- Issue created by @volodymyr.umanets
- Status changed to Postponed: needs info
over 1 year ago 7:45am 2 August 2023 - 🇩🇪Germany stborchert
Can you give a concrete example of what is not working right now? pach should decorate the
UserAccessControlHandler
as well as any other access handler. - Status changed to Closed: cannot reproduce
11 months ago 9:33am 14 December 2023 - 🇩🇪Germany stborchert
Hey @volodymyr.umanets. While adding tests to the latest version I noticed some error when decorating UserAccessControlHandler. Maybe these are the reason for your issue ... could you please try version 2.0.3 (or 10.0.0 if you are already on Drupal 10.2).
Hi @stBorchert
I didn't work on that project recently, so I tried to update Drupal up to latest 10.2.5 version so I could use latest 10.0.0 pach module.
Unfortunately, I still see the issue here.So the issue is that your module decorates all entities with the same Handler, see the function EntityTypeManager::getHandler line
$class = 'Drupal\pach\Entity\EntityAccessControlHandler';
thenclass EntityAccessControlHandler extends CoreEntityAccessControlHandler
but if u check User entity, it has own UserAccessControlHandler which u totally skip:
class UserAccessControlHandler extends EntityAccessControlHandler
That leads us to the issue when for instance we can see disabled profile fields, see my screen:
- Status changed to Postponed: needs info
7 months ago 8:52am 22 April 2024 - 🇩🇪Germany stborchert
Hey.
Drupals UserAccessControlHandler overrides tow methods of EntityAccessControlHandler:checkAccess()
andcheckFieldAccess()
. Both methods are not overridden by the entity access control handler defined by pACH so pACH doesn't change anything defined in UserAccessControlHandler.
Do you have other modules installed controlling access to entities? In your screenshot I see "domain_alias" for example ... Could you please post some more details about your setup? @stBorchert But your entity type manager just replaces the handler of User entity:
$entity_type = 'user' $class = 'Drupal\pach\Entity\EntityAccessControlHandler'; $this->handlers[$handler_type][$entity_type] = $this->createHandlerInstance($class, $definition);
Yes, you don't override those methods, but you also don't use core UserAccessControlHandler class anymore, instead, your own $class is used.
- Status changed to Active
7 months ago 1:56pm 22 April 2024 - 🇩🇪Germany stborchert
Ok, I see. UserAccessControlHandler is not replaced entirely, but my service is decorating Drupal\Core\Entity\EntityAccessControlHandler. It only wraps some of its methods and adds some functionality.
Unfortunately, in case an AccessControlHandler extending the core EntityAccessControlHandler overrides a function that exists in Drupal\Core\Entity\EntityAccessControlHandler it wouldn't be called after decorating.
Hm, I need to think about a while and search for a way to call the extending classes method.
- Status changed to Needs review
7 months ago 6:58pm 22 April 2024 - 🇩🇪Germany stborchert
Hey @volodymyr.umanets. I've made some changes and pushed it into MR 2. Could you please review the changes and test if that works for you?
- 🇩🇪Germany stborchert
Great.
I'll try to add some more tests to catch some edge cases and will merge the changes. -
stBorchert →
committed 3e223b1c on 10.x
Resolve #3368829 "Use original methods"
-
stBorchert →
committed 3e223b1c on 10.x
- Status changed to Fixed
7 months ago 12:36pm 25 April 2024 - 🇩🇪Germany stborchert
Woah ... while adding some tests I noticed something way really off. So I had to rewrite some parts of the AccessHandler 🙈
Automatically closed - issue fixed for 2 weeks with no activity.