Skip to content
Snippets Groups Projects

Issue #3195029: Use the AccessResultForbidden reason in BulkForm error messages

Open Issue #3195029: Use the AccessResultForbidden reason in BulkForm error messages
issue/drupal-3195029:3195029-use-the-accessresultforbidden into 9.2.x
2 unresolved threads
Open paul121 requested to merge issue/drupal-3195029:3195029-use-the-accessresultforbidden into 9.2.x
2 unresolved threads

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
core/modules/views/src/Plugin/views/field/BulkForm.php
392 392 continue;
393 393 }
394 394 // Skip execution if the user did not have access.
395 if (!$action->getPlugin()->access($entity, $this->view->getUser())) {
395 $access_result = $action->getPlugin()->access($entity, $this->view->getUser(), TRUE);
396 if (!$access_result->isAllowed()) {
397 // Use the reason if one is specified.
398 if ($access_result instanceof AccessResultReasonInterface) {
399 $reason = $access_result->getReason();
400 if (!empty($reason)) {
401 $this->messenger->addError($reason);
  • Jennifer Hodgdon
    Jennifer Hodgdon @jhodgdon

    I'm wondering if what you want here is a combination of the generic message "No access to execute..." and the specific message, rather than the bare specific message? Because you're kind of depending on the AccessResult having a complete message in it that includes information about the item that you cannot execute the action on.

    ???

  • paul121
    paul121 @paul121
    Author

    Yes! This is like option #2 I had in my proposal, append the reason to the generic message. It seems like a larger question of how the AccessResult reason should be used in general.. and depending on the AccessResult to have the complete message means that reason cannot be used in other contexts.

    For example, this same reason could be used in the error message when deleting an entity via the API.

    This approach would work best for the reasons added in this issue: https://www.drupal.org/project/drupal/issues/2952544

    I'll try this out..

  • paul121 changed this line in version 3 of the diff

    changed this line in version 3 of the diff

  • Please register or sign in to reply
  • Jennifer Hodgdon
    Jennifer Hodgdon @jhodgdon started a thread on an old version of the diff
    • core/modules/views/src/Plugin/views/field/BulkForm.php
    392 392 continue;
    393 393 }
    394 394 // Skip execution if the user did not have access.
    395 if (!$action->getPlugin()->access($entity, $this->view->getUser())) {
    395 $access_result = $action->getPlugin()->access($entity, $this->view->getUser(), TRUE);
    396 if (!$access_result->isAllowed()) {
    397 // Use the reason if one is specified.
    398 if ($access_result instanceof AccessResultReasonInterface) {
    399 $reason = $access_result->getReason();
    400 if (!empty($reason)) {
    401 $this->messenger->addError($reason);
    402 continue;
    403 }
    404 }
    405 // Else use the normal message.
  • paul121 added 2 commits

    added 2 commits

    • 130ae84f - Append the reason to the generic error message.
    • 820a1a16 - Import AccessResultReasonInterface

    Compare with previous version

    • Please register or sign in to reply