Mercurial > hg > isophonics-drupal-site
diff core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php @ 14:1fec387a4317
Update Drupal core to 8.5.2 via Composer
| author | Chris Cannam |
|---|---|
| date | Mon, 23 Apr 2018 09:46:53 +0100 |
| parents | 4c8ae668cc8c |
| children | 129ea1e6d783 |
line wrap: on
line diff
--- a/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php Mon Apr 23 09:33:26 2018 +0100 +++ b/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php Mon Apr 23 09:46:53 2018 +0100 @@ -158,7 +158,7 @@ return AccessResult::forbidden()->addCacheableDependency($entity); } if ($admin_permission = $this->entityType->getAdminPermission()) { - return AccessResult::allowedIfHasPermission($account, $this->entityType->getAdminPermission()); + return AccessResult::allowedIfHasPermission($account, $admin_permission); } else { // No opinion. @@ -316,13 +316,17 @@ $default = $items ? $items->defaultAccess($operation, $account) : AccessResult::allowed(); // Explicitly disallow changing the entity ID and entity UUID. - if ($operation === 'edit') { + $entity = $items ? $items->getEntity() : NULL; + if ($operation === 'edit' && $entity) { if ($field_definition->getName() === $this->entityType->getKey('id')) { - return $return_as_object ? AccessResult::forbidden('The entity ID cannot be changed') : FALSE; + // String IDs can be set when creating the entity. + if (!($entity->isNew() && $field_definition->getType() === 'string')) { + return $return_as_object ? AccessResult::forbidden('The entity ID cannot be changed')->addCacheableDependency($entity) : FALSE; + } } elseif ($field_definition->getName() === $this->entityType->getKey('uuid')) { // UUIDs can be set when creating an entity. - if ($items && ($entity = $items->getEntity()) && !$entity->isNew()) { + if (!$entity->isNew()) { return $return_as_object ? AccessResult::forbidden('The entity UUID cannot be changed')->addCacheableDependency($entity) : FALSE; } }