From 95bdbbe99e78433a35f43423dd17f5b51d07290c Mon Sep 17 00:00:00 2001
From: phenaproxima <phenaproxima@205645.no-reply.drupal.org>
Date: Tue, 17 May 2022 18:15:09 +0000
Subject: [PATCH] Issue #3280923 by phenaproxima: CronUpdater::begin() should
 throw an exception of if cron updates are disabled

---
 src/CronUpdater.php                      | 13 +++++++++++++
 tests/src/Functional/UpdaterFormTest.php |  1 +
 tests/src/Kernel/CronUpdaterTest.php     | 14 ++++++++++++++
 3 files changed, 28 insertions(+)

diff --git a/src/CronUpdater.php b/src/CronUpdater.php
index c78b9954ea..e6a9dc4573 100644
--- a/src/CronUpdater.php
+++ b/src/CronUpdater.php
@@ -93,6 +93,19 @@ class CronUpdater extends Updater {
     }
   }
 
+  /**
+   * {@inheritdoc}
+   */
+  public function begin(array $project_versions, ?int $timeout = 300): string {
+    // Prevent mischievous callers from starting an update even if unattended
+    // updates are disabled. To start an update programmatically, use
+    // \Drupal\automatic_updates\Updater::begin().
+    if ($this->getMode() === static::DISABLED) {
+      throw new \LogicException('Unattended updates are disabled.');
+    }
+    return parent::begin($project_versions, $timeout);
+  }
+
   /**
    * Performs the update.
    *
diff --git a/tests/src/Functional/UpdaterFormTest.php b/tests/src/Functional/UpdaterFormTest.php
index 354fbc5b84..69ffa8a87d 100644
--- a/tests/src/Functional/UpdaterFormTest.php
+++ b/tests/src/Functional/UpdaterFormTest.php
@@ -57,6 +57,7 @@ class UpdaterFormTest extends AutomaticUpdatesFunctionalTestBase {
       'access site in maintenance mode',
       'administer modules',
       'access site reports',
+      'view update notifications',
     ]);
     $this->drupalLogin($user);
     $this->checkForUpdates();
diff --git a/tests/src/Kernel/CronUpdaterTest.php b/tests/src/Kernel/CronUpdaterTest.php
index 9c2b57b167..2e70847acd 100644
--- a/tests/src/Kernel/CronUpdaterTest.php
+++ b/tests/src/Kernel/CronUpdaterTest.php
@@ -38,6 +38,7 @@ class CronUpdaterTest extends AutomaticUpdatesKernelTestBase {
   protected static $modules = [
     'automatic_updates',
     'automatic_updates_test',
+    'user',
   ];
 
   /**
@@ -328,4 +329,17 @@ class CronUpdaterTest extends AutomaticUpdatesKernelTestBase {
     }
   }
 
+  /**
+   * Tests that the cron updater throws an exception if started while disabled.
+   */
+  public function testExceptionWhenDisabled(): void {
+    $this->config('automatic_updates.settings')
+      ->set('cron', CronUpdater::DISABLED)
+      ->save();
+
+    $this->expectExceptionMessage('Unattended updates are disabled.');
+    $this->container->get('automatic_updates.cron_updater')
+      ->begin(['drupal' => '9.8.1']);
+  }
+
 }
-- 
GitLab