AccessCheck for routes have to be allowed

Created on 31 July 2024, 5 months ago
Updated 14 August 2024, 4 months ago

Problem/Motivation

https://www.drupal.org/project/drupal/issues/2991698#comment-14009628 πŸ› Why does Route access checking differ from Entity access checking? Needs work

In SalesforceMfwAccessCheck, the default case is return AccessResult::neutral(). Due to an inconsistency between routes and entities, routes must be ::allowed(), whereas entities must be ::neutral(). This is causing unrelated blocks to be 403 forbidden when trying to remove them from the block layout.

Proposed resolution

Update the AccessCheck default case to ::allowed().
Provide automated test for this case.

πŸ› Bug report
Status

Fixed

Version

1.0

Component

Code

Created by

πŸ‡ΊπŸ‡ΈUnited States kyleleber

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

Production build 0.71.5 2024