- π«π·France prudloff Lille
There is a similar problem with hook_menu_link_content_create_access().
If you add this hook:function test_menu_link_content_create_access() { return Drupal\Core\Access\AccessResult::forbidden(); }Users with the "administer menu" permission can't use the menu link add form, but can still add a menu link when using the node edit form.
- πΊπΈUnited States nicxvan
Is the inverse also true where users without permissions can create menu items through the node edit page?
- π«π·France prudloff Lille
Is the inverse also true where users without permissions can create menu items through the node edit page?
Without the patch: users explicitly need the "administer menu" permission to create menu items through the node edit page.
With the patch: users need menu link create access (this can be achieved with the "administer menu permission" or with some custom hoook_create_access). - πΊπΈUnited States smustgrave
Left some small comments in MR
If you are another contributor eager to jump in, please allow the previous poster at least 48 hours to respond to feedback first, so they have the opportunity to finish what they started!
- πΊπΈUnited States smustgrave
Believe feedback has been addressed on this one.
- π¬π§United Kingdom catch
This looks good, I had to double check the menu link content access handler actually checks the administer menu permission for both edit and delete but it does, so this can only tighten access rather than loosen it.
Committed/pushed to 11.x, thanks!
Automatically closed - issue fixed for 2 weeks with no activity.