Exception when trying to fetch an asset with an asset collection with an inaccessible parent

[lorenzulrich]

Steps to Reproduce

1. Make sure nested asset collections work:

Neos:
  Neos:
    Ui:
      frontendConfiguration:
        Flowpack.Media.Ui:
          # Only allow a single asset collection selection per asset to treat collection like folders
          limitToSingleAssetCollectionPerAsset: true

2. Create an Asset Collection on Root level, e.g. "Planets"
3. Create an Asset Collection "Earth" as a child of "Planets"
4. Place an asset in it.
5. Now, create a Policy to protect the asset collection "Planets" and the assets of collection "Planets".

[...]
  'Neos\Media\Security\Authorization\Privilege\ReadAssetPrivilege':
    'FoobarCom.Site.Corporate:Assets':
      matcher: 'isInCollection("Planets")'
  'Neos\Media\Security\Authorization\Privilege\ReadAssetCollectionPrivilege':
    'FoobarCom.Site.Corporate:AssetCollection':
      matcher: 'isTitled("Planets")'

6. Visit the Media UI with a user not having access to collection "Planets".

Expected behavior vs. actual behaviour

As you can see in the steps to reproduce, the Asset in collection "Earth" is not restricted because there is no Policy on it. However, the parent collection of "Earth" - "Planets" - is restricted and therefore the Entity won't be found. This leads to the following error:

I'm not sure what the expected behaviour could be. We could either argue that the Asset should not be displayed at all because a part of it - it's Asset Collection's parent, is not accessible.

Affected Versions

Neos: 8.3 Media Module: 1.0

[lorenzulrich]

When the patch for https://github.com/Flowpack/media-ui/issues/232 is applied, this is not really supposed to happen anymore.