Layout Builder access

Same name in other branches
  1. 8.9.x core/modules/layout_builder/layout_builder.api.php \layout_builder_access
  2. 10 core/modules/layout_builder/layout_builder.api.php \layout_builder_access
  3. 11.x core/modules/layout_builder/layout_builder.api.php \layout_builder_access

In determining access rights for the Layout Builder UI, \Drupal\layout_builder\Access\LayoutBuilderAccessCheck checks if the specified section storage plugin (an implementation of \Drupal\layout_builder\SectionStorageInterface) grants access.

By default, the Layout Builder access check requires the 'configure any layout' permission. Individual section storage plugins may override this by setting the 'handles_permission_check' annotation key to TRUE. Any section storage plugin that uses 'handles_permission_check' must provide its own complete routing access checking to avoid any access bypasses.

This access checking is only enforced on the routing level (not on the entity or field level) with additional form access restrictions. All HTTP API access to Layout Builder data is currently forbidden.

See also

https://www.drupal.org/project/drupal/issues/2942975

File

core/modules/layout_builder/layout_builder.api.php, line 8

Functions

Title Sort descending File name Summary
LayoutSectionItemList::defaultAccess core/modules/layout_builder/src/Field/LayoutSectionItemList.php Overrides \Drupal\Core\Field\FieldItemListInterface::defaultAccess().
SectionStorageInterface::access core/modules/layout_builder/src/SectionStorageInterface.php Overrides \Drupal\Core\Access\AccessibleInterface::access().

Classes

Title Sort descending File name Summary
LayoutBuilderAccessCheck core/modules/layout_builder/src/Access/LayoutBuilderAccessCheck.php Provides an access check for the Layout Builder defaults.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.