Open pfrenssen opened 8 years ago
pfrenssen
commented
8 years ago I researched this today and this doesn't seem to be possible in core today. Our best bet will be to use the Entity Operations module once it is ported to Drupal 8.
For more information, see https://www.drupal.org/node/2744683#comment-11274521
amitaibu
commented
8 years ago Not a big fan of a hard dependency. So we could add permissions for core entities, and only if that module exists leverage it. Sounds right? On Jun 8, 2016 7:05 PM, "Pieter Frenssen" notifications@github.com wrote:
I researched this today and this doesn't seem to be possible in core today. Our best bet will be to use the Entity Operations module once it is ported to Drupal 8.
For more information, see https://www.drupal.org/node/2744683#comment-11274521
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/amitaibu/og/issues/222#issuecomment-224639851, or mute the thread https://github.com/notifications/unsubscribe/AAHrC_zKOwkJ1_3Uq-L9KTZ5fqD0eEQzks5qJuhHgaJpZM4IvvaU .
pfrenssen
commented
8 years ago Yes that sounds like a good plan. For the moment I am going to put an alter hook in, so any module can supply support for their own entity operations. My immediate need for this is the OG Menu module, which has a special 'add menu item' operation.
pfrenssen
commented
8 years ago Note that this is a long term plan, this issue is not actionable today. It can only be worked on as soon as support for formalized access control on entity operations is added to Drupal core, or provided by a contrib module such as Entity Operations.
MPParsley
commented
2 years ago Drupal core 9.3 now provides a generic access API for node and media revisions. See https://www.drupal.org/project/drupal/issues/3043321
We should add revision permissions, see #736.
Currently we only generate permissions for the standard CRUD operations 'create', 'update', 'view' and 'delete' in
PermissionManager::generateCrudPermissionList(). Modules can change the available operations for different entity types usinghook_entity_permission()andhook_entity_permission_alter(). This means that the full 4 CRUD operations might not be available, or new operations might be added at will.Some examples are the Content Translation module which adds a 'translate' operation, and the OG Menu module which adds an 'add link' operation.
We currently use the pattern of providing two permissions for each operation, depending on whether or not the user owns the entity which is being operated upon (e.g. 'delete all entities' vs 'delete own entities'). It would be good to continue this pattern for all operations for now, even though there are cases where this doesn't make sense.
We will also need to rename the existing permissions to accommodate the new flexibility. It will need to become something akin to
perform the $operation operation on $entity_type_id entities of type $bundle_id.Since these auto-generated permissions and their labels are quite wordy and not human-friendly it would also be great to provide an alter hook so the automatically generated permissions can be tweaked, and perhaps even a 'provider hook' so modules can opt to provide their own set of permissions instead of the auto generated ones.