- Issue created by @Amerie
On our site, we use the Group module to determine which users have access to edit which nodes. Our article content type has a paragraphs field for "Notes". We want users outside of the node's group to be able to add/edit/delete these notes, but not any other fields. We have created a custom display mode with just the Notes field and set up the routing so that any authenticated user can access it, but the Notes paragraph widget within the form is disabled because they don't have permission to actually edit the parent node.
It doesn't seem to be possible to override this using hook_entity_access() because the hook results are OR'ed with the result of ParagraphAccessControlHandler::checkAccess() which returns "forbidden" if the user doesn't have access to edit the parent entity.
The attached patch adds a "Bypass Paragraphs parent entity access checks" permission which will skip the portion of ParagraphAccessControlHandler::checkAccess() that checks the parent entity access. If anyone has a better idea for how to accomplish this please let me know!
Active
1.15
Code