Permission like 'Use Example form mode with user entity" does not grant permission

use Drupal\Core\Access\AccessResult; use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Session\AccountInterface; /** * Implements hook_ENTITY_TYPE_access(). */ function MODULE_user_access(EntityInterface $entity, $operation, AccountInterface $account) { $route_match = \Drupal::routeMatch(); if ($route_match && str_starts_with($route_match->getRouteName(), 'entity.user.edit_form.')) { // If the user has permission to use the particular form mode edit route, // ignore whether they have user entity access so that the 'administer // users' permission does not need to be granted. $route_parts = explode('.', $route_match->getRouteName()); $form_mode = end($route_parts); if ($account->hasPermission('use user.' . $form_mode . ' form mode')) { return AccessResult::allowed(); } } // No opinion. return AccessResult::neutral(); }

Comments & Activities

Issue created by @scott_euser
Merge request !14Implementation for working around non 'administer users' permission → (Open) created by scott_euser
Status changed to Needs review 6 months ago8:41pm 15 July 2024
Comment 6 months ago →
🇬🇧United Kingdom scott_euser
Pipeline finished with Failed
6 months ago
Total: 373s
#225005
Comment 6 months ago →
🇬🇧United Kingdom scott_euser
Phpcs failures already existing on main branch, so I think out of scope of this issue. The updated tests pass but fail without the code change as expected.
Comment 5 months ago →
🇺🇸United States mlncn Minneapolis, MN, USA
Hmm, i think we should clarify the wording, and maybe provide a submodule with this sort of feature (expanding permissions rather than restricting).

For example, i would absolutely *not* expect that granting "Use Example form mode with Page content type" to authenticated users and anonymous users would suddenly allow people who could not edit pages before now edit them. I would hope that the most restrictive permission wins, as is usually the case in Drupal.

In the case of content, it is possible to grant the permission to create or edit to multiple roles, and then *restrict* what fields are shown to different roles with the Form Mode Manager.

Unfortunately, users do not have the breakdown of permissions you would need to do that in core (moving

The combination of these modules should make it possible to do what you have done elegantly with custom code with permissions instead:

https://www.drupal.org/project/create_user_permission →
https://www.drupal.org/project/edit_profiles_perms →
Status changed to Closed: works as designed 2 months ago6:42am 12 November 2024
Comment 2 months ago →
🇬🇧United Kingdom scott_euser
Makes sense, thank you!

Permission like 'Use Example form mode with user entity" does not grant permission

Problem/Motivation

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

Workaround

Merge Requests

!14Permission like 'Use Example form mode with user entity" does not grant permission
Open

Comments & Activities

Permission like 'Use Example form mode with user entity" does not grant permission

Problem/Motivation

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

Workaround

Merge Requests

!14Permission like 'Use Example form mode with user entity" does not grant permissionOpen

Comments & Activities

!14Permission like 'Use Example form mode with user entity" does not grant permission
Open