Layout Builder access in Drupal 9
Same name and namespace in other branches
- 8 core/modules/layout_builder/layout_builder.api.php \layout_builder_access
- 10 core/modules/layout_builder/layout_builder.api.php \layout_builder_access
In determining access rights for the Layout Builder UI, \Drupal\layout_builder\Access\LayoutBuilderAccessCheck checks if the specified section storage plugin (an implementation of \Drupal\layout_builder\SectionStorageInterface) grants access.
By default, the Layout Builder access check requires the 'configure any layout' permission. Individual section storage plugins may override this by setting the 'handles_permission_check' annotation key to TRUE. Any section storage plugin that uses 'handles_permission_check' must provide its own complete routing access checking to avoid any access bypasses.
This access checking is only enforced on the routing level (not on the entity or field level) with additional form access restrictions. All HTTP API access to Layout Builder data is currently forbidden.
See also
https://www.drupal.org/project/drupal/issues/2942975
File
- core/
modules/ layout_builder/ layout_builder.api.php, line 8 - Hooks provided by the Layout Builder module.
Functions
Name |
Location | Description |
|---|---|---|
|
LayoutSectionItemList:: |
core/ |
Overrides \Drupal\Core\Field\FieldItemListInterface::defaultAccess(). |
|
SectionStorageInterface:: |
core/ |
Overrides \Drupal\Core\Access\AccessibleInterface::access(). |
Classes
|
Name |
Location | Description |
|---|---|---|
| LayoutBuilderAccessCheck |
core/ |
Provides an access check for the Layout Builder defaults. |