Entries not showing when a user has only the `View {Collection} entries` permission for a collection with multiple blueprints

[321zeno]

Bug description

I created a collection with multiple blueprints and a role with only the permission to View Foo Entries. When the user logs in they get an error message and the Collection entries are not visible in the collections "entries" screen or the widget on the dashboard. If I grant "Configure Collections" permissions then all entries are displayed but this gives them access to functionality that might break the frontend of the website.

How to reproduce

• created a collection foo with multiple blueprints
• created a role with only the permission to View Foo Entries
• when the user logs in they get an error message Blueprint []

Logs

[2024-10-31 12:18:04] local.ERROR: Blueprint [] not found {"userId":6,"exception":"[object] (Statamic\\Exceptions\\BlueprintNotFoundException(code: 0): Blueprint [] not found at /var/www/vendor/statamic/cms/src/Entries/Entry.php:170)
[stacktrace]
#0 /var/www/vendor/statamic/cms/src/Support/FluentGetterSetter.php(109): Statamic\\Entries\\Entry->Statamic\\Entries\\{closure}()
#1 /var/www/vendor/statamic/cms/src/Support/FluentGetterSetter.php(91): Statamic\\Support\\FluentGetterSetter->runGetterLogic()
#2 /var/www/vendor/statamic/cms/src/Entries/Entry.php(184): Statamic\\Support\\FluentGetterSetter->args()
#3 /var/www/vendor/statamic/cms/src/Policies/EntryPolicy.php(110): Statamic\\Entries\\Entry->blueprint()
#4 /var/www/vendor/statamic/cms/src/Policies/EntryPolicy.php(45): Statamic\\Policies\\EntryPolicy->hasAnotherAuthor()
#5 /var/www/vendor/statamic/cms/src/Policies/EntryPolicy.php(33): Statamic\\Policies\\EntryPolicy->edit()
#6 /var/www/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(816): Statamic\\Policies\\EntryPolicy->view()
#7 /var/www/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(769): Illuminate\\Auth\\Access\\Gate->callPolicyMethod()
#8 /var/www/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(553): Illuminate\\Auth\\Access\\Gate->Illuminate\\Auth\\Access\\{closure}()
#9 /var/www/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(448): Illuminate\\Auth\\Access\\Gate->callAuthCallback()
#10 /var/www/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(411): Illuminate\\Auth\\Access\\Gate->raw()
#11 /var/www/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(357): Illuminate\\Auth\\Access\\Gate->inspect()
#12 /var/www/vendor/laravel/framework/src/Illuminate/Collections/Traits/EnumeratesValues.php(294): Illuminate\\Auth\\Access\\Gate->Illuminate\\Auth\\Access\\{closure}()
#13 /var/www/vendor/laravel/framework/src/Illuminate/Auth/Access/Gate.php(356): Illuminate\\Support\\Collection->every()
#14 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Auth/Access/Authorizable.php(18): Illuminate\\Auth\\Access\\Gate->check()
#15 /var/www/vendor/statamic/cms/src/Http/Resources/CP/Entries/ListedEntry.php(47): Statamic\\Auth\\User->can()
#16 /var/www/vendor/laravel/framework/src/Illuminate/Http/Resources/Json/JsonResource.php(108): Statamic\\Http\\Resources\\CP\\Entries\\ListedEntry->toArray()
#17 /var/www/vendor/laravel/framework/src/Illuminate/Http/Resources/Json/JsonResource.php(255): Illuminate\\Http\\Resources\\Json\\JsonResource->resolve()
#18 [internal function]: Illuminate\\Http\\Resources\\Json\\JsonResource->jsonSerialize()
#19 /var/www/vendor/laravel/framework/src/Illuminate/Http/JsonResponse.php(86): json_encode()
#20 /var/www/vendor/symfony/http-foundation/JsonResponse.php(49): Illuminate\\Http\\JsonResponse->setData()
#21 /var/www/vendor/laravel/framework/src/Illuminate/Http/JsonResponse.php(32): Symfony\\Component\\HttpFoundation\\JsonResponse->__construct()
#22 /var/www/vendor/laravel/framework/src/Illuminate/Routing/ResponseFactory.php(102): Illuminate\\Http\\JsonResponse->__construct()
#23 /var/www/vendor/laravel/framework/src/Illuminate/Http/Resources/Json/PaginatedResourceResponse.php(17): Illuminate\\Routing\\ResponseFactory->json()
#24 /var/www/vendor/laravel/framework/src/Illuminate/Http/Resources/Json/ResourceCollection.php(134): Illuminate\\Http\\Resources\\Json\\PaginatedResourceResponse->toResponse()
#25 /var/www/vendor/laravel/framework/src/Illuminate/Http/Resources/Json/ResourceCollection.php(114): Illuminate\\Http\\Resources\\Json\\ResourceCollection->preparePaginatedResponse()
#26 /var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(902): Illuminate\\Http\\Resources\\Json\\ResourceCollection->toResponse()
#27 /var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(887): Illuminate\\Routing\\Router::toResponse()
#28 /var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(807): Illuminate\\Routing\\Router->prepareResponse()
#29 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(144): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}()
#30 /var/www/vendor/statamic/cms/src/Http/Middleware/DeleteTemporaryFileUploads.php(18): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#31 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\DeleteTemporaryFileUploads->handle()
#32 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/AddVaryHeaderToResponse.php(11): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#33 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\AddVaryHeaderToResponse->handle()
#34 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/CountUsers.php(18): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#35 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\CountUsers->handle()
#36 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/BootUtilities.php(14): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#37 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\BootUtilities->handle()
#38 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/BootPreferences.php(14): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#39 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\BootPreferences->handle()
#40 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/BootPermissions.php(14): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#41 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\BootPermissions->handle()
#42 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/SelectedSite.php(15): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#43 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\SelectedSite->handle()
#44 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/Localize.php(19): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#45 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\Localize->handle()
#46 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/Authorize.php(25): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#47 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\Authorize->handle()
