Commit 190032b7 authored by effulgentsia's avatar effulgentsia
Browse files

Issue #2072945 by Berdir, plach, effulgentsia, Schnitzel, andypost, Wim Leers:...

Issue #2072945 by Berdir, plach, effulgentsia, Schnitzel, andypost, Wim Leers: Remove the $langcode parameter in EntityAccessControllerInterface::access() and friends
parent 1672445a
......@@ -593,7 +593,7 @@ public function access($operation, AccountInterface $account = NULL, $return_as_
}
return $this->entityManager()
->getAccessControlHandler($this->entityTypeId)
->access($this, $operation, $this->activeLangcode, $account, $return_as_object);
->access($this, $operation, $account, $return_as_object);
}
/**
......
......@@ -313,7 +313,7 @@ public function access($operation, AccountInterface $account = NULL, $return_as_
}
return $this->entityManager()
->getAccessControlHandler($this->entityTypeId)
->access($this, $operation, LanguageInterface::LANGCODE_DEFAULT, $account, $return_as_object);
->access($this, $operation, $account, $return_as_object);
}
/**
......
......@@ -53,8 +53,9 @@ public function __construct(EntityTypeInterface $entity_type) {
/**
* {@inheritdoc}
*/
public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL, $return_as_object = FALSE) {
public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE) {
$account = $this->prepareUser($account);
$langcode = $entity->language()->getId();
if (($return = $this->getCache($entity->uuid(), $operation, $langcode, $account)) !== NULL) {
// Cache hit, no work necessary.
......@@ -71,8 +72,8 @@ public function access(EntityInterface $entity, $operation, $langcode = Language
// - No modules say to deny access.
// - At least one module says to grant access.
$access = array_merge(
$this->moduleHandler()->invokeAll('entity_access', array($entity, $operation, $account, $langcode)),
$this->moduleHandler()->invokeAll($entity->getEntityTypeId() . '_access', array($entity, $operation, $account, $langcode))
$this->moduleHandler()->invokeAll('entity_access', [$entity, $operation, $account]),
$this->moduleHandler()->invokeAll($entity->getEntityTypeId() . '_access', [$entity, $operation, $account])
);
$return = $this->processAccessHookResults($access);
......@@ -80,7 +81,7 @@ public function access(EntityInterface $entity, $operation, $langcode = Language
// Also execute the default access check except when the access result is
// already forbidden, as in that case, it can not be anything else.
if (!$return->isForbidden()) {
$return = $return->orIf($this->checkAccess($entity, $operation, $langcode, $account));
$return = $return->orIf($this->checkAccess($entity, $operation, $account));
}
$result = $this->setCache($return, $entity->uuid(), $operation, $langcode, $account);
return $return_as_object ? $result : $result->isAllowed();
......@@ -124,15 +125,13 @@ protected function processAccessHookResults(array $access) {
* The entity for which to check access.
* @param string $operation
* The entity operation. Usually one of 'view', 'update' or 'delete'.
* @param string $langcode
* The language code for which to check access.
* @param \Drupal\Core\Session\AccountInterface $account
* The user for which to check access.
*
* @return \Drupal\Core\Access\AccessResultInterface
* The access result.
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($operation == 'delete' && $entity->isNew()) {
return AccessResult::forbidden()->cacheUntilEntityChanges($entity);
}
......
......@@ -29,9 +29,6 @@ interface EntityAccessControlHandlerInterface {
* @param string $operation
* The operation access should be checked for.
* Usually one of "view", "update" or "delete".
* @param string $langcode
* (optional) The language code for which to check access. Defaults to
* LanguageInterface::LANGCODE_DEFAULT.
* @param \Drupal\Core\Session\AccountInterface $account
* (optional) The user session for which to check access, or NULL to check
* access for the current user. Defaults to NULL.
......@@ -45,7 +42,7 @@ interface EntityAccessControlHandlerInterface {
* returned, i.e. TRUE means access is explicitly allowed, FALSE means
* access is either explicitly forbidden or "no opinion".
*/
public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL, $return_as_object = FALSE);
public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE);
/**
* Checks access to create an entity.
......
......@@ -522,8 +522,6 @@
* The operation that is to be performed on $entity.
* @param \Drupal\Core\Session\AccountInterface $account
* The account trying to access the entity.
* @param string $langcode
* The code of the language $entity is accessed in.
