From 84bcd07edf692b8a5aef75523d1b3e7267ec7a50 Mon Sep 17 00:00:00 2001 From: urbanenomad Date: Thu, 12 Dec 2024 09:42:21 -0800 Subject: [PATCH] Update apigee_edge_apiproduct_rbac.module Changed from neutral to forbidden so that API Products do not show up on the assign operation or Create App when using the RBAC service to control access to API Products. This is to solve issue https://github.com/apigee/apigee-edge-drupal/issues/1098 --- .../apigee_edge_apiproduct_rbac.module | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/apigee_edge_apiproduct_rbac/apigee_edge_apiproduct_rbac.module b/modules/apigee_edge_apiproduct_rbac/apigee_edge_apiproduct_rbac.module index 7896c0e5..4918d1e4 100644 --- a/modules/apigee_edge_apiproduct_rbac/apigee_edge_apiproduct_rbac.module +++ b/modules/apigee_edge_apiproduct_rbac/apigee_edge_apiproduct_rbac.module @@ -67,7 +67,7 @@ function apigee_edge_apiproduct_rbac_api_product_access(EntityInterface $entity, if (empty($entity->getAttributeValue($rbac_attribute_name))) { if ('assign' === $operation) { - $result = AccessResult::neutral("{$operation} is not allowed on {$entity->label()} API product."); + $result = AccessResult::forbidden("{$operation} is not allowed on {$entity->label()} API product."); } elseif ($config->get('grant_access_if_attribute_missing')) { $result = AccessResult::allowed(); @@ -94,7 +94,7 @@ function apigee_edge_apiproduct_rbac_api_product_access(EntityInterface $entity, // Displaying these products should be solved on the form level always. if (empty(array_intersect($roles, $account->getRoles()))) { if ('assign' === $operation) { - $result = AccessResult::neutral("{$operation} is not allowed on {$entity->label()} API product."); + $result = AccessResult::forbidden("{$operation} is not allowed on {$entity->label()} API product."); } else { $result = _apigee_edge_user_has_an_app_with_product($entity->id(), $account, TRUE);