Skip to content
Snippets Groups Projects
Commit 6205f67d authored by Lucas Hedding's avatar Lucas Hedding Committed by Kristiaan Van den Eynde
Browse files

Issue #3328351 by heddn: Explicit access checks on content entity queries

parent 9827ddd3
No related branches found
No related tags found
No related merge requests found
......@@ -158,7 +158,7 @@ class GroupListBuilder extends EntityListBuilder {
$query->pager($this->limit);
}
return $query->execute();
return $query->accessCheck()->execute();
}
/**
......
......@@ -86,7 +86,7 @@ class GroupRelationshipListBuilder extends EntityListBuilder {
$query->pager($this->limit);
}
return $query->execute();
return $query->accessCheck()->execute();
}
/**
......
......@@ -70,7 +70,7 @@ class GroupRoleListBuilder extends DraggableListBuilder {
$query->pager($this->limit);
}
return array_values($query->execute());
return array_values($query->accessCheck()->execute());
}
/**
......
......@@ -138,6 +138,7 @@ class GroupRevisionDeleteForm extends ConfirmFormBase {
->getQuery()
->allRevisions()
->condition('id', $group->id())
->accessCheck()
->count()
->execute();
}
......
......@@ -161,7 +161,7 @@ class GroupType extends ConfigEntityBundleBase implements GroupTypeInterface {
$query->condition('scope', PermissionScopeInterface::INDIVIDUAL_ID);
}
return $query->execute();
return $query->accessCheck()->execute();
}
/**
......
......@@ -121,7 +121,7 @@ class GroupRoleStorage extends ConfigEntityStorage implements GroupRoleStorageIn
$query = $this->getQuery()
->condition('scope', $membership ? PermissionScopeInterface::INSIDER_ID : PermissionScopeInterface::OUTSIDER_ID)
->condition('global_role', $roles, 'IN');
$ids = array_merge($ids, $query->execute());
$ids = array_merge($ids, $query->accessCheck()->execute());
}
$this->userGroupRoleIds[$uid][$gid][$key] = $ids;
......
......@@ -108,7 +108,7 @@ class GroupMembershipLoader implements GroupMembershipLoaderInterface {
$query->condition('group_roles', (array) $roles, 'IN');
}
$ids = $query->execute();
$ids = $query->accessCheck()->execute();
if ($ids && $group_relationships = $this->groupRelationshipStorage()->loadMultiple($ids)) {
return $this->wrapGroupRelationshipEntities($group_relationships);
}
......
......@@ -71,6 +71,7 @@ class GroupRoleScopeValidator extends ConstraintValidator implements ContainerIn
->condition('group_type', $group_role->getGroupTypeId())
->condition('scope', $scope)
->condition('global_role', $global_role)
->accessCheck()
->execute();
if (!empty($existing_pairs)) {
......
......@@ -63,7 +63,7 @@ class EntityQueryAlterCacheabilityTest extends GroupKernelTestBase {
$render_context = new RenderContext();
$renderer->executeInRenderContext($render_context, static function () use ($storage) {
$storage->getQuery()->execute();
$storage->getQuery()->accessCheck()->execute();
});
$this->assertTrue($render_context->isEmpty(), 'Empty cacheability was not bubbled.');
......@@ -85,7 +85,7 @@ class EntityQueryAlterCacheabilityTest extends GroupKernelTestBase {
$render_context = new RenderContext();
$renderer->executeInRenderContext($render_context, static function () use ($storage) {
$storage->getQuery()->execute();
$storage->getQuery()->accessCheck()->execute();
});
$this->assertFalse($render_context->isEmpty(), 'Cacheability was bubbled');
$this->assertCount(1, $render_context);
......
......@@ -818,6 +818,7 @@ class RevisionUiAccessTest extends GroupKernelTestBase {
->condition('id', $group->id())
->condition('default_langcode', 1)
->count()
->accessCheck()
->execute();
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment