Skip to content
Snippets Groups Projects
Unverified Commit 2d4b89e5 authored by Alex Pott's avatar Alex Pott
Browse files

Issue #3358586 by godotislate, kala4ek, jaswinsingh, benjifisher, creact,... 

Issue #3358586 by godotislate, kala4ek, jaswinsingh, benjifisher, creact, catch, simohell, alexpott, alfthecat, aaronbauman, rupertj, poker10: RuntimeException: Adding non-existent permissions to a role is not allowed

(cherry picked from commit 0348fc51)
parent 0e3d2d66
No related branches found
No related tags found
1 merge request!11185Issue #3477324 by andypost, alexpott: Fix usage of str_getcsv() and fgetcsv() for PHP 8.4
Pipeline #391538 passed with warnings
Stage: 🪄 Lint
Stage: 🗜️ Test
Pipeline: drupal

#391567

    Pipeline: drupal

    #391566

      Pipeline: drupal

      #391562

        +7
        Hide whitespace changes
        Inline Side-by-side
        core/modules/user/src/Entity/Role.php
        + 7
        2
        View file @ 2d4b89e5
        ...@@ -207,10 +207,15 @@ public function calculateDependencies() { ...@@ -207,10 +207,15 @@ public function calculateDependencies() {
        $valid_permissions = array_intersect($this->permissions, array_keys($permission_definitions)); $valid_permissions = array_intersect($this->permissions, array_keys($permission_definitions));
        $invalid_permissions = array_diff($this->permissions, $valid_permissions); $invalid_permissions = array_diff($this->permissions, $valid_permissions);
        if (!empty($invalid_permissions)) { if (!empty($invalid_permissions)) {
        throw new \RuntimeException('Adding non-existent permissions to a role is not allowed. The incorrect permissions are "' . implode('", "', $invalid_permissions) . '".'); \Drupal::logger('user')->error('Non-existent permission(s) assigned to role "@label" (@id) were removed. Invalid permission(s): @permissions.', [
        '@label' => $this->label(),
        '@id' => $this->id(),
        '@permissions' => implode(', ', $invalid_permissions),
        ]);
        $this->permissions = $valid_permissions;
        } }
        foreach ($valid_permissions as $permission) { foreach ($valid_permissions as $permission) {
        // Depend on the module that is providing this permissions. // Depend on the module that is providing this permission.
        $this->addDependency('module', $permission_definitions[$permission]['provider']); $this->addDependency('module', $permission_definitions[$permission]['provider']);
        // Depend on any other dependencies defined by permissions granted to // Depend on any other dependencies defined by permissions granted to
        // this role. // this role.
        ......
        core/modules/user/tests/src/Kernel/UserRoleEntityTest.php
        + 28
        5
        View file @ 2d4b89e5
        ...@@ -4,8 +4,11 @@ ...@@ -4,8 +4,11 @@
        namespace Drupal\Tests\user\Kernel; namespace Drupal\Tests\user\Kernel;
        use Drupal\Core\DependencyInjection\ContainerBuilder;
        use Drupal\Core\Logger\RfcLogLevel;
        use Drupal\KernelTests\KernelTestBase; use Drupal\KernelTests\KernelTestBase;
        use Drupal\user\Entity\Role; use Drupal\user\Entity\Role;
        use Symfony\Component\ErrorHandler\BufferingLogger;
        /** /**
        * @group user * @group user
        ...@@ -18,6 +21,16 @@ class UserRoleEntityTest extends KernelTestBase { ...@@ -18,6 +21,16 @@ class UserRoleEntityTest extends KernelTestBase {
        */ */
        protected static $modules = ['system', 'user', 'user_permissions_test']; protected static $modules = ['system', 'user', 'user_permissions_test'];
        /**
        * {@inheritdoc}
        */
        public function register(ContainerBuilder $container): void {
        parent::register($container);
        $container
        ->register(BufferingLogger::class)
        ->addTag('logger');
        }
        public function testOrderOfPermissions(): void { public function testOrderOfPermissions(): void {
        $role = Role::create(['id' => 'test_role', 'label' => 'Test role']); $role = Role::create(['id' => 'test_role', 'label' => 'Test role']);
        $role->grantPermission('b') $role->grantPermission('b')
        ...@@ -37,17 +50,27 @@ public function testGrantingNonExistentPermission(): void { ...@@ -37,17 +50,27 @@ public function testGrantingNonExistentPermission(): void {
        $role = Role::create(['id' => 'test_role', 'label' => 'Test role']); $role = Role::create(['id' => 'test_role', 'label' => 'Test role']);
        // A single permission that does not exist. // A single permission that does not exist.
        $this->expectException(\RuntimeException::class);
        $this->expectExceptionMessage('Adding non-existent permissions to a role is not allowed. The incorrect permissions are "does not exist".');
        $role->grantPermission('does not exist') $role->grantPermission('does not exist')
        ->save(); ->save();
        $log_message = \Drupal::service(BufferingLogger::class)->cleanLogs()[0];
        $this->assertSame(RfcLogLevel::ERROR, $log_message[0]);
        $this->assertSame('Non-existent permission(s) assigned to role "@label" (@id) were removed. Invalid permission(s): @permissions.', $log_message[1]);
        $this->assertSame('Test role', $log_message[2]['@label']);
        $this->assertSame('test_role', $log_message[2]['@id']);
        $this->assertSame('does not exist', $log_message[2]['@permissions']);
        // A multiple permissions that do not exist. // Multiple permissions that do not exist.
        $this->expectException(\RuntimeException::class);
        $this->expectExceptionMessage('Adding non-existent permissions to a role is not allowed. The incorrect permissions are "does not exist, also does not exist".');
        $role->grantPermission('does not exist') $role->grantPermission('does not exist')
        ->grantPermission('also does not exist') ->grantPermission('also does not exist')
        ->save(); ->save();
        $log_message = \Drupal::service(BufferingLogger::class)->cleanLogs()[0];
        $this->assertSame(RfcLogLevel::ERROR, $log_message[0]);
        $this->assertSame('Non-existent permission(s) assigned to role "@label" (@id) were removed. Invalid permission(s): @permissions.', $log_message[1]);
        $this->assertSame('Test role', $log_message[2]['@label']);
        $this->assertSame('test_role', $log_message[2]['@id']);
        $this->assertSame('does not exist, also does not exist', $log_message[2]['@permissions']);
        $permissions = $role->getPermissions();
        $this->assertEmpty(array_intersect(['does not exist', 'also does not exist'], $permissions));
        } }
        public function testPermissionRevokeAndConfigSync(): void { public function testPermissionRevokeAndConfigSync(): void {
        ......
        0% or .
        You are about to add 0 people to the discussion. Proceed with caution.
        Finish editing this message first!
        Please register or to comment