Problem/Motivation
EntityPermissionsRouteProviderWithCheck has significant performance overhead when checking menu link access.
Follow-up from #3344789: Return early in EntityPermissionsForm::access if the user does not have "administer permissions".
We could drop the check for whether there are permissions or not entirely from the access check, and just show a short message on the page when no permissions for a bundle are defined.
The UX regression of showing a somewhat useless tab, is better than the regression of multi-second page loads with admin_toolbar module and etc.
Steps to reproduce
Proposed resolution
Use EntityPermissionsRouteProvider and deprecate EntityPermissionsRouteProviderWithCheck.
Work-around
Until this issue is fixed, sites that are having performance issues with the access check can implement hook_entity_type_alter(). Change the route_provider from EntityPermissionsRouteProviderWithCheck to EntityPermissionsRouteProvider. See Comment #3306434-14: Fix access checks for bundle permissions to avoid triggering a config validation error for a sample implementation, or #3459723: Bypass slow access checks .
In Drupal core, the only bundle types that currently use EntityPermissionsRouteProviderWithCheck are Drupal\comment\Entity\CommentType and Drupal\contact\Entity\ContactForm.
Remaining tasks
- Decide whether to fix the problem in Drupal core by deprecating
EntityPermissionsRouteProviderWithCheckor to fix it in theadmin_toolbarmodule by implementinghook_entity_type_alter(). - Postponed on #3306434: Fix access checks for bundle permissions to avoid triggering a config validation error.
User interface changes
In some cases, users with some administrative permissions will be shown links to configuration pages that have nothing to configure. Previously, links to these pages were not shown because access to those pages was denied.
API changes
Deprecate EntityPermissionsRouteProviderWithCheck.
Data model changes
None
Release notes snippet
N/A