#48 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#49 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#50 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/AddToasts.php(22): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#51 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\AddToasts->handle()
#52 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/AuthGuard.php(14): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#53 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\AuthGuard->handle()
#54 /var/www/vendor/statamic/cms/src/Http/Middleware/CP/ContactOutpost.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#55 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CP\\ContactOutpost->handle()
#56 /var/www/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(51): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#57 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Routing\\Middleware\\SubstituteBindings->handle()
#58 /var/www/vendor/laravel/framework/src/Illuminate/Session/Middleware/AuthenticateSession.php(48): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#59 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Session\\Middleware\\AuthenticateSession->handle()
#60 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(88): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#61 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Foundation\\Http\\Middleware\\VerifyCsrfToken->handle()
#62 /var/www/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#63 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\View\\Middleware\\ShareErrorsFromSession->handle()
#64 /var/www/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(121): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#65 /var/www/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): Illuminate\\Session\\Middleware\\StartSession->handleStatefulRequest()
#66 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Session\\Middleware\\StartSession->handle()
#67 /var/www/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#68 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse->handle()
#69 /var/www/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(75): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#70 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Cookie\\Middleware\\EncryptCookies->handle()
#71 /var/www/vendor/statamic/cms/src/Http/Middleware/SwapExceptionHandler.php(19): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#72 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\SwapExceptionHandler->handle()
#73 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(119): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#74 /var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(807): Illuminate\\Pipeline\\Pipeline->then()
#75 /var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(786): Illuminate\\Routing\\Router->runRouteWithinStack()
#76 /var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(750): Illuminate\\Routing\\Router->runRoute()
#77 /var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php(739): Illuminate\\Routing\\Router->dispatchToRoute()
#78 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(201): Illuminate\\Routing\\Router->dispatch()
#79 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(144): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}()
#80 /var/www/vendor/statamic/cms/src/Http/Middleware/StopImpersonating.php(12): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#81 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\StopImpersonating->handle()
#82 /var/www/vendor/statamic/cms/src/Http/Middleware/DisableFloc.php(17): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#83 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\DisableFloc->handle()
#84 /var/www/vendor/statamic/cms/src/Http/Middleware/CheckMultisite.php(15): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#85 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CheckMultisite->handle()
#86 /var/www/vendor/statamic/cms/src/Http/Middleware/CheckComposerJsonScripts.php(14): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#87 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\CheckComposerJsonScripts->handle()
#88 /var/www/vendor/statamic/cms/src/Http/Middleware/PoweredByHeader.php(18): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#89 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Statamic\\Http\\Middleware\\PoweredByHeader->handle()
#90 /var/www/vendor/barryvdh/laravel-debugbar/src/Middleware/InjectDebugbar.php(66): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#91 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Barryvdh\\Debugbar\\Middleware\\InjectDebugbar->handle()
#92 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#93 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ConvertEmptyStringsToNull.php(31): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#94 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Foundation\\Http\\Middleware\\ConvertEmptyStringsToNull->handle()
#95 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(47): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#96 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Foundation\\Http\\Middleware\\TrimStrings->handle()
#97 /var/www/vendor/laravel/framework/src/Illuminate/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#98 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Http\\Middleware\\ValidatePostSize->handle()
#99 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(110): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#100 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Foundation\\Http\\Middleware\\PreventRequestsDuringMaintenance->handle()
#101 /var/www/vendor/laravel/framework/src/Illuminate/Http/Middleware/HandleCors.php(49): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#102 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Http\\Middleware\\HandleCors->handle()
#103 /var/www/vendor/laravel/framework/src/Illuminate/Http/Middleware/TrustProxies.php(58): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#104 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Http\\Middleware\\TrustProxies->handle()
#105 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/InvokeDeferredCallbacks.php(22): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#106 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Foundation\\Http\\Middleware\\InvokeDeferredCallbacks->handle()
#107 /var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(119): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#108 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\\Pipeline\\Pipeline->then()
#109 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(145): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter()
#110 /var/www/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(1188): Illuminate\\Foundation\\Http\\Kernel->handle()
#111 /var/www/public/index.php(19): Illuminate\\Foundation\\Application->handleRequest()
#112 {main}
"}

