able to check which users are allowed to access the admin listing pages for entities, but right now the entity system cannot handle that sort of access check.
For implementing action/condition access in Rules, we need to be able to implement the access() method for unconfigured actions and conditions in order to tell the system, whether the user should be allowed to configure the plugin.

Proposed resolution

Add EntityAccessControlHandler::adminAccess($operation) and implement it for core entity types. Thus, for determining list access one would check admin 'view' access.

Remaining tasks

Implement.

User interface changes

API changes

Addition of adminAccess EntityAccessControlHandlerInterface.

Original report by fago

For implementing action/condition access in Rules, we need to be able to implement the access() method for unconfigured actions and conditions in order to tell the system, whether the user can configure the plugin. For that, it was possible in d7 to use entity_access() without an $entity parameter in d7 entity.module. However, in d8 that's not possible any more as $entity is required.

Comments

Comment #1

fago

German

Vienna

CreditAttribution: fago commented 18 January 2015 at 14:45

Title:

No way to check generic entity admin access

» No way for check entity admin access

Comment #2

fago

German

Vienna

CreditAttribution: fago commented 18 January 2015 at 16:44

Title:	No way for check entity admin access	» EntityAccessControlHandlers miss entity admin access
Project:	Rules	» Drupal core
Version:	8.x-3.x-dev	» 8.0.x-dev
Component:	Rules Core	» entity system
Issue summary:	View changes
Issue tags:		+Contributed project blocker

Comment #3

fago

German

Vienna

CreditAttribution: fago commented 1 February 2015 at 18:02

I started working for a patch for that, but after being half-done I figured it's not really necessary to have more detailed admin permission for #d8rules nor #2350509: Implement auto-route generation for all core entities and convert all of the core entities.. However related, as outlined in #2418165: [META] Rules condition and action plugin access Rules needs a way to generically check 'generic entity view access' (i.e. being able to access all entities of a type).

Comment #4

1 February 2015 at 18:02

Version:

8.0.x-dev

» 8.1.x-dev

Drupal 8.0.6 was released on April 6 and is the final bugfix release for the Drupal 8.0.x series. Drupal 8.0.x will not receive any further development aside from security fixes. Drupal 8.1.0-rc1 is now available and sites should prepare to update to 8.1.0.

Bug reports should be targeted against the 8.1.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.2.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Comment #5

1 February 2015 at 18:02

Version:

8.1.x-dev

» 8.2.x-dev

Drupal 8.1.9 was released on September 7 and is the final bugfix release for the Drupal 8.1.x series. Drupal 8.1.x will not receive any further development aside from security fixes. Drupal 8.2.0-rc1 is now available and sites should prepare to upgrade to 8.2.0.

Bug reports should be targeted against the 8.2.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.3.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

Comment #6

1 February 2015 at 18:02

Version:

8.2.x-dev

» 8.3.x-dev

Drupal 8.2.6 was released on February 1, 2017 and is the final full bugfix release for the Drupal 8.2.x series. Drupal 8.2.x will not receive any further development aside from critical and security fixes. Sites should prepare to update to 8.3.0 on April 5, 2017. (Drupal 8.3.0-alpha1 is available for testing.)

Bug reports should be targeted against the 8.3.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.4.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.