Issue #3421025 by partdigital: Add support for more entity types.

src/AccessPolicyInformation.php

@@ -169,15 +169,32 @@ class AccessPolicyInformation {
    */
   public function isSupportedEntityType(EntityTypeInterface $entity_type) {
     $supports_bundles = $entity_type->getBundleEntityType();
-    $has_canonical_route = $entity_type->hasLinkTemplate('canonical');
-    $is_revisionable = $entity_type->isRevisionable();
+    $has_view_builder = ($entity_type->get('field_ui_base_route') && $entity_type->hasViewBuilderClass());
     $id_valid = $this->isIdKeyValid($entity_type);
-    if ($entity_type instanceof ContentEntityTypeInterface && !$entity_type->isInternal() && $supports_bundles && $has_canonical_route && $is_revisionable && $id_valid || $this->isParagraph($entity_type)) {
+    if ($entity_type instanceof ContentEntityTypeInterface && !$entity_type->isInternal() && $supports_bundles && $has_view_builder && $id_valid && !$this->isExcluded($entity_type)) {
       return TRUE;
     }
     return FALSE;
   }
 
+  /**
+   * Exclude certain core entity types.
+   *
+   * @param \Drupal\Core\Entity\EntityTypeInterface $entity_type
+   *   The current entity type.
+   *
+   * @return bool
+   *   TRUE if the entity type is supported; FALSE otherwise.
+   */
+  private function isExcluded(EntityTypeInterface $entity_type) {
+    // The comment entity does not yet support proper access control. There is
+    // ongoing work to get it supported. Once that lands this will be removed.
+    // @see https://www.drupal.org/project/drupal/issues/2879087
+    $excluded = ['comment'];
+
+    return in_array($entity_type->id(), $excluded);
+  }
+
   /**
    * Determine whether the entity id key is valid.
    *
@@ -196,21 +213,6 @@ class AccessPolicyInformation {
     return (substr_count($entity_type->getKey('id'), 'id') > 0);
   }
 
-  /**
-   * Determine whether the entity type is a paragraph.
-   *
-   * Paragraphs do not have a canonical route, yet they are useful enough to
-   * make an exception. We don't want to open it up too much however as there
-   * are some contrib modules that may use content entities for purposes that
-   * aren't applicable to Access Policy. Crop for example.
-   *
-   * @return bool
-   *   TRUE if the entity type is a paragraph; FALSE otherwise.
-   */
-  private function isParagraph(EntityTypeInterface $entity_type) {
-    return $entity_type->id() == 'paragraph';
-  }
-
   /**
    * Reset the static cache.
    */

src/EntityTypeInfo.php

@@ -66,7 +66,7 @@ class EntityTypeInfo implements ContainerInjectionInterface {
       ->setCardinality(BaseFieldDefinition::CARDINALITY_UNLIMITED)
       ->setDescription($this->t('The access policy assigned to this entity.'))
       ->setSetting('target_type', 'access_policy')
-      ->setRevisionable(TRUE)
+      ->setRevisionable($entity_type->isRevisionable())
       ->setTranslatable(FALSE)
       ->addConstraint('ValidAccessPolicyReference');
 

src/Form/EntityTypeSettingsForm.php

@@ -325,7 +325,7 @@ class EntityTypeSettingsForm extends DraggableListBuilder implements FormInterfa
 
     $this->selectionStrategy->submitSettingsForm($form, $form_state);
     $settings = $this->selectionStrategy->getSettings();
-    $this->setSetting('selection_strategy', $this->selectionStrategy->getPluginId());
+    $this->setSetting('selection_strategy', $form_state->getValue('selection_strategy'));
     $this->setSetting('selection_strategy_settings', $settings);
     $this->saveSettings();
 

src/Plugin/access_policy/SelectionStrategy/ManualSelection.php

@@ -45,7 +45,26 @@ class ManualSelection extends SelectionStrategyBase {
    * {@inheritdoc}
    */
   public static function isApplicable(EntityTypeInterface $entity_type) {
-    return $entity_type->hasLinkTemplate('canonical');
+    $path = $entity_type->getLinkTemplate('canonical');
+    if (empty($path)) {
+      return FALSE;
+    }
+
+    // Confirm that the corresponding route has a local task associated with it.
+    /** @var \Symfony\Component\Routing\RouteCollection $route_collection */
+    $route_collection = \Drupal::service('router.route_provider')->getRoutesByPattern($path);
+    foreach ($route_collection->all() as $name => $route) {
+      $local_tasks = \Drupal::service('plugin.manager.menu.local_task')->getLocalTasksForRoute($name);
+      if (!empty($local_tasks[0])) {
+        /** @var \Drupal\Core\Menu\LocalTaskInterface $task */
+        foreach ($local_tasks[0] as $task) {
+          if ($task->getRouteName() == $name) {
+            return TRUE;
+          }
+        }
+      }
+    }
+    return FALSE;
   }
 
