[Craft 4] Allow null for $user param in element authorization check methods

[mmikkel]

This is a very minor thing, but it'd be great if it was possible to pass null for the $user parameter in elements' authorization/permission check methods (i.e. the various canX() methods such as canView() and others).

The use case is simply to reduce a little bit of boilerplate code, in situations where the current user may or may not be logged in.

I.e. instead of this:

{% if not currentUser or not entry.canView(currentUser) %}
    {% redirect siteUrl %}
{% endif %}

...it'd be nice to just be able to do this:

{% if not entry.canView(currentUser) %}
    {% redirect siteUrl %}
{% endif %}

Obviously, the can-methods should just return false if $user is in fact null.

[brandonkelly]

Wouldn’t be able to do this without changing the ElementInterface signature, which would break all element types that have implemented any of the canX() methods.

Maybe something we can make nicer with a Twig-specific tag/function/test though?

[brandonkelly]

Just added new element authorization global Twig functions for Craft 4.3 (canView(), canSave(), etc.), which have element and user arguments, but user is optional and defaults to the current user. So you will be able to do this:

{% if not canView(entry) %}
    {% redirect siteUrl %}
{% endif %}

See details in the PR (#11808).

[mmikkel]

This is an excellent solve! Thanks a lot Brandon 🙌

[brandonkelly]

Craft 4.3 was released earlier this week with this change!