Contrib.social

ValidReferenceConstraintValidator should not try to enforce data integrity on pre-existing references

Open on Drupal.org โ†’
Created on 18 May 2018, about 6 years ago
Updated 22 May 2024, about 1 month ago

Problem:

Nodes are not saving with inaccesible pre-existing referenced items.

Issue has been fixed once with the ticket: https://www.drupal.org/project/drupal/issues/2791269 โ†’ stating, "Allow saving pre-existing references to inaccessible items" means there should not be any validation check for the existing referenced items.

Still the node save was disallowed and throwing an exception : "This entity (node: 32) cannot be referenced."

On cheking deeper the solution contains a condition:

/core/lib/Drupal/Core/Entity/Plugin/Validation/Constraint/ValidReferenceConstraintValidator.php
@@ -119,32 +119,31 @@ public function validate($value, Constraint $constraint) {
+          // Check if any of the invalid existing references are simply not
+          // accessible by the user, in which case they need to be excluded from
+          // validation
+          if (isset($previously_referenced_ids[$target_id]) && isset($existing_entities[$target_id]) && !$existing_entities[$target_id]->access('view')) {
+            continue;
+          }

Accordingly, the clause !$existing_entities[$target_id]->access('view') is causing problem in my casue.

Steps to reproduce

  • Create a content type with an entity reference field, able to reference the same content type.
  • Give a test user access to edit all content of that type + "view own unpublished content".
  • Create an unpublished node using user "test user".
  • Create another node referencing the unpublished node. using user "test user"
  • As the test user, edit the second node. Notice the reference field says โ€œ- Restricted access - (1)โ€
  • Try saving the node, get an โ€œThis entity (node: 1) cannot be referenced.โ€ error.

here, the condition is failing becasue the "test user" has "view access" for the referenced unpublished node ceated by himself.

It is not only the problem with "view own unpublished content" permisisons. When you have any other Node access module enabled like Domain Access or content modertion. The issue get more severe and requires a broader scope.

Becasue user will be editing a node shared on different domains consisting different doamins (assigned) entity references.

Required solutions

  1. The scope of the validation check should be defined.
    • When the items should be validated - pre-existing or new ?
    • Should validate existing items in case of deleted entites ?
    • What is overall requirement of the validations ?
  2. Remove the "view access" condition ? And add other conditions depending upon the anwser of above point.
๐Ÿ› Bug report
Status

Needs work

Version

11.0 ๐Ÿ”ฅ

Component
Entity referenceย  โ†’

Last updated 5 days ago

No maintainer
Created by

๐Ÿ‡ฉ๐Ÿ‡ชGermany nghai

Live updates comments and jobs are added and updated live.
  • Needs subsystem maintainer review

    It is used to alert the maintainer(s) of a particular core subsystem that an issue significantly impacts their subsystem, and their signoff is needed (see the governance policy draft for more information). Also, if you use this tag, make sure the issue component is set to the correct subsystem. If an issue significantly impacts more than one subsystem, use needs framework manager review instead.

Sign in to follow issues

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

contrib.social Blog FAQ Discussions
Production build 0.69.0 2024