ECA Access with JSONAPI - "The controller result claims to be providing relevant cache metadata, but leaked metadata was detected. Please ensure you are not rendering content too early. Returned object class: Drupal\jsonapi\CacheableResourceResponse."
Problem/Motivation
Trying to use ECA Access to limit access to nodes related using an entity reference, I'm getting this error in JSONAPI requests.
There are two branches in my model -- one for privileged users that goes straight to Access->Allowed(), the other that checks for an entity reference on the user linked to the node. The first works fine -- the second, which checks values, appears to work in the UI and normal Drupal rendered pages, but not through JSONAPI -- all JSONAPI requests for these users returns a 500 error,
"The controller result claims to be providing relevant cache metadata, but leaked metadata was detected. Please ensure you are not rendering content too early. Returned object class: Drupal\\jsonapi\\CacheableResourceResponse."
Steps to reproduce
I've set up a model that uses "Determine entity access" for node -> view operation as a trigger.
The user account has an entity reference to the node. The "view published content" permission is off for authenticated users, but on for users with a particular role ("licensed client") and other roles.
After checking for the licensed client role, the model uses [user:field_project:0:entity] to load a node on the current user's account into [client_project]. It then checks for the content type (there are multiple types that have different relationships to the main project node) and compares [client_project:nid] to [entity:nid].
If it matches, it ends with AccessResult::allowed(). If it doesn't match, it ends with AccessResult::forbidden().
I think the model is working correctly, but when used with JSONAPI there's something related to caching that breaks it all.
I'm hoping this is something somebody has hit before and has a quick solution...