Permissions not checked for "Si Prepublish" and "Si Recheck" task links

Created on 16 January 2025, 6 days ago

Problem/Motivation

The local task buttons for "Si Prepublish" and "Si Recheck" are always present on Node pages, regardless of permissions.

Steps to reproduce

Upgrade to 3.0.1.
Go to any Node page while logged out (assuming Anonymous does not have the "Use Siteimprove Prepublish Check" permission).
Observe local task buttons for "Si Prepublish" and "Si Recheck" are present

Proposed resolution

Looking in `siteimprove.links.task.yml` there is an access_callback to `siteimprove.access_checker:checkAccess`.

`yaml-schema: Drupal Links Task` indicates `property access_callback is not allowed`
In the services file `siteimprove.access_checker` points to `Drupal\siteimprove\Access\SiteimproveAccessChecker` which does not exist.

In short, fix the access check.

Remaining tasks

User interface changes

API changes

Data model changes

🐛 Bug report

Status

Active

Version

3.0

Component

Code

Created by

🇺🇸United States wsantell

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @wsantell
Comment 2 days ago →
🇩🇰Denmark beltofte Copenhagen 🇩🇰

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024