Discovered in Commerce: #3003105: The views bundle (type) filter shows items that the user doesn't have access to β .
The offered bundles are not filtered for access:
public function getValueOptions() {
if (!isset($this->valueOptions)) {
$types = $this->bundleInfoService->getBundleInfo($this->entityTypeId);
$this->valueTitle = $this->t('@entity types', ['@entity' => $this->entityType->getLabel()]);
$options = [];
foreach ($types as $type => $info) {
$options[$type] = $info['label'];
}
array_multisort($options, SORT_ASC, SORT_REGULAR, array_keys($options));
$this->valueOptions = $options;
}
return $this->valueOptions;
}
This means that the user sees options that always result in no results (assuming query access filtering is performed).
I am proposing that we filter by view access.
Needs work
10.1 β¨
Last updated
Used to track the progress of issues reviewed by the Drupal Needs Review Queue Initiative.
The change is currently missing an automated test that fails when run with the original code, and succeeds when the bug has been fixed.
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
This issue is being reviewed by the kind folks in Slack, #needs-review-queue-initiative. We are working to keep the size of Needs Review queue [2700+ issues] to around 400 (1 month or less), following Review a patch or merge request β as a guide.
Did not test issue
MR will need to be updated for 10.1
Test case will have to be added to show issue.