*
* @return \Drupal\Core\Access\AccessResultInterface
* The access result. The final result is calculated by using
......@@ -541,7 +539,7 @@
*
* @ingroup entity_api
*/
function hook_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operation, \Drupal\Core\Session\AccountInterface $account, $langcode) {
function hook_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operation, \Drupal\Core\Session\AccountInterface $account) {
// No opinion.
return AccessResult::neutral();
}
......@@ -555,8 +553,6 @@ function hook_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operat
* The operation that is to be performed on $entity.
* @param \Drupal\Core\Session\AccountInterface $account
* The account trying to access the entity.
* @param string $langcode
* The code of the language $entity is accessed in.
*
* @return \Drupal\Core\Access\AccessResultInterface
* The access result. hook_entity_access() has detailed documentation.
......@@ -567,7 +563,7 @@ function hook_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operat
*
* @ingroup entity_api
*/
function hook_ENTITY_TYPE_access(\Drupal\Core\Entity\EntityInterface $entity, $operation, \Drupal\Core\Session\AccountInterface $account, $langcode) {
function hook_ENTITY_TYPE_access(\Drupal\Core\Entity\EntityInterface $entity, $operation, \Drupal\Core\Session\AccountInterface $account) {
// No opinion.
return AccessResult::neutral();
}
......
......@@ -22,7 +22,7 @@ class FeedAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
switch ($operation) {
case 'view':
return AccessResult::allowedIfHasPermission($account, 'access news feeds');
......
......@@ -193,8 +193,6 @@ function hook_block_build_BASE_BLOCK_ID_alter(array &$build, \Drupal\Core\Block\
* The operation to be performed, e.g., 'view', 'create', 'delete', 'update'.
* @param \Drupal\Core\Session\AccountInterface $account
* The user object to perform the access check operation on.
* @param string $langcode
* The language code to perform the access check operation on.
*
* @return \Drupal\Core\Access\AccessResultInterface
* The access result. If all implementations of this hook return
......@@ -206,7 +204,7 @@ function hook_block_build_BASE_BLOCK_ID_alter(array &$build, \Drupal\Core\Block\
* @see \Drupal\block\BlockAccessControlHandler::checkAccess()
* @ingroup block_api
*/
function hook_block_access(\Drupal\block\Entity\Block $block, $operation, \Drupal\Core\Session\AccountInterface $account, $langcode) {
function hook_block_access(\Drupal\block\Entity\Block $block, $operation, \Drupal\Core\Session\AccountInterface $account) {
// Example code that would prevent displaying the 'Powered by Drupal' block in
// a region different than the footer.
if ($operation == 'view' && $block->getPluginId() == 'system_powered_by_block') {
......
......@@ -88,10 +88,10 @@ public function __construct(EntityTypeInterface $entity_type, ExecutableManagerI
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\block\BlockInterface $entity */
if ($operation != 'view') {
return parent::checkAccess($entity, $operation, $langcode, $account);
return parent::checkAccess($entity, $operation, $account);
}
// Don't grant access to disabled blocks.
......
......@@ -22,11 +22,11 @@ class BlockContentAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($operation === 'view') {
return AccessResult::allowed();
}
return parent::checkAccess($entity, $operation, $langcode, $account);
return parent::checkAccess($entity, $operation, $account);
}
}
......@@ -24,7 +24,7 @@ class CommentAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\comment\CommentInterface|\Drupal\user\EntityOwnerInterface $entity */
$comment_admin = $account->hasPermission('administer comments');
......
......@@ -22,7 +22,7 @@ class ConfigTestAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
public function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
return AccessResult::allowed();
}
......
......@@ -22,7 +22,7 @@ class ContactFormAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($operation == 'view') {
// Do not allow access personal form via site-wide route.
return AccessResult::allowedIf($account->hasPermission('access site-wide contact form') && $entity->id() !== 'personal')->cachePerPermissions();
......@@ -33,7 +33,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
return AccessResult::allowedIf($account->hasPermission('administer contact forms') && $entity->id() !== 'personal')->cachePerPermissions();
}
return parent::checkAccess($entity, $operation, $langcode, $account);
return parent::checkAccess($entity, $operation, $account);
}
}
......@@ -22,7 +22,7 @@ class FieldConfigAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
if ($operation == 'delete') {
$field_storage_entity = $entity->getFieldStorageDefinition();
if ($field_storage_entity->isLocked()) {
......
......@@ -21,7 +21,7 @@ class FileAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
/** @var \Drupal\file\FileInterface $entity */
if ($operation == 'download' || $operation == 'view') {
if (\Drupal::service('file_system')->uriScheme($entity->getFileUri()) === 'public') {
......
