Fix Entity queries must explicitly set whether the query should be access checked or not in Entityqueue Form Widget

Created on 14 March 2023, about 2 years ago

Problem/Motivation

Having the following error after finishing the installation.

Error message
Entity queries must explicitly set whether the query should be access checked or not. See Drupal\Core\Entity\Query\QueryInterface::accessCheck().

Proposed resolution

Have queries over entities changed in the Entityqueue Form Widget module
With basic accessCheck(TRUE) or pass the needed access check for admins or selected user roles and permissions.

Access checking must be explicitly specified on content entity queries →
#2785449: It's too easy to write entity queries with access checks that must not have them →

BEFORE

// This gets all articles the current user can view.
$ids = \Drupal::entityQuery('node')
  ->condition('type', 'article')
  ->execute();

// This also gets all articles the current user can view.
$ids = \Drupal::entityQuery('node')
  ->accessCheck(TRUE)
  ->condition('type', 'article')
  ->execute();

// This gets all articles that exist regardless of access.
$ids = \Drupal::entityQuery('node')
  ->accessCheck(FALSE)
  ->condition('type', 'article')
  ->execute();

AFTER

// This will trigger a deprecation error.
$ids = \Drupal::entityQuery('node')
  ->condition('type', 'article')
  ->execute();

// Unchanged: This gets all articles the current user can view.
$ids = \Drupal::entityQuery('node')
  ->accessCheck(TRUE)
  ->condition('type', 'article')
  ->execute();

// Unchanged: This gets all articles that exist regardless of access.
$ids = \Drupal::entityQuery('node')
  ->accessCheck(FALSE)
  ->condition('type', 'article')
  ->execute();

Remaining tasks

✅ File an issue
✅ Addition/Change/Update/Fix
✅ Testing to ensure no regression
➖ Automated unit testing coverage
➖ Automated functional testing coverage
➖ UX/UI designer responsibilities
➖ Readability
✅ Accessibility
➖ Performance
➖ Security
➖ Documentation
✅ Code review by maintainers
✅ Full testing and approval
✅ Credit contributors
✅ Review with the product owner
✅ Release notes snippet
✅ Release entityqueue_form_widget-2.0.5 →

API changes

Data model changes

Release notes snippet

Issue #3347916 → : Fixed Entity queries must explicitly set whether the query should be access checked or not

🐛 Bug report

Status

Fixed

Version

2.0

Component

Code

Created by

🇯🇴Jordan Rajab Natshah Jordan

Live updates comments and jobs are added and updated live.

entityqueue_form_widget-2.0.5

Drupal 10 compatibility

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Issue created by @Rajab Natshah
Assigned to Mohammed J. Razem
Status changed to Needs review about 2 years ago5:20pm 14 March 2023
Comment about 2 years ago →
🇯🇴Jordan Rajab Natshah Jordan
Comment about 2 years ago →
🇯🇴Jordan Rajab Natshah Jordan
Issue was unassigned.
Status changed to Fixed about 2 years ago5:21pm 14 March 2023
Comment about 2 years ago →
🇯🇴Jordan Rajab Natshah Jordan
Comment about 2 years ago →
🇯🇴Jordan Rajab Natshah Jordan
Comment about 2 years ago →
🇯🇴Jordan Rajab Natshah Jordan
Comment about 2 years ago →
🇯🇴Jordan Rajab Natshah Jordan
✅ Released entityqueue_form_widget-2.0.5 →
Comment about 2 years ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024