For now, the function which is checking access to create a term is like this (in TaxonomyPermissionsControlHandler.php):
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return AccessResult::allowedIfHasPermission($account, 'administer taxonomy');
}
This is not inline with another function in the same class:
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
switch ($operation) {
...
case 'create':
return AccessResult::allowedIfHasPermissions(
$account,
[
"create terms in {$entity->bundle()}",
'administer taxonomy',
],
'OR');
...
}
And this is not inline with the fact that if we provide the "create terms in $entity_bundle" to a role, we expect it will alllow to create a term.
I would recommend to change the function like the following:
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return AccessResult::allowedIfHasPermissions($account, ["create terms in $entity_bundle", 'administer taxonomy'], 'OR');
}
Note: this is the way the original TermAccessControlHandler (from core) was handling it.
Fixed
1.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
I think there was some confusion on the logic during the port.
Since this module only adds a view permission per bundle we should leave the create logic untouched.
I fixed this in the first stable D8 release by simply extending core's TermAccessControlHandler instead of extending the EntityAccessControlHandler and adding sudden new logic to it.
Automatically closed - issue fixed for 2 weeks with no activity.