Issue #2808217 by Wim Leers, tedbow, YesCT, dawehner, xjm, Berdir,...

Issue #2808217 by Wim Leers, tedbow, YesCT, dawehner, xjm, Berdir, damiankloip, slucero: To be able to view Vocabulary config entities via REST, one should not have to grant the 'administer taxonomy' permission

Issue #2808217 by Wim Leers, tedbow, YesCT, dawehner, xjm, Berdir,...
730c5a97 · Alex Bronstein · 4204b0b2 · 730c5a97 · 730c5a97
Commit 730c5a97 authored 7 years ago by Alex Bronstein
--- a/core/modules/rest/tests/src/Functional/EntityResource/Vocabulary/VocabularyResourceTestBase.php
+++ b/core/modules/rest/tests/src/Functional/EntityResource/Vocabulary/VocabularyResourceTestBase.php
@@ -66,4 +66,18 @@ protected function getNormalizedPostEntity() {
    // @todo Update in https://www.drupal.org/node/2300677.
  }

+  /**
+   * {@inheritdoc}
+   */
+  protected function getExpectedUnauthorizedAccessMessage($method) {
+    if ($this->config('rest.settings')->get('bc_entity_resource_permissions')) {
+      return parent::getExpectedUnauthorizedAccessMessage($method);
+    }
+
+    if ($method === 'GET') {
+      return "The following permissions are required: 'access taxonomy overview' OR 'administer taxonomy'.";
+    }
+    return parent::getExpectedUnauthorizedAccessMessage($method);
+  }
+
 }
--- a/core/modules/taxonomy/src/VocabularyAccessControlHandler.php
+++ b/core/modules/taxonomy/src/VocabularyAccessControlHandler.php
@@ -20,6 +20,7 @@ class VocabularyAccessControlHandler extends EntityAccessControlHandler {
  protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
    switch ($operation) {
      case 'access taxonomy overview':
+      case 'view':
        return AccessResult::allowedIfHasPermissions($account, ['access taxonomy overview', 'administer taxonomy'], 'OR');

      default: