Entity access by role

Deprecated

This module is now deprecated due to the creation of the entity_access_by_role_field. I recommend manually switching to the drupal/entity_access_by_role_field module which contains more features and is actively supported.

Synopsis

Out of the box, Drupal doesn't provide access restrictions on a single entity basis.

This module allows you to place access restrictions via roles on an entity by entity basis.

It provides a role_access field, which is prepopulated with the roles available on your site. When added to an entity, only the roles selected in the field on that entity will have view access on that entity.

Requirements

Currently only available for drupal 8.

How to use

Once enabled the "role_access" field will be available to assign to your entities.
Once assigned, create some content and assign some roles to your newly created field.
Only those roles should be able to view that content.

the following function

function entity_access_by_role_check_access(EntityInterface $entity, AccountInterface $account)
is provided to allow to you perform custom checks on an entity.

E.g allowing access to a node based on the role_access values on an entity referenced taxonomy term. This would involve passing the taxonomy entity through as the first argument in your custom hook_entity_access hook.

Known problems

A RouteSubscriber has been included to revert the access requirements on a taxonomy term back to defaults

    _entity_access: 'taxonomy_term.view'
    taxonomy_term: \d+

so that hook_entity_access works on taxonomy terms again. It's changed from this in another route subscriber as a part of core.

Restrictions

Restricted to fieldable entities
This module does not integrate with the node system's access tables (via hook_node_grants and hook_node_access_records). This means that the access-by-role settings for individual nodes are not respected when a node is being queried by views, search results, etc. This module only protects direct view of an entity.