- 🇮🇹Italy robertom
patch updated for branch 10.1.x-dev
it looks strange to check access before checking that link template exists
yeah, but it's the same order used in EntityListBuilder::getDefaultOperations
- Status changed to Needs work
about 2 years ago 2:55pm 28 January 2023 - 🇺🇸United States smustgrave
This issue is being reviewed by the kind folks in Slack, #needs-review-queue-initiative. We are working to keep the size of Needs Review queue [2700+ issues] to around 400 (1 month or less), following Review a patch or merge request → as a guide.
This will need a test case to show the issue is fixed.
Did not review code.
- 🇮🇳India mukhtarm
$entity->access('permission') has been deprecated since D10 and gives the warning( https://www.drupal.org/node/3201242 → ).
Relying on entity queries to check access by default is deprecated in drupal:9.2.0 and an error will be thrown from drupal:10.0.0. Call \Drupal\Core\Entity\Query\QueryInterface::accessCheck() with TRUE or FALSE to specify whether access should be checked.Anyway to check explicit access for the entity in
getDefaultOperations?for eg:
public function getDefaultOperations(EntityInterface $entity) { $exists = isset($this->templates[$entity->getGathercontentTemplateId()]); $operations = []; if ($exists && $entity->access('update') && $entity->hasLinkTemplate('edit-form')) { $operations['edit'] = [ 'title' => $entity->hasMapping() ? $this->t('Edit') : $this->t('Create'), 'weight' => 10, 'url' => $entity->toUrl('edit-form'), ]; } if ($entity->access('delete') && $entity->hasLinkTemplate('delete-form')) { $operations['delete'] = [ 'title' => $this->t('Delete'), 'weight' => 100, 'url' => $entity->toUrl('delete-form'), ]; } return $operations; }here i think its explicitly checking access for
'update'or'delete'. So the entityQuery->accessCheck(TRUE) would work? as its for the whole access right?