Details
-
Improvement
-
Resolution: Unresolved
-
Medium
-
None
-
5.2
Description
These methods should check content/view_embed permissions and filter out those not accessible, which would remove the need to check for the same using Repository::sudo() in:
- eZ/Publish/Core/FieldType/XmlText/Converter/EmbedToHtml5
- eZ/Publish/Core/MVC/Symfony/Controller/Content/ViewController
Ref:
https://github.com/ezsystems/ezpublish-kernel/pull/490
https://github.com/ezsystems/ezpublish-kernel/pull/644
Both methods should check for the same permissions, but if for example content/view_relation is going to be introduced in the future it might make sense to implement them both.
Attachments
Issue Links
- discovered while testing
-
EZP-21438 Improve relation permission handling to use view_embed
- Closed