Access denied to create entity message from ECA

I've figured out why this is happening. There is no access control handler for message entities, so the access result is Neutral. The ECA module treats access result neutral as access denied.

The solution is to implement hook_ENTITY_TYPE_create_access(). However, I was setting the fields on the entity as well in ECA, and when you set a field value, it also checks hook_ENTITY_TYPE_access() for the operation 'update', so you need to return an access result for that as well.

The below is very rudimentary - but is enough for testing purposes. Adapt your actual results as necessary.

/**
 * Implements hook_ENTITY_TYPE_create_access().
 */
function pod_message_create_accesshook_ENTITY_TYPE_create_access(\Drupal\Core\Session\AccountInterface $account, array $context, $entity_bundle) {
  return AccessResult::allowed();
}

/**
 * Implements hook_ENTITY_TYPE_create_access().
 */
function pod_message_access(EntityInterface $entity, $operation, AccountInterface $account) {
  if ($operation == 'update') {
    return AccessResult::allowed();
  }
}

For the Message module moderators, this problem could be solved if the Message entity had an access control handler, and dynamic permissions per message template type, as users would then be able to set access permissions on entities, rather than the default access handler that just returns neutral.

Hi @Jaypan,

Have you tried using the Message UI → module? It provides additional permissions.

This might be related to 🐛 JSON:API PATCH request wants permission that doesn't exist? Fixed .

You might need to run the dev branch. I plan to make a new release of Message UI in two weeks.

There is no create permission because creating a message is done in response to an event, and the user is not relevant if a message is created or not.

There is no create permission because creating a message is done in response to an event, and the user is not relevant if a message is created or not.

It shouldn't be, yet this issue shows that the user is in fact relevant - hence the access denied error when a script tries to create a message, due to the current user being anonymous.

ECA requires the user to have create permission. Message is intended to be extended with custom code. It does not provide out-of-the-box functionality. It does provide an example module to help you write your own.

The user does not go to a form to create a message. Messages are created with code.

ECA Message → is a project that handles integration with ECA.

It says it exists until an issue with ECA is resolved.

✨ Support creation of API driven content entities Active

That module does the same thing I did earlier in this thread - sets an access result on message entity access.

Message Notify ECA → might be another solution.