Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Limited permissions for custom content entities, no bundle perms #3498

Closed
betz opened this issue Aug 24, 2017 · 16 comments

Comments

@betz
Copy link

commented Aug 24, 2017

Issue title

[standard] Limited permissions for custom content entities

Problem/Motivation

When creating a custom content entity, the permission are limited to the whole entity.
It would be nice if we could have a permission that limits on bundle.
Like 'Create new bundlexyz entity'

@jmolivas

This comment has been minimized.

Copy link
Member

commented Aug 24, 2017

@betz Any link to the docs or a code snippet we can use to implement

@betz

This comment has been minimized.

Copy link
Author

commented Aug 24, 2017

well, i just created a custom content entity called 'Booking' console.
on the permissions page i find:

  • Create new Booking entities
  • Delete Booking entities
  • Delete all revisions
  • Edit Booking entities
  • Revert all Booking revisions
  • View all Booking revisions
  • View published Booking entities
  • View unpublished Booking entities

Nothing about a bundle, like node has.

  • Article: Create new content
  • Article: Delete any content
  • ...
@LOBsTerr

This comment has been minimized.

Copy link
Member

commented Feb 27, 2018

As far as I see node module provides this functionality - to have specific permissions per content type. Node module also handles it a custom way. I'm not sure we want to have such complex case in the content entity generation command

@enzolutions

This comment has been minimized.

Copy link
Contributor

commented Jul 16, 2019

I agree with @LOBsTerr closing this issue. feel free to request to reopen if you have a strong use case.

@clemens-tolboom

This comment has been minimized.

Copy link
Contributor

commented Aug 21, 2019

I'm trying to get permission_granularity = "bundle" for my custom entity. AFAIK there is no documentation on what is needed.

Core bundle permissions

modules/taxonomy/src/Entity/Term.php
68: * permission_granularity = "bundle",

modules/node/src/Entity/Node.php
72: * permission_granularity = "bundle",

modules/media/src/Entity/Media.php
71: * permission_granularity = "bundle",

Contrib bundle permissions

Not sure how to find those apart from google which did not help.

Unfortunately https://www.drupal.org/project/examples has entity_type.

So please reopen :-)

@clemens-tolboom

This comment has been minimized.

Copy link
Contributor

commented Aug 21, 2019

We need to copy ie core/modules/media/src/MediaAccessControlHandler.php

  • Add switch --permission_granularity [bundle|entity_type] to command chain for EntityContentGenerator
  • Adjust templates/module/src/accesscontrolhandler-entity-content.php.twig to generate fine grained permissions
  • Add permission_granularity to templates/module/src/Entity/entity-content.php.twig

Guess I missed some steps

@jmolivas

This comment has been minimized.

Copy link
Member

commented Aug 21, 2019

@clemens-tolboom

This comment has been minimized.

Copy link
Contributor

commented Aug 21, 2019

  • vendor/drupal/console/templates/module/src/Controller/entity-controller.php.twig has permissions too
@clemens-tolboom

This comment has been minimized.

Copy link
Contributor

commented Aug 21, 2019

  • Something similar to \Drupal\node\NodePermissions for when creating a new entityType it's permissions are made available too.
  • this is called from core/modules/node/node.permissions.yml:27 permission_callbacks

Quite some work :-p

@enzolutions enzolutions reopened this Aug 21, 2019

@clemens-tolboom clemens-tolboom referenced this issue Aug 22, 2019
10 of 10 tasks complete
@clemens-tolboom

This comment has been minimized.

Copy link
Contributor

commented Aug 22, 2019

I have now a WIP PR #4138 to indicate I'm working on it and get test results (if any).

@clemens-tolboom

This comment has been minimized.

Copy link
Contributor

commented Aug 22, 2019

Hmmm ... not sure why my second commit is not added to the PR #4138. Anyone?

Guess it was a hickup as my 3rd commit triggered the PR

@enzolutions

This comment has been minimized.

Copy link
Contributor

commented Aug 22, 2019

Let us know when is ready to test, we would like to include in Sep release 1.9.3

@clemens-tolboom

This comment has been minimized.

Copy link
Contributor

commented Aug 22, 2019

I'll do my best. 3 tasks to check in #4138 :-)

@clemens-tolboom

This comment has been minimized.

Copy link
Contributor

commented Aug 24, 2019

I removed WIP from #4138 as it looks OK to me. It does contain PR #4139

@clemens-tolboom

This comment has been minimized.

Copy link
Contributor

commented Aug 28, 2019

@enzolutions please review my PR #4138 :)

@enzolutions

This comment has been minimized.

Copy link
Contributor

commented Aug 28, 2019

Thanks, @clemens-tolboom we will check in a week-ish

@enzolutions enzolutions closed this Sep 6, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.