Node grants / query access integration (hook_query_ENTITY_TYPE_access_alter())

Created on 6 October 2021, about 3 years ago

Updated 9 May 2023, over 1 year ago

Postponed on ✨ Add an entity query access API and deprecate hook_query_ENTITY_TYPE_access_alter() Needs work

Problem/Motivation

From the module page:

This module does not integrate with the node system's access tables (via hook_node_grants and hook_node_access_records). This means that the access-by-role settings for individual nodes are not respected when a node is being queried by views, search results, etc. This module only protects direct view of an entity.

While this is acceptable in most cases, it's still something that could and should be improved, if the entity is a node.

As nodes are a special case, until ✨ Add an entity query access API and deprecate hook_query_ENTITY_TYPE_access_alter() Needs work is fixed, it only has to be implemented for that special case. Views and other modules relying on the access grants would benefit and there are other modules which solved that, to have a look at.

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

None

API changes

Data model changes

✨ Feature request

Status

Postponed

Version

1.0

Component

Code

Created by

🇩🇪Germany Anybody Porta Westfalica

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment over 1 year ago →
🇩🇪Germany Anybody Porta Westfalica
As this would only work for nodes and no other custom entities, I don't think it's worth the time.
Let's POSTPONE this together with 📌 Need to implement hook_query_TAG_alter per parent entity type to work with views correctly? Postponed on ✨ Add an entity query access API and deprecate hook_query_ENTITY_TYPE_access_alter() Needs work

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024