Updated Drupal to 8.6. This goes with the following updates because it's possible...

[yaffs-website] / web / core / modules / comment / src / CommentAccessControlHandler.php

diff --git a/web/core/modules/comment/src/CommentAccessControlHandler.php b/web/core/modules/comment/src/CommentAccessControlHandler.php
index bcb0fd7a082b6bee5aa25c9bde70f01575cfafea..6e811a97d31f6ecbeb61526b38f5dce022686c48 100644 (file)
--- a/web/core/modules/comment/src/CommentAccessControlHandler.php
+++ b/web/core/modules/comment/src/CommentAccessControlHandler.php
@@ -45,7 +45,12 @@ class CommentAccessControlHandler extends EntityAccessControlHandler {
         return $access_result;
 
       case 'update':
-        return AccessResult::allowedIf($account->id() && $account->id() == $entity->getOwnerId() && $entity->isPublished() && $account->hasPermission('edit own comments'))->cachePerPermissions()->cachePerUser()->addCacheableDependency($entity);
+        $access_result = AccessResult::allowedIf($account->id() && $account->id() == $entity->getOwnerId() && $entity->isPublished() && $account->hasPermission('edit own comments'))
+          ->cachePerPermissions()->cachePerUser()->addCacheableDependency($entity);
+        if (!$access_result->isAllowed()) {
+          $access_result->setReason("The 'edit own comments' permission is required, the user must be the comment author, and the comment must be published.");
+        }
+        return $access_result;
 
       default:
         // No opinion.