Query access handler should check permission granularity

Created on 19 March 2024, 6 months ago

Updated 28 March 2024, 5 months ago

Problem/Motivation

In \Drupal\entity\EntityPermissionProviderBase::buildPermissions() we check the permission granularity of the entity type to provider either entity-type-level permissions or bundle-level permissions.

However, we never check the permission granularity anywhere in \Drupal\entity\QueryAccess\QueryAccessHandlerBase. Instead we check both the entity-type-level and the bundle-level permissions there. Thus, this is not a bug, as far as I can tell, but it does result in unnecessary checks.

I guess most people won't hit this, because the default query access doesn't really provide any benefit for entities with entity-type-level permissions, but it's annoying if you want to provide an extended query access handler that should be able to work with both permission schemes and you want to extend QueryAccessHandlerBase.

Steps to reproduce

Proposed resolution

Check $entity_type->getPermissionGranularity() in QueryAccessHandlerBase and adapt the logic accordingly.

Remaining tasks

User interface changes

API changes

Data model changes

📌 Task

Status

Active

Version

1.0

Component

Entity CRUD controller

Created by

🇩🇪Germany tstoeckler Essen, Germany

Live updates comments and jobs are added and updated live.

GreeceSpringSprint2024

Comments & Activities

Issue created by @tstoeckler
Comment 6 months ago →
🇩🇪Germany tstoeckler Essen, Germany
Comment 5 months ago →
🇬🇷Greece vensires

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024