See parent issue #3200985: [meta] Fix undesirable access checking on entity query usages for context and test coverage policy. This issue is major because it blocks #2785449: It's too easy to write entity queries with access checks that must not have them.
In #3204419: EntityQuery accessCheck: always specifiy accessCheck, don't rely on the default and #3204163: EntityQuery accessCheck: tests should not check access unless relevant we missed a few cases, or new cases came in since those patches were committed.
Issue fork drupal-3207961
Show commands
Start within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
Comments
Comment #3
jonathanshawComment #4
jonathanshawI thought the same thing. Follow-up created: #3208047: EntityReference defaultSelection plugin unnecessarily adds access tag
Comment #5
jonathanshawThese changes are all trivial because they are to TRUE outside of tests and to FALSE in tests:
- TRUE is the existing default, so specifying it explicitly has no functional impact
- FALSE is the correct choice 99% of the time in tests (see #3204163: EntityQuery accessCheck: tests should not check access unless relevant)
Comment #6
longwaveAll the cases have been changed as per #5; production code stays TRUE as before, and only tests change to FALSE which is fine.
Comment #8
catchCommitted/pushed to 9.2.x, thanks!