Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
In Drupal\content_entity_example\ContactAccessControlHandler you have the following method:
/**
* {@inheritdoc}
*
* Link the activities to the permissions. checkAccess is called with the
* $operation as defined in the routing.yml file.
*/
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
switch ($operation) {
case 'view':
return AccessResult::allowedIfHasPermission($account, 'view contact entity');
case 'edit':
return AccessResult::allowedIfHasPermission($account, 'edit contact entity');
case 'delete':
return AccessResult::allowedIfHasPermission($account, 'delete contact entity');
}
return AccessResult::allowed();
}
the "edit" operation does not exist, this should be changed to update.
Patch attached.
Comment | File | Size | Author |
---|---|---|---|
contactAccessControlHandler-update-operation.patch | 644 bytes | JeroenT | |
Comments
Comment #3
Mile23I'm not seeing any errors while editing contact entities.
Please offer steps to reproduce the problem if it still exists. Thanks.
Comment #4
Mile23This is a duplicate of #2913655: ContactAccessControlHandler creates access bypass? where there's more code and we'll be adding tests.
Thanks!