Add a getter for Entity\Query\QueryBase::$accessCheck

Open on Drupal.org →

Created on 10 March 2025, 2 months ago

Problem/Motivation

Since 📌 Add an alter hook to EntityQuery RTBC it's been possible to alter an EntityQuery, however, there is no getter for the $accessCheck property so it's impossible use the hooks for access checking without using reflection →
.

Steps to reproduce

1. Implement one of the entity query alter hooks → .
2. Try to determine if the query has accessCheck set to TRUE without using reflection.

Proposed resolution

Add a getter for accessCheck so that the property can be accessed without reflection.

The simplest way to do this would be to add asymmetric visibility, but since we support PHP 8.3 we'll need to define a new method.

Remaining tasks

Write Patch

User interface changes

N/A

Introduced terminology

Since accessCheck is already taken, perhaps hasAccessCheck could work?

API changes

Adding a new method to Drupal\Core\Entity\Query\QueryInterface.

Data model changes

N/A

Release notes snippet

TBD

✨ Feature request

Status

Active

Version

11.0 🔥

Component

entity system

Created by

🇺🇸United States davidwbarratt

Live updates comments and jobs are added and updated live.

Sign in to follow issues

Merge Requests

!11431Add a getter for Entity\Query\QueryBase::$accessCheck
Open
🇺🇸United States davidwbarratt
updated 2 months ago

Comments & Activities

Issue created by @davidwbarratt
Merge request !11431Add hasAccessCheck method → (Open) created by davidwbarratt
Comment 2 months ago →
🇺🇸United States davidwbarratt
Comment 2 months ago →
🇺🇸United States davidwbarratt
Pipeline finished with Failed
2 months ago
#444329
Pipeline finished with Failed
2 months ago
#444363
Pipeline finished with Success
2 months ago
Total: 1132s
#444367
Comment about 2 months ago →
🇺🇸United States smustgrave
Thanks for the suggestion

Will probably need a simple test case around this and probably convert 1-2 spots in core that could use this to show it's needed.
Comment about 2 months ago →
🇺🇸United States davidwbarratt
I'm kind of shocked that hook_query_TAG_alter, at least for the purposes of access, is only used by node in core with NodeHooks1::queryNodeAccessAlter which is kind of a beast.

Ironically, the example for hook_query_TAG_alter is a hypothetical for the media module that would be greatly simplified by this change, which wouldn't use that hook in the first place.

I'm not sure where a test should therefore belong? This change is effectively only useful for contrib modules to utilize until someone wants to take on the work of refactoring node access, in which this change I imagine would be helpful.

Any guidance you can provide would be helpful!
Comment about 2 months ago →
🇺🇸United States davidwbarratt
It seems outside of the scope of this issue, but we could add a hook_entity_query_ENTITY_TYPE_alter for an entity type like user? For instance, if a user doesn't have the access user profiles permission and the query hasAccessCheck than the query should immediately return zero results right?
Comment about 2 months ago →
🇺🇸United States davidwbarratt
We could persue a more comprehensive solution, which I've documented in #777578-245: Add an entity query access API and deprecate hook_query_ENTITY_TYPE_access_alter() →
Comment about 2 months ago →
🇺🇸United States davidwbarratt
I'm closing this because a more comprehensive solution is needed. I've documented the problem more clearly at 🐛 QueryInterface::accessCheck does nothing Active
Comment about 2 months ago →
🇺🇸United States davidwbarratt

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024