- Issue created by @Stado
- 🇬🇧United Kingdom aaron.ferris
It looks like the access condition in the
UserFlagType
class needs either the parent access result, OR the own/other profile permission.In this configuration, unless im missing something, the parent::actionAccess will return Allowed and the 'own' items result will be neutra, even though the user actually doesn't have the permission.
$access = parent::actionAccess($action, $flag, $account, $flaggable); if ($flaggable && $this->hasExtraPermission('owner')) { // Permit selfies. $permission = $action . ' ' . $flag->id() . ' own user account'; $selfies_permission_access = AccessResult::allowedIfHasPermission($account, $permission) ->addCacheContexts(['user']); $account_match_access = AccessResult::allowedIf($account->id() == $flaggable->id()); $own_access = $selfies_permission_access->andIf($account_match_access); $access = $access->orIf($own_access);
- Open on Drupal.org →Core: 9.5.x + Environment: PHP 7.3 & MySQL 5.7last update
9 months ago Waiting for branch to pass - 🇬🇧United Kingdom aaron.ferris
Not convinced that push is the way to go on this to be honest, but it does resolve this issue (unsure of any consequences)
1. With own account flag permission off = no access to own account flag
2. With own account flag permission on = access to own account flag
3. With other accounts flag permission on = access to other account flags
4. With other accounts flag permission off = no access to other account flags - 🇹🇭Thailand AlfTheCat
I'm experiencing this issue, and when creating a new (global) flag and trying to set the permissions for it the site throws a WSOD on saving the permissions with error:
RuntimeException: Adding non-existent permissions to a role is not allowed. The incorrect permissions are "flag tec_draft_order_excel_lover", "unflag ***". in Drupal\user\Entity\Role->calculateDependencies() (line 207 of /var/www/***/core/modules/user/src/Entity/Role.php).
I can't make new flags available anymore to any users, only UID1 is able to see and use flags.