Environment

Environment
Application Name: Statamic
Laravel Version: 11.26.0
PHP Version: 8.3.12
Composer Version: 2.2.6
Environment: local
Debug Mode: ENABLED
URL: headless-cms.local
Maintenance Mode: OFF
Timezone: UTC
Locale: en

Cache
Config: NOT CACHED
Events: NOT CACHED
Routes: NOT CACHED
Views: CACHED

Drivers
Broadcasting: log
Cache: file
Database: mysql
Logs: stack / daily
Mail: log
Queue: redis
Session: file

Statamic
Addons: 3
Sites: 1
Stache Watcher: Enabled
Static Caching: Disabled
Version: 5.28.0 PRO

Statamic Addons
statamic-rad-pack/runway: 7.10.1
statamic/eloquent-driver: 4.15.0
visuellverstehen/statamic-anchor-navigation: 1.0.0

Statamic Eloquent Driver
Asset Containers: file
Assets: file
Blueprints: file
Collection Trees: eloquent
Collections: eloquent
Entries: eloquent
Forms: file
Global Sets: eloquent
Global Variables: eloquent
Navigation Trees: eloquent
Navigations: eloquent
Revisions: file
Sites: file
Taxonomies: file
Terms: eloquent
Tokens: file

Installation

Fresh statamic/statamic site via CLI

Additional details

No response

[duncanmcclean]

When you view the collection as a super user, do you get the same error?

I'm unable to reproduce the issue by merely following the steps you provided. I'm wondering if you might have an entry in that collection without/referencing an old blueprint. 🤔

[321zeno]

Thanks for checking @duncanmcclean

I'm wondering if you might have an entry in that collection without/referencing an old blueprint. 🤔

I do have a blueprint that's hidden for that collection, if I can recall correctly

I'll try to recreate it from scratch in a new repo and share it here.