- Issue created by @phonkala
- Merge request !24Issue #3368882: Access checking must be explicitly set on entity queries → (Merged) created by phonkala
- 🇫🇮Finland phonkala
Sorry have never done a patch before so not sure if that merge request was to correct way, didn't see a way to add the patch file any other way. But found the option now, here's quick patch to remove the entity query access check error.
- 🇳🇱Netherlands ekes
Adding `accessCheck(TRUE)` is correctly re-implementing what is happening now. Looking at the code I think this should actually be `accessCheck(FALSE)`? Because I'm wondering if this does'nt want to avoid duplicates even if the user doesn't have access to it?
This patch, one way or the other, however is needed for D10.
- Status changed to Needs review
12 months ago 2:52pm 24 November 2023 - 🇧🇪Belgium keszthelyi Brussels
Tested #5 and it fixes the issue, also it is the correct solution IMO:
- for
UniqueReferenceFieldValidatoraccess should not be checked (see #4) - fixes another case where
accessCheckis not set on the query inGroupPermissionsController::getRevisionIds()(where we should check the access)
- for
- Status changed to RTBC
12 months ago 9:16am 27 November 2023 - 🇩🇪Germany ammaletu Bonn, Germany
I ran into this today and can confirm that the patch from #5 is fixing this. I also think that haven accessCheck(FALSE) is the correct behavior. The way it is now, permissions can not be saved for a group under Drupal 10.1+, which is after all the whole point of this module. :-)
It would be great if you could tag a new release for this. It would be even better if this could be ported to the 1.x branch as well. The concerned class looks the same, so the fix can be applied to both branches without modifications.
- 🇳🇱Netherlands Jan-E
The same problem exists in Group Permissions 1.0. Did saomebody already make a patch for 1.0.x?
- 🇳🇱Netherlands Jan-E
Reroll of #5 🐛 Access checking must be explicitly set on entity queries RTBC for Group permissons 1.0.0-alpha10. #5 applied quite clean against that release, except for a
Hunk #1 succeeded at 467 (offset -13 lines).
I also tested unchecking some outsider permissions in a group instance. Works OK!
- Assigned to lobsterr
-
LOBsTerr →
committed 4d5f3cee on 2.0.x authored by
phonkala →
Issue #3368882 by Jan-E: Access checking must be explicitly set on...
-
LOBsTerr →
committed 4d5f3cee on 2.0.x authored by
phonkala →
-
LOBsTerr →
committed 8b19ac92 on 1.0.x
Issue #3368882 by msnassar, LOBsTerr: Access checking must be explicitly...
-
LOBsTerr →
committed 8b19ac92 on 1.0.x
- Status changed to Fixed
8 months ago 11:34pm 6 March 2024 - 🇧🇪Belgium msnassar
@LOBsTerr I wonder why we have different access check in v1.0 and v2.0... I believe that both should have same access check like the one in #5. No?
Automatically closed - issue fixed for 2 weeks with no activity.