Replace node_access_strict so it works with all entity types

[pfrenssen]

In our project we have a 'site moderator' role which can create, edit and delete any group content regardless whether they are a member of the group or not.

It would be ideal to use the node_access_strict option for this, but our group content does not only consist of nodes, we are using different entity types.

Can we change node_access_strict to something like strict_access and don't restrict it to nodes only?

[idimopoulos]

Just as a primal thought, since we are handling users in a special way in OG, maybe this option should still exclude users (if they are group content?).

[idimopoulos]

I have done a little testing on this. It seems to work fine for update/delete operations if we do the following

--- a/og.module +++ b/og.module @@ -132,7 +132,7 @@ function og_entity_access(EntityInterface $entity, $operation, AccountInterface return $access; }

• if ($entity_type_id == 'node') {

• if ($entity_type_id != 'user') { $node_access_strict = \Drupal::config('og.settings')->get('node_access_strict');

  // Otherwise, ignore or deny based on whether strict node access is set.

but the create is a bit more tricky as the hooks are called after the access handlers and there is no clue on what is the status till then. Still, even with this, in our project, we have created some forms so that the user does not create the bundle test through 'node/add/test' but through '//test/add' and we are providing custom access. In this access we have to exclusively also check for the node_access_strict because it does not go through the hooking system. This is why I think it is better that this issue is implemented along with https://github.com/amitaibu/og/issues/272