Contrib.social

add (optional?) access for core entity types which need it

Open on Drupal.org →
Created on 18 June 2025, 6 days ago

Problem/Motivation

A number of entity types cause problems with pulling because they need administrator access to be viewed in JSONAPI:

- path_alias
- menu_link_content
- redirect (there's a patch for this in the Redirect module though)

This is because the entity types don't have a 'view' permission, and their entity access handler grants the view access based on the admin permissions.

It's not ideal to have to grant an admin permission to the entity share pull user on the Entity Share server, as its access credentials are stored on the Entity Share client.

Steps to reproduce

Proposed resolution

I created this module for path_alias view access ( https://www.drupal.org/project/path_alias_view_access ) when I thought this was just a one-off. But now that I find we have more entity types that need this, I am wondering whether this is something we should provide inside Entity Share.

I'm thinking something like a config page where you can ticky boxes provide a 'view' permission for various entity types.

Not sure which entity types we'd offer. Either:

a. Hardcode the list
b. List the entity types & bundles that have channels defined, with a filter for the ones which already have view access (though not easy to do that automatically, as there's no standard pattern for entity type permission names)

We could do a checkbox on the channel edit page instead, but then there's the risk of contradictory settings, if two channels are for the same entity type and bundle, but only one has the permission enabled.

Remaining tasks

User interface changes

API changes

Data model changes

Feature request
Status

Active

Version

4.0

Component

Entity Share Server

Created by

🇬🇧United Kingdom joachim

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @joachim
  • Comment 6 days ago
    🇫🇷France Grimreaper France 🇫🇷

    Hi,

    I am not in favor to adding such logic into Entity Share.

    I think Entity Share is already enough complicated and should remain only a JSON:API consumer, and alter it as less as possible.

    If it needs to alter JSON:API, it should be by relying on Core API or contrib modules like JSON:API Extras.

    I would prefer that such access check changes should be proposed into the different contrib modules or with a core issue/ another contrib modules for Core provided content entity types.

  • Comment 6 days ago
    🇬🇧United Kingdom joachim

    It wouldn't be especially complex, but I can see that it goes against the unix philosophy -- feasibly, there are other uses of granting view access to these entity types.

    It just feels a bit silly to make TWO contrib modules that do the same thing, one for path alias and one for menu link content!

    Closing as wontfix. Thanks for your input!

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024