Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I'm trying to filter on product variations in my JSON:API request, which doesn't return data. It's possible that the JSON:API access hook needs to be implemented for variations, because variations use an access handler that doesn't leverage Entity API.
Comment | File | Size | Author |
---|---|---|---|
#34 | 3128322-2.20.patch | 20.16 KB | jsacksick |
#26 | 3128322-26.patch | 20.08 KB | mglaman |
| |||
#25 | 3128322-25.patch | 21.8 KB | mglaman |
| |||
#23 | 3128322-23.patch | 21.41 KB | mglaman |
#21 | 3128322-21-test-only.patch | 17.18 KB | mglaman |
Issue fork commerce-3128322
Show commands
Start within a Git clone of the project using the version control instructions.
Or, if you do not have SSH keys set up on git.drupalcode.org:
- 3128322-test-only compare
- 3128322-fix-jsonapi-filtering changes, plain diff MR !1
Comments
Comment #2
mglamanEntity API received a fix that solves JSON:API's custom entity access for all entity types extending the Entity API access control.
Variations do not use this access control, because we solve their access as an embedded entity. See https://git.drupalcode.org/project/commerce/-/blob/8.x-2.x/modules/produ...
The hook is hook_jsonapi_entity_filter_access.
The Entity API issue was [##3021930]
Comment #3
mglamanWorking on this
Comment #5
mglamanNeeds tests. But with manual testing this fixes it. Maybe we can cherry-pick into Commerce API as well.
Comment #6
mglamanActually, this has a bigger impact. It also fixes the results returned on the variations relationship for a product. Currently inactive variations are returned, and this fixes it to exclude inactive variations.Comment #7
mglamanWrong issue for this comment
Comment #8
mglamanHere is a test only patch.
Comment #9
mglamanLinking related core issues uncovered during this issue.
Comment #11
mglamanAdds number comparator.
Comment #12
mglamanThis will pass because we don't test the filtered collection. It is not out of the box so we need to copy \Drupal\Tests\jsonapi\Functional\NodeTest::testCollectionFilterAccess
Comment #14
mglamanTurns out Drupal\commerce_price\Comparator\NumberComparator will not help us here. the ResourceTestbase uses assertSame which doesn't load any of the registered Comparator and just uses IsIdentical
Comment #15
mglamanChanged $4.00 to $4.15 to avoid 0 precision differences.
Comment #17
mglamanThat didn't work. Overriding assertSameDocument to use assertEquals
Comment #18
mglamanComment #20
mglamanThis is also, apparently, automatically fixed by Entity 1.1 which adds a generic query access handler to all entities.
Comment #21
mglamanOkay, the changes in entity:1.1 are what prevented this from failing and showing we need #5.
Comment #23
mglamanOkay, this fixes usages of
$this->resourceType
from ResourceTestBase (hacked core locally, forgot to override in test.)This also tries to add a normalizer for price.number when testing with MySQL.
Comment #25
mglamanAnother attempt at a test normalization due to #3163853: ResourceTestBase should use assertEquals over assertSame when comparing data.
This comment is incorrect, it runs before the primitive normalizer.
Should we comment that this is needed since we do not have a query_access handler?
Somehow the JSON:API testing had deleted the variation and the product was stale and no longer had a valid reference.
Fixes cache expectations from JSON:API. Which means we maybe had a bug and it could go into its own issue.
I wonder if the generic query_access handler is actually causing more problems than just in this test.
missing empty line
Comment is wrong. We might be able to remove this, now, that we have the normalizer.
Comment #26
mglamanAddressed my self review. We were able to drop that test method override due to the price normalizer.
Comment #27
mglamanComment #29
mglamanCrediting @jsacksick for rubber ducking over Slack
Comment #31
mglamanCommitted!
Comment #32
mglamanWrong status.
Comment #34
jsacksick CreditAttribution: jsacksick at Centarro commentedAttaching a patch that applies to 2.20