   /**

tests/src/Functional/AccessPolicyCreationTest.php

@@ -25,6 +25,8 @@ class AccessPolicyCreationTest extends AccessPolicyTestBase {
     'taxonomy',
     'filter',
     'node',
+    'block_content',
+    'comment',
     'datetime',
     'options',
   ];
@@ -57,6 +59,11 @@ class AccessPolicyCreationTest extends AccessPolicyTestBase {
 
     $this->drupalGet('admin/people/access-policies/add');
 
+    $this->assertSession()->optionExists('target_entity_type_id', 'node');
+    $this->assertSession()->optionExists('target_entity_type_id', 'taxonomy_term');
+    $this->assertSession()->optionExists('target_entity_type_id', 'block_content');
+    $this->assertSession()->optionNotExists('target_entity_type_id', 'comment');
+
     $edit = [
       'label' => 'Foo',
       'id' => 'foo',

tests/src/Functional/AccessPolicySettingsFormTest.php

+<?php
+
+namespace Drupal\Tests\access_policy\Functional;
+
+use Drupal\access_policy\Entity\AccessPolicy;
+
+/**
+ * Tests updating the entity type settings.
+ *
+ * @group access_policy
+ */
+class AccessPolicySettingsFormTest extends AccessPolicyTestBase {
+
+  /**
+   * Modules to enable.
+   *
+   * @var array
+   */
+  protected static $modules = [
+    'access_policy',
+    'access_policy_test',
+    'filter',
+    'node',
+    'datetime',
+    'options',
+  ];
+
+  /**
+   * {@inheritdoc}
+   */
+  protected $defaultTheme = 'stark';
+
+  /**
+   * Tests updating the entity type settings form.
+   */
+  public function testEntityTypeSettingsForm() {
+    $policy = AccessPolicy::create([
+      'id' => 'basic_policy',
+      'label' => 'Basic policy',
+      'target_entity_type_id' => 'node',
+      'weight' => -10,
+    ]);
+    $policy->save();
+
+    $rid = $this->drupalCreateRole([
+      'access administration pages',
+      'administer access policy entities',
+    ]);
+    $web_user = $this->drupalCreateUser();
+    $web_user->addRole($rid);
+    $web_user->save();
+
+    $this->drupalLogin($web_user);
+
+    $this->drupalGet('admin/people/access-policies/node/settings');
+    $this->assertSession()->statusCodeEquals(200);
+
+    $this->assertSession()->pageTextContains('Basic policy');
+
+    $this->assertSession()->elementExists('css', "[name='selection_strategy'][value='dynamic']");
+    $this->assertSession()->elementExists('css', "[name='selection_strategy'][value='manual']");
+    $this->assertSession()->fieldValueEquals('selection_strategy', 'dynamic');
+
+    $edit = [
+      'selection_strategy' => 'manual',
+    ];
+    $this->submitForm($edit, 'Save');
+
+    $this->clickLink('Content settings');
+    $this->assertSession()->fieldValueEquals('selection_strategy', 'manual');
+
+    $this->clickLink('Add selection set');
+    $this->assertSession()->statusCodeEquals(200);
+    $edit = [
+      'label' => 'Foo bar',
+      'id' => 'foo_bar',
+    ];
+    $this->submitForm($edit, 'Save');
+    $this->drupalGet('admin/people/access-policies/node/settings');
+    $this->assertSession()->pageTextContains('Foo bar');
+
+    $this->drupalGet('admin/people/access-policies/node/settings/set/foo_bar/delete');
+    $this->assertSession()->statusCodeEquals(200);
+    $this->submitForm([], 'Delete');
+    $this->drupalGet('admin/people/access-policies/node/settings');
+    $this->assertSession()->pageTextNotContains('Foo bar');
+
+  }
+
+}