......@@ -19,9 +19,9 @@ class FileTestAccessControlHandler extends FileAccessControlHandler implements F
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
\Drupal::state()->set('file_access_formatter_check', TRUE);
return parent::checkAccess($entity, $operation, $langcode, $account);
return parent::checkAccess($entity, $operation, $account);
}
}
......@@ -22,7 +22,7 @@ class FilterFormatAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $filter_format, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $filter_format, $operation, AccountInterface $account) {
/** @var \Drupal\filter\FilterFormatInterface $filter_format */
// All users are allowed to use the fallback filter.
......@@ -47,7 +47,7 @@ protected function checkAccess(EntityInterface $filter_format, $operation, $lang
}
if (in_array($operation, array('disable', 'update'))) {
return parent::checkAccess($filter_format, $operation, $langcode, $account);
return parent::checkAccess($filter_format, $operation, $account);
}
// No opinion.
......
......@@ -22,18 +22,18 @@ class LanguageAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
switch ($operation) {
case 'update':
/* @var \Drupal\Core\Language\LanguageInterface $entity */
return AccessResult::allowedIf(!$entity->isLocked())->cacheUntilEntityChanges($entity)
->andIf(parent::checkAccess($entity, $operation, $langcode, $account));
->andIf(parent::checkAccess($entity, $operation, $account));
case 'delete':
/* @var \Drupal\Core\Language\LanguageInterface $entity */
return AccessResult::allowedIf(!$entity->isLocked())->cacheUntilEntityChanges($entity)
->andIf(AccessResult::allowedIf(!$entity->isDefault())->cacheUntilEntityChanges($entity))
->andIf(parent::checkAccess($entity, $operation, $langcode, $account));
->andIf(parent::checkAccess($entity, $operation, $account));
default:
// No opinion.
......
......@@ -51,7 +51,7 @@ public static function createInstance(ContainerInterface $container, EntityTypeI
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
switch ($operation) {
case 'view':
// There is no direct viewing of a menu link, but still for purposes of
......
......@@ -319,15 +319,13 @@ function hook_node_grants_alter(&$grants, \Drupal\Core\Session\AccountInterface
* - "view"
* @param \Drupal\Core\Session\AccountInterface $account
* The user object to perform the access check operation on.
* @param string $langcode
* The language code to perform the access check operation on.
*
* @return \Drupal\Core\Access\AccessResultInterface
* The access result.
*
* @ingroup node_access
*/
function hook_node_access(\Drupal\node\NodeInterface $node, $op, \Drupal\Core\Session\AccountInterface $account, $langcode) {
function hook_node_access(\Drupal\node\NodeInterface $node, $op, \Drupal\Core\Session\AccountInterface $account) {
$type = $node->bundle();
switch ($op) {
......
......@@ -92,15 +92,11 @@ public function access(Route $route, AccountInterface $account, $node_revision =
* performed.
* @param string $op
* (optional) The specific operation being checked. Defaults to 'view.'
* @param string|null $langcode
* (optional) Language code for the variant of the node. Different language
* variants might have different permissions associated. If NULL, the
* original langcode of the node is used. Defaults to NULL.
*
* @return bool
* TRUE if the operation may be performed, FALSE otherwise.
*/
public function checkAccess(NodeInterface $node, AccountInterface $account, $op = 'view', $langcode = NULL) {
public function checkAccess(NodeInterface $node, AccountInterface $account, $op = 'view') {
$map = array(
'view' => 'view all revisions',
'update' => 'revert all revisions',
......@@ -119,13 +115,9 @@ public function checkAccess(NodeInterface $node, AccountInterface $account, $op
return FALSE;
}
// If no language code was provided, default to the node revision's langcode.
if (empty($langcode)) {
$langcode = $node->language()->getId();
}
// Statically cache access by revision ID, language code, user account ID,
// and operation.
$langcode = $node->language()->getId();
$cid = $node->getRevisionId() . ':' . $langcode . ':' . $account->id() . ':' . $op;
if (!isset($this->access[$cid])) {
......@@ -149,7 +141,7 @@ public function checkAccess(NodeInterface $node, AccountInterface $account, $op
else {
// First check the access to the default revision and finally, if the
// node passed in is not the default revision then access to that, too.
$this->access[$cid] = $this->nodeAccess->access($this->nodeStorage->load($node->id()), $op, $langcode, $account) && ($node->isDefaultRevision() || $this->nodeAccess->access($node, $op, $langcode, $account));
$this->access[$cid] = $this->nodeAccess->access($this->nodeStorage->load($node->id()), $op, $account) && ($node->isDefaultRevision() || $this->nodeAccess->access($node, $op, $account));
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment