I am trying to implement 'own permissions' for Drupal 8 version of ECK. I want to access the 'owner' uid for ECK entity to allow content creators to make changes and disallow everyone else.
function MODULE_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operation, \Drupal\Core\Session\AccountInterface $account) {
$user = \Drupal::currentUser()->id();
drupal_set_message(\Drupal::currentUser()->id(), 'error');
if ($entity->getEntityTypeId() == 'ECK_ENTITYTYPE'){
switch ($operation) {
case 'update':
case 'delete':
if ($entity->uid() == $user) {
AccessResult::allowed();
}
break;
}
}
}$entity->uid() returns null. $entity->getOwnerID() returns null.
What am I missing?
Closed: outdated
Miscellaneous
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
ECK permission system does not allow 'own' content edit/delete access which can be a security vulnerability
Nowadays it does. Not sure why no user was returned in your case, maybe because access was being checked for an empty/new entity?