Bugfix/inline editing and conditions

CHANGELOG-WIP.md

@@ -207,6 +207,7 @@
 - Fixed a bug where deadlocks could occur when updating elements’ search indexes. ([#18139](https://github.com/craftcms/cms/pull/18139))
 - Fixed a bug where Matrix and Addresses fields weren’t loading provisional drafts for GraphQL preview requests.
 - Fixed a bug where generated field values weren’t always up-to-date if their template referenced nested elements. ([#17938](https://github.com/craftcms/cms/issues/17938))
+- Fixed a bug where ineditable fields appeared to be editable via the inline editing mode on element indexes. ([#18291](https://github.com/craftcms/cms/pull/18291))
 - Fixed [low-severity](https://github.com/craftcms/cms/security/policy#severity--remediation) XSS vulnerabilities. (GHSA-4mgv-366x-qxvx)
 - Fixed a [moderate-severity](https://github.com/craftcms/cms/security/policy#severity--remediation) RCE vulnerability. (GHSA-v47q-jxvr-p68x)
 - Fixed [moderate-severity](https://github.com/craftcms/cms/security/policy#severity--remediation) permission escalation vulnerabilities. (GHSA-2xfc-g69j-x2mp, GHSA-jxm3-pmm2-9gf6)

CHANGELOG.md

@@ -10,6 +10,7 @@
 - Fixed a bug where field layout elements weren’t always getting saved in the correct position, if the layout config referenced custom fields that no longer exist. ([#18268](https://github.com/craftcms/cms/issues/18268))
 - Fixed a bug where custom entry index pages weren’t visible when viewing other entry types’ index pages. ([#18284](https://github.com/craftcms/cms/issues/18284))
 - Fixed a bug where element index pages could show a spinner indefinitely if there weren’t any visible sources. ([#18286](https://github.com/craftcms/cms/pull/18286))
+- Fixed a bug where ineditable fields appeared to be editable via the inline editing mode on element indexes. ([#18291](https://github.com/craftcms/cms/pull/18291))
 - Fixed a [high-severity](https://github.com/craftcms/cms/security/policy#severity--remediation) user account enumeration vulnerability. (GHSA-234q-vvw3-mrfq)
 - Fixed a [moderate-severity](https://github.com/craftcms/cms/security/policy#severity--remediation) permission escalation vulnerability.
 

src/base/Element.php

@@ -6152,7 +6152,7 @@ protected function inlineAttributeInputHtml(string $attribute): string
         $field = null;
         if (preg_match('/^field:(.+)/', $attribute, $matches)) {
             $fieldUid = $matches[1];
-            $field = Craft::$app->getFields()->getFieldByUid($fieldUid);
+            $field = $this->getFieldLayout()?->getFieldByUid($fieldUid);
         } elseif (preg_match('/^fieldInstance:(.+)/', $attribute, $matches)) {
             $instanceUid = $matches[1];
             $layoutElement = $this->getFieldLayout()?->getElementByUid($instanceUid);
@@ -6168,19 +6168,25 @@ protected function inlineAttributeInputHtml(string $attribute): string
 
         if ($field !== null) {
             if ($field instanceof InlineEditableFieldInterface) {
-                // Was this field value eager-loaded?
-                if ($field instanceof EagerLoadingFieldInterface && $this->hasEagerLoadedElements($field->handle)) {
-                    $value = $this->getEagerLoadedElements($field->handle);
-                } else {
-                    // The field might not actually belong to this element
-                    try {
-                        $value = $this->getFieldValue($field->handle);
-                    } catch (InvalidFieldException) {
-                        return '';
+                $layoutElement = $field->layoutElement;
+                // if the layout element should be visible and editable in the "normal" edit form
+                // proceed with showing the input html, otherwise show the standard attribute html
+                /** @var CustomField $layoutElement */
+                if ($layoutElement && $layoutElement->showInForm($this) && $layoutElement->editable($this)) {
+                    // Was this field value eager-loaded?
+                    if ($field instanceof EagerLoadingFieldInterface && $this->hasEagerLoadedElements($field->handle)) {
+                        $value = $this->getEagerLoadedElements($field->handle);
+                    } else {
+                        // The field might not actually belong to this element
+                        try {
+                            $value = $this->getFieldValue($field->handle);
+                        } catch (InvalidFieldException) {
+                            return '';
+                        }
                     }
-                }
 
-                return $field->getInlineInputHtml($value, $this);
+                    return $field->getInlineInputHtml($value, $this);
+                }
             }
 
             return $this->getAttributeHtml($attribute);