Contrib.social

check for update_free_access is done twice

Open on Drupal.org โ†’
Created on 26 June 2025, 22 days ago

Problem/Motivation

UpdateKernel does this:

    if (!Settings::get('update_free_access', FALSE) && !$db_update_access->access($account)->isAllowed()) {

and then DbUpdateAccessCheck does this:

    if (Settings::get('update_free_access')) {
      return AccessResult::allowed()->setCacheMaxAge(0);
    }

Steps to reproduce

Proposed resolution

Decide which one is responsible.
Document it.
Remove the check from the other one.

Remaining tasks

User interface changes

Introduced terminology

API changes

Data model changes

Release notes snippet

๐Ÿ“Œ Task
Status

Active

Version

11.0 ๐Ÿ”ฅ

Component

base system

Created by

๐Ÿ‡ฌ๐Ÿ‡งUnited Kingdom joachim

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Merge Requests

Comments & Activities

  • Issue created by @joachim
  • First commit to issue fork.
  • Merge request !12499Update 2 files โ†’ (Open) created by immaculatexavier
  • Comment 22 days ago โ†’
    ๐Ÿ‡ฎ๐Ÿ‡ณIndia immaculatexavier
    • Removed redundant check for Settings::get('update_free_access') from UpdateKernel::handleAccess(), since this logic is already handled in DbUpdateAccessCheck::access().
    • Centralized access control logic for update.php in DbUpdateAccessCheck to follow the single-responsibility principle.
    • Updated the docblock in DbUpdateAccessCheck::access() to clearly docu

    ment that it is now the sole authority for handling update_free_access and permission-based access decisions.

    This cleanup avoids duplication, improves maintainability, and makes access logic more predictable.

  • Pipeline finished with Success
    22 days ago
    Total: 567s
    #532028
  • Comment 22 days ago โ†’
    ๐Ÿ‡บ๐Ÿ‡ธUnited States smustgrave

    How was it determined this was the one to be removed? Summary should mention.

  • Comment 22 days ago โ†’
    ๐Ÿ‡บ๐Ÿ‡ธUnited States xjm

    Since this is also changing the behavior of this access checker, I'd also expect to see documentation of research into any other uses/callers.

  • Comment 22 days ago โ†’
    ๐Ÿ‡บ๐Ÿ‡ธUnited States xjm
  • Comment 22 days ago โ†’
    ๐Ÿ‡ฌ๐Ÿ‡งUnited Kingdom joachim

    > The added documentation is very wordy and duplicates the code in prose without adding information, unfortunately. It does not really add value.

    Yes, I wondered whether it was AI-generated too. Please don't do that.

  • Comment 10 days ago โ†’
    ๐Ÿ‡ฎ๐Ÿ‡ณIndia divyansh.gupta Jaipur

    Since there is no reply from @immaculatexavier from long time,
    I am working on it!!

  • Comment 10 days ago โ†’
    ๐Ÿ‡ฎ๐Ÿ‡ณIndia divyansh.gupta Jaipur
  • Comment 10 days ago โ†’
    ๐Ÿ‡ฎ๐Ÿ‡ณIndia divyansh.gupta Jaipur

    Iโ€™ve updated the issue summary to reflect the decision to keep the update_free_access check in DbUpdateAccessCheck::access(), since thatโ€™s the dedicated access checker for the update routes. It makes sense for that logic to live there, rather than duplicating it in UpdateKernel::handleAccess().

    I also added a docblock to explain how the access check works now. Please review and let me know if anything needs to be adjusted further.

  • Pipeline finished with Canceled
    10 days ago
    Total: 119s
    #541750
  • Pipeline finished with Success
    10 days ago
    Total: 443s
    #541754
  • Comment 10 days ago โ†’
    ๐Ÿ‡บ๐Ÿ‡ธUnited States smustgrave

    Re-iterating #7

    Also, just as a reminder, our policy requires documenting whenever AI is used to help craft code or documentation.
contrib.social Blog FAQ Discussions
Production build 0.71.5 2024