Allow _entity_create_access dynamic entity types as in _entity_access

Created on 2 April 2025, 5 days ago

Problem/Motivation

_entity_access allows dynamic entity types. Looking at the docblock from EntityAccessCheck:

   * example.route:
   *   path: '/foo/{entity_type}/{example}'
   *   requirements:
   *     _entity_access: 'example.delete'
   *   options:
   *     parameters:
   *       example:
   *         type: entity:{entity_type}

_entity_create_access (EntityCreateAccessCheck), however, only uses parameters for bundles, but it would be useful to allow dynamic entity types too.

This came up in Experience Builder, 📌 Add access control for "code components" and "asset libraries", special case: instantiated code components must be accessible to *all* Active

Proposed resolution

Allow dynamic entity types in EntityCreateAccessCheck

Remaining tasks

User interface changes

Introduced terminology

API changes

Data model changes

Release notes snippet

✨ Feature request

Status

Active

Version

11.0 🔥

Component

entity system

Created by

🇪🇸Spain penyaskito Seville 💃, Spain 🇪🇸, UTC+2 🇪🇺

Live updates comments and jobs are added and updated live.

Comments & Activities

Issue created by @penyaskito
Comment 5 days ago →
🇧🇪Belgium wim leers Ghent 🇧🇪🇪🇺
Comment 5 days ago →
🇧🇪Belgium wim leers Ghent 🇧🇪🇪🇺
It seems we did this in the original _entity_access issue: #1947432: Add a generic EntityAccessCheck to replace entity_page_access() → .

Why did we not do it for the "create" variant? 🤔

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024