Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
It would be nice if we had at least a small alter hook, or more something like hook_node_access().
Comment | File | Size | Author |
---|---|---|---|
#39 | eck-entity_access_alter-1969394-39.patch | 2.47 KB | ciss |
| |||
#37 | eck-entity_access_alter-1969394-37.patch | 4.95 KB | caschbre |
#18 | eck-eck_entity_access-1969394-18.patch | 2.35 KB | rattusrattus |
#17 | eck-eck_entity_access-1969394-17.patch | 2.37 KB | rattusrattus |
#10 | eck-eck_entity_access-1969394-9.patch | 2.4 KB | mihai_brb |
Comments
Comment #1
Dave ReidHere's the basic version of what I have. I would like to expand this more with proper hook_node_access() style hooks.
Comment #2
fmizzell CreditAttribution: fmizzell commented7.x-3.x has a completely revamped permissions system, that is 100% hook driven, so anyone can have a say on whether an action is allowed, or not, on an eck object. Reviews of that system would be greatly appreciated, and I am keeping people informed on the changes in this issue: #1374150: Better Permissions . After we write the update from 2.x permissions to 3.x, we can easily back port all the functionality.
Comment #3
mihai_brb CreditAttribution: mihai_brb commentedHi. Is there any chance we will have better perms in 2.x now?
Thanks
Comment #4
mihai_brb CreditAttribution: mihai_brb commentedHello,
I am implementing support for OG group/group content and I have the UI/processing functions ready but I am unable to alter the entity access.
I would need something like:
Is there any chance of updating the access function to allow other modules to hook in or do I have to patch the module locally?
Thanks,
Mihai
Comment #5
mihai_brb CreditAttribution: mihai_brb commentedActually, this will not work with drupal_alter as we are limited to 4 params, and the $entity_type_name will not be passed over.
Comment #6
mihai_brb CreditAttribution: mihai_brb commentedGetting back on this, I had to patch the access check in order to work with Organic Groups/permissions https://www.drupal.org/node/2133899
The way I altered the access:
Comment #7
mihai_brb CreditAttribution: mihai_brb commentedHere's a patch.
I've wrapped all variables in $context to fix the problem from comment #5.
Would you like to also call an access alter entity_type specific?
Comment #8
mihai_brb CreditAttribution: mihai_brb commentedComment #9
joachim CreditAttribution: joachim commentedIt would be a good idea to aim for something similar to existing entity modules -- see Profile2 for example. It would also be named hook_eck_entity_access() rather than being an alter hook -- again, see that module.
Lastly, any hooks need to be documented in the api.php file.
Comment #10
mihai_brb CreditAttribution: mihai_brb commented+ added hook_eck_entity_access
+ updated the api
Comment #11
fmizzell CreditAttribution: fmizzell commentedComment #12
mihai_brb CreditAttribution: mihai_brb commentedAny chance of someone testing this?
Thanks.
Comment #13
fmizzell CreditAttribution: fmizzell commentedAccess in eck is terribly messy. I believe the solution in 3.x is much cleaner, so I wonder if we should use this issue to backport the 3.x solution. I do not want to bring the separate permission implementation formulated in 3.x (I think I am going to make that a separate module) but just the cleaner and accessible eck_access() implementation.
Comment #14
adevms CreditAttribution: adevms commentedI've applied the patch at #10, created my own eck permissions with hook_permissions and used the hook_eck_entity_access defined in the patch. It's been working like a charm since.
Thanks
Comment #15
smazJust tested the patch in #10:
It works fine, thanks! I was able to implement a hook to grant & restrict access.
However, this does require the permission 'eck view [entity type] [bundle] entities' to be granted, or the eck__multiple_access_check() will always return false & override anything you set in the hook.
Whilst this is fine, it doesn't allow you to restrict access by default then grant access selectively - your hook would have to return FALSE to deny access, which wouldn't allow further hooks to grant access.
I think you could move the following:
To replace the final return false:
I'm not sure if that's suitable or any better though!
Comment #16
Birk CreditAttribution: Birk commentedI ran into the same problems as #15, and applying the changes suggested did the trick.
Comment #17
rattusrattus CreditAttribution: rattusrattus commentedDitto - here's a patch including smaz's alterations.
Comment #18
rattusrattus CreditAttribution: rattusrattus commentedPatch again without the debug
Comment #19
ciss CreditAttribution: ciss at yousign GmbH commentedReroll of #18.
Comment #20
tregismoreira CreditAttribution: tregismoreira commented#19 works great for me. Thanks a lot!
When it will be released?
Comment #21
tregismoreira CreditAttribution: tregismoreira commentedAdditionally we should check the access informations in the Views' links (edit and delete). Here's a patch including these checks.
Comment #22
tregismoreira CreditAttribution: tregismoreira commentedUpdated patch.
Comment #23
FiNeX CreditAttribution: FiNeX as a volunteer commentedHi, I'm using the latest patch (#22) with the edit/delete own entity from https://www.drupal.org/node/1374150 and it perfectly works (see https://www.drupal.org/node/1374150#comment-11681713)
Comment #24
djdevinWorks for me as well, tested the Views edit link as well.
It's a little strange though because I needed to grant a user "edit [type] entities" as well as implement the entity access hook. Is that by design?
Edit: Granting access to edit an entity works on the form, but not views.
Comment #25
djdevinUpdated patch so that the Views links (edit/delete) use the same access check as the form.
Comment #26
darol100 CreditAttribution: darol100 as a volunteer and commented@djdevin, Quick review for #25
We should remove all these lines from the patch and we need to end with new line at end of the file.
Comment #27
darol100 CreditAttribution: darol100 as a volunteer and commented#25 Works fine, meaning that there is a access control hook. However, the hook execute multiple times in my entity. I am not sure if something related to my entity configuration or is the patch.
I have not test this out on a clear ECK environment.
Comment #28
caschbre CreditAttribution: caschbre commentedAttached is an updated patch. #25 wasn't applying cleanly to the latest dev. It also removes the "No new line..." stuff.
Comment #29
darol100 CreditAttribution: darol100 as a volunteer and commented@caschbre This should be in "Needs Review" ?
Comment #30
caschbre CreditAttribution: caschbre commentedYep, missed that. Thanks @darol100.
Comment #37
caschbre CreditAttribution: caschbre as a volunteer commentedAttached is an updated patch for the latest 7.x-2.x-dev branch. I've been using this in production on several sites for the past year.
Comment #38
handkerchiefComment #39
ciss CreditAttribution: ciss at yousign GmbH commentedAccess checks in the views handlers have been added in #2449619: Views link handler access control. This is a reroll of #37 against 7.x-2.x HEAD with the handler changes removed.
Comment #40
DamienMcKenna