Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Problem
- #2350509: Implement auto-route generation for all core entities and convert all of the core entities. needs to be able to check which users are allowed to access the admin listing pages for entities, but right now the entity system cannot handle that sort of access check.
- For implementing action/condition access in Rules, we need to be able to implement the access() method for unconfigured actions and conditions in order to tell the system, whether the user should be allowed to configure the plugin.
Proposed resolution
Add EntityAccessControlHandler::adminAccess($operation)
and implement it for core entity types. Thus, for determining list access one would check admin 'view' access.
Remaining tasks
Implement.
User interface changes
-
API changes
Addition of adminAccess
EntityAccessControlHandlerInterface
.
Comments
Comment #1
fagoComment #2
fagoComment #3
fagoI started working for a patch for that, but after being half-done I figured it's not really necessary to have more detailed admin permission for #d8rules nor #2350509: Implement auto-route generation for all core entities and convert all of the core entities.. However related, as outlined in #2418165: [META] Rules condition and action plugin access Rules needs a way to generically check 'generic entity view access' (i.e. being able to access all entities of a type).
Comment #7
Wim Leers