- Issue was unassigned.
- πΊπ¦Ukraine HitchShock Ukraine
First of all, we need to figure out the main issue and the reason for the issue.
This happens because the entity access check for the canonical route returns FALSE when the node is Unpublished.
But this means that we will have completely the same issue for the canonical routes when users don't have permission to view the entity. It could be any entity type: node, term, group, etc.So first we need to determine what exactly we need to fix:
1. Just the case with Unpublished content - if so, we can use a solution from #5.
2. If we need to fix the general case with canonical routes access check, then we need:
- create a new setting option - Ignore default permissions and use only rabbit hole rules when it's enabled for the bundle.
- make route subscriber remove all access checks β and set the custom one (_custom_access
) that will always allow access when rabbit hole enabled for the bundle. Access check must be only one in this case, because AccessManager::check() concatenates all access results with andIf(), so any other callback can break the logic.
- in this case, only rabbit hole rules will be working.Risks and comments for both cases:
1. We need to remember, that it could be a custom entity, with custom permissions for the canonical routes, or it could be some contrib module, that provides extra permissions, e.g. https://www.drupal.org/project/permissions_by_term β . So, not sure why we need to fix the issue only for the unpublished nodes if we can create new extra permission for the unpublished content instead and allow access to them.
2. This is the best option in terms of universality. But it could be risky. If we will decide to provide this way, then we have to highlight this option with attention, that default permissions will be overridden by the rabbit hole module for the certain bundle.