Commit 4f33bd49 authored by alexpott's avatar alexpott

Issue #2427713 by dashaforbes, mbovan: Contact module doesn't implement AccessControlHandler

parent 60f36e89
<?php
/**
* @file
* Contains \Drupal\contact\ContactMessageAccessControlHandler.
*/
namespace Drupal\contact;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Entity\EntityAccessControlHandler;
use Drupal\Core\Session\AccountInterface;
/**
* Defines the access control handler for the message form entity type.
*
* @see \Drupal\contact\Entity\Message.
*/
class ContactMessageAccessControlHandler extends EntityAccessControlHandler {
/**
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return AccessResult::allowedIfHasPermission($account, 'access site-wide contact form');
}
}
......@@ -19,12 +19,14 @@
* id = "contact_message",
* label = @Translation("Contact message"),
* handlers = {
* "access" = "Drupal\contact\ContactMessageAccessControlHandler",
* "storage" = "Drupal\Core\Entity\ContentEntityNullStorage",
* "view_builder" = "Drupal\contact\MessageViewBuilder",
* "form" = {
* "default" = "Drupal\contact\MessageForm"
* }
* },
* admin_permission = "administer contact forms",
* entity_keys = {
* "bundle" = "contact_form",
* "uuid" = "uuid"
......
......@@ -7,7 +7,7 @@
namespace Drupal\contact\Tests;
use Drupal\contact\Entity\Message;
use Drupal\simpletest\KernelTestBase;
use Drupal\system\Tests\Entity\EntityUnitTestBase;
/**
* Tests the message entity class.
......@@ -15,7 +15,7 @@
* @group contact
* @see \Drupal\contact\Entity\Message
*/
class MessageEntityTest extends KernelTestBase {
class MessageEntityTest extends EntityUnitTestBase {
/**
* Modules to enable.
......@@ -62,6 +62,15 @@ public function testMessageMethods() {
$this->assertEqual($message->getSenderName(), 'sender_name');
$this->assertEqual($message->getSenderMail(), 'sender_mail');
$this->assertTrue($message->copySender());
$no_access_user = $this->createUser(['uid' => 2]);
$access_user = $this->createUser(['uid' => 3], ['access site-wide contact form']);
$admin = $this->createUser(['uid' => 4], ['administer contact forms']);
$this->assertFalse(\Drupal::entityManager()->getAccessControlHandler('contact_message')->createAccess(NULL, $no_access_user));
$this->assertTrue(\Drupal::entityManager()->getAccessControlHandler('contact_message')->createAccess(NULL, $access_user));
$this->assertTrue($message->access('edit', $admin));
$this->assertFalse($message->access('edit', $access_user));
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment