Commit 311bc911 authored by catch's avatar catch
Browse files

Revert "Issue #2799049 by AaronBauman, jungle, hussainweb, Neograph734,...

Revert "Issue #2799049 by AaronBauman, jungle, hussainweb, Neograph734, a_mitch, anmolgoyal74, Hardik_Patel_12, geek-merlin, cilefen, eblue, fmueller_previon, Anas_maw, rensingh99, Abhijith S, yepa, Ruchi Joshi, Stephen Ollman, dww, alexpott, catch, benjifisher, Wim Leers: Add new permission to view user email field"

This reverts commit 84c8b1e1.
parent f9506b82
......@@ -412,18 +412,6 @@ public function testGetMailFieldOnlyVisibleToOwner() {
$this->assertArrayNotHasKey('mail', $doc['data'][2]['attributes']);
$this->assertSame($user_b->uuid(), $doc['data'][count($doc['data']) - 1]['id']);
$this->assertArrayHasKey('mail', $doc['data'][count($doc['data']) - 1]['attributes']);
// Now grant permission to access user mail and verify.
$this->grantPermissionsToTestedRole(['access user mail']);
// Viewing user A as user B: "mail" field should be accessible.
$response = $this->request('GET', $user_a_url, $request_options);
$doc = Json::decode((string) $response->getBody());
$this->assertArrayHasKey('mail', $doc['data']['attributes']);
// Also when looking at the collection.
$response = $this->request('GET', $collection_url, $request_options);
$doc = Json::decode((string) $response->getBody());
$this->assertSame($user_a->uuid(), $doc['data']['2']['id']);
$this->assertArrayHasKey('mail', $doc['data'][2]['attributes']);
......@@ -113,15 +113,10 @@ protected function checkFieldAccess($operation, FieldDefinitionInterface $field_
return AccessResult::neutral();
case 'mail':
// Only check for the access user mail permission and a view operation.
// Use case fall-through for all other cases.
if ($operation == 'view' && $account->hasPermission('access user mail')) {
return AccessResult::allowed()->cachePerPermissions();
case 'preferred_langcode':
case 'preferred_admin_langcode':
case 'timezone':
case 'mail':
// Allow view access to own mail address and other personalization
// settings.
if ($operation == 'view') {
......@@ -32,13 +32,6 @@ class UserAccessControlHandlerTest extends UnitTestCase {
protected $viewer;
* The mock user account with 'access user mail' permission.
* @var \Drupal\Core\Session\AccountInterface
protected $emailViewer;
* The mock user account that is able to change their own account name.
......@@ -103,18 +96,6 @@ protected function setUp(): void {
$this->emailViewer = $this->createMock('\Drupal\Core\Session\AccountInterface');
['access user mail', TRUE],
$entity_type = $this->createMock('Drupal\Core\Entity\EntityTypeInterface');
$this->accessControlHandler = new UserAccessControlHandler($entity_type);
......@@ -259,14 +240,6 @@ public function hiddenUserSettingsProvider() {
'view' => TRUE,
'edit' => TRUE,
$access_info[] = [
'field' => $field,
'viewer' => 'emailViewer',
'target' => 'owner',
'view' => $field === 'mail',
// See note above.
'edit' => TRUE,
return $access_info;
......@@ -11,9 +11,6 @@ administer users:
restrict access: true
access user profiles:
title: 'View user information'
access user mail:
title: 'View user email addresses'
description: 'Users without this permission will not have access to email addresses on user pages or other places where they might be shown, such as Views and JSON:API responses.'
change own username:
title: 'Change own username'
select account cancellation method:
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment