Agree / document how tokens should be rendered from outside core
Ideally we would have one recommended api way to do this. This would be a way that is usable via api explorer and all the ways we use the api and core code would be converted to do things using that same api method
There is a documentation pr here - at the moment I don't think it meets this need.
Permissions & non-workflow rendering
There is a question as to whether the api would support non-workflow messaging (in which case the api would likely be more like
Message::render(). The argument against is that the permissions are more complex. However some notes on that
- the most common use case is probably when checkPermissions = FALSE in php code.
- there is an appropriate permission already in core
render templates' => [ $prefix . ts('render templates'), ts('Render open-ended template content. (Additional constraints may apply to autoloaded records and specific notations.)'), ],
- currently the v3 MessageTemplate.send api allows access to the core function - it required a messageTemplateID to be set - but this can probably be faked to allow 'any text'