Skip to content
Snippets Groups Projects
Verified Commit 34997d05 authored by Alex Pott's avatar Alex Pott
Browse files

Issue #3419548 by amateescu, smustgrave, malcomio: Workspace switcher block does not check access

(cherry picked from commit bed3a77a)
parent b2c9207d
Branches 2.x
Tags 2.5.0
24 merge requests!11185Issue #3477324 by andypost, alexpott: Fix usage of str_getcsv() and fgetcsv() for PHP 8.4,!10602Issue #3438769 by vinmayiswamy, antonnavi, michelle, amateescu: Sub workspace does not clear,!10301Issue #3469309 by mstrelan, smustgrave, moshe weitzman: Use one-time login...,!10187Issue #3487488 by dakwamine: ExtensionMimeTypeGuesser::guessMimeType must support file names with "0" (zero) like foo.0.zip,!9944Issue #3483353: Consider making the createCopy config action optionally fail...,!9929Issue #3445469 by pooja_sharma, smustgrave: Add additional test coverage for...,!9787Resolve issue 3479427 - bootstrap barrio issue under Windows,!9742Issue #3463908 by catch, quietone: Split OptionsFieldUiTest into two,!9526Issue #3458177 by mondrake, catch, quietone, godotislate, longwave, larowlan,...,!8738Issue #3424162 by camilledavis, dineshkumarbollu, smustgrave: Claro...,!8704Make greek characters available in ckeditor5,!8597Draft: Issue #3442259 by catch, quietone, dww: Reduce time of Migrate Upgrade tests...,!8533Issue #3446962 by kim.pepper: Remove incorrectly added...,!8517Issue #3443748 by NexusNovaz, smustgrave: Testcase creates false positive,!8325Update file Sort.php,!8095Expose document root on install,!7930Resolve #3427374 "Taxonomytid viewsargumentdefault plugin",!7627Issue #3439440 by nicxvan, Binoli Lalani, longwave: Remove country support from DateFormatter,!7445Issue #3440169: When using drupalGet(), provide an associative array for $headers,!7401#3271894 Fix documented StreamWrapperInterface return types for realpath() and dirname(),!7384Add constraints to system.advisories,!6502Draft: Resolve #2938524 "Plach testing issue",!38582585169-10.1.x,!3226Issue #2987537: Custom menu link entity type should not declare "bundle" entity key
Pipeline #130563 canceled
......@@ -2,11 +2,14 @@
namespace Drupal\workspaces\Plugin\Block;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Access\AccessResultInterface;
use Drupal\Core\Block\Attribute\Block;
use Drupal\Core\Block\BlockBase;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\Core\Form\FormBuilderInterface;
use Drupal\Core\Plugin\ContainerFactoryPluginInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\Core\StringTranslation\TranslatableMarkup;
use Drupal\workspaces\Form\WorkspaceSwitcherForm;
use Symfony\Component\DependencyInjection\ContainerInterface;
......@@ -82,4 +85,15 @@ public function build() {
return $build;
}
/**
* {@inheritdoc}
*/
protected function blockAccess(AccountInterface $account): AccessResultInterface {
return AccessResult::allowedIfHasPermissions($account, [
'view own workspace',
'view any workspace',
'administer workspaces',
], 'OR');
}
}
......@@ -53,6 +53,11 @@ public function testSwitchingWorkspaces() {
$this->createAndActivateWorkspaceThroughUi('Vultures', 'vultures');
$gravity = $this->createWorkspaceThroughUi('Gravity', 'gravity');
// Confirm the block shows on the front page.
$this->drupalGet('<front>');
$page = $this->getSession()->getPage();
$this->assertTrue($page->hasContent('Workspace switcher'));
$this->drupalGet('/admin/config/workflow/workspaces/manage/' . $gravity->id() . '/activate');
$this->assertSession()->statusCodeEquals(200);
......
......@@ -248,7 +248,6 @@ public function testWorkspaceFieldUi() {
*/
public function testDeleteWorkspaceWithExistingContent() {
$this->createContentType(['type' => 'test', 'label' => 'Test']);
$this->setupWorkspaceSwitcherBlock();
// Login and create a workspace.
$this->drupalLogin($this->rootUser);
......
......@@ -110,12 +110,8 @@ protected function setupWorkspaceSwitcherBlock() {
'region' => 'sidebar_first',
'label' => 'Workspace switcher',
]);
// Confirm the block shows on the front page.
$this->drupalGet('<front>');
$page = $this->getSession()->getPage();
$this->assertTrue($page->hasContent('Workspace switcher'));
$this->switcherBlockConfigured = TRUE;
}
......
......@@ -223,4 +223,26 @@ public function testWorkspaceSelection() {
$this->assertEquals($expected_top, array_keys($selection_handler->getReferenceableEntities('top')['workspace']));
}
/**
* @covers \Drupal\workspaces\Plugin\Block\WorkspaceSwitcherBlock::blockAccess
*/
public function testWorkspaceSwitcherBlock(): void {
$own_permission_user = $this->createUser(['view own workspace']);
$any_permission_user = $this->createUser(['view any workspace']);
$admin_permission_user = $this->createUser(['administer workspaces']);
$access_content_user = $this->createUser(['access content']);
$no_permission_user = $this->createUser();
/** @var \Drupal\Core\Block\BlockManagerInterface $block_manager */
$block_manager = \Drupal::service('plugin.manager.block');
/** @var \Drupal\Core\Block\BlockPluginInterface $switcher_block */
$switcher_block = $block_manager->createInstance('workspace_switcher');
$this->assertTrue($switcher_block->access($own_permission_user));
$this->assertTrue($switcher_block->access($any_permission_user));
$this->assertTrue($switcher_block->access($admin_permission_user));
$this->assertFalse($switcher_block->access($access_content_user));
$this->assertFalse($switcher_block->access($no_permission_user));
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment