X-Git-Url: http://www.aleph1.co.uk/gitweb/?a=blobdiff_plain;ds=sidebyside;f=web%2Fcore%2Fmodules%2Fuser%2Fsrc%2FUserAccessControlHandler.php;fp=web%2Fcore%2Fmodules%2Fuser%2Fsrc%2FUserAccessControlHandler.php;h=19fe6b692c3483bff4f1c6504bd99d067fad5cb2;hb=0bf8d09d2542548982e81a441b1f16e75873a04f;hp=8ff01d144763e66084f53a5881cd1c7e6158c4c9;hpb=74df008bdbb3a11eeea356744f39b802369bda3c;p=yaffs-website diff --git a/web/core/modules/user/src/UserAccessControlHandler.php b/web/core/modules/user/src/UserAccessControlHandler.php index 8ff01d144..19fe6b692 100644 --- a/web/core/modules/user/src/UserAccessControlHandler.php +++ b/web/core/modules/user/src/UserAccessControlHandler.php @@ -106,7 +106,7 @@ class UserAccessControlHandler extends EntityAccessControlHandler { return AccessResult::allowed()->cachePerPermissions()->cachePerUser(); } else { - return AccessResult::forbidden(); + return AccessResult::neutral(); } case 'preferred_langcode': @@ -116,7 +116,7 @@ class UserAccessControlHandler extends EntityAccessControlHandler { // Allow view access to own mail address and other personalization // settings. if ($operation == 'view') { - return $is_own_account ? AccessResult::allowed()->cachePerUser() : AccessResult::forbidden(); + return $is_own_account ? AccessResult::allowed()->cachePerUser() : AccessResult::neutral(); } // Anyone that can edit the user can also edit this field. return AccessResult::allowed()->cachePerPermissions(); @@ -127,14 +127,14 @@ class UserAccessControlHandler extends EntityAccessControlHandler { case 'created': // Allow viewing the created date, but not editing it. - return ($operation == 'view') ? AccessResult::allowed() : AccessResult::forbidden(); + return ($operation == 'view') ? AccessResult::allowed() : AccessResult::neutral(); case 'roles': case 'status': case 'access': case 'login': case 'init': - return AccessResult::forbidden(); + return AccessResult::neutral(); } return parent::checkFieldAccess($operation, $field_definition, $account, $items);