checkAccess fails on programmaticly create profiles

Created on 15 October 2024, about 1 month ago

Problem/Motivation

Always receive access denied when trying to access to profile view, edit or delete pages. Even if I'm the profile owner or the site administrator. Permissions are correct.

Steps to reproduce

I programmaticly create a user and his profile:

User::create();
$user->setUsername($username);
$user->setEmail($email);
$user->set('name', $name);
$user->save();

$profile = Profile::create([
	'type' => 'type_name',
	'uid' => $user->id(),

	// Aggiungi i campi del profilo qui.
	'field_other' => $other,
]);
$profile->save();

Proposed resolution

In file: \src\ProfileAccessControlHandler.php
this code:

    if ($result->isAllowed()) {
      /** @var \Drupal\profile\Entity\ProfileInterface $entity */
      $owner = $entity->getOwner();
      if ($owner) {
        $result = $result->andIf($this->checkRoleAccess($owner, $entity->bundle()));
      }
    }

prevent my admin user to access the profile. If I remove it, everything seems to work perfectly.

Any help?

🐛 Bug report

Status

Active

Version

1.0

Component

Code

Created by

🇮🇹Italy gianfrasoft

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @gianfrasoft
Comment about 1 month ago →
🇮🇹Italy gianfrasoft
I found the problem.

When creating User I didn't set any role so profiles associated to the user were not accessable.
Comment about 1 month ago →
🇮🇹Italy gianfrasoft

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024