Issue #2427713 by dashaforbes, mbovan: Contact module doesn't implement AccessControlHandler

4f33bd49 · alexpott · 60f36e89 · 4f33bd49 · 4f33bd49 · 4f33bd49
Commit 4f33bd49 authored Feb 28, 2015 by alexpott
--- a/core/modules/contact/src/ContactMessageAccessControlHandler.php
+++ b/core/modules/contact/src/ContactMessageAccessControlHandler.php
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\contact\ContactMessageAccessControlHandler.
+ */
+
+namespace Drupal\contact;
+
+use Drupal\Core\Access\AccessResult;
+use Drupal\Core\Entity\EntityAccessControlHandler;
+use Drupal\Core\Session\AccountInterface;
+
+/**
+ * Defines the access control handler for the message form entity type.
+ *
+ * @see \Drupal\contact\Entity\Message.
+ */
+class ContactMessageAccessControlHandler extends EntityAccessControlHandler {
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
+    return AccessResult::allowedIfHasPermission($account, 'access site-wide contact form');
+  }
+}
--- a/core/modules/contact/src/Entity/Message.php
+++ b/core/modules/contact/src/Entity/Message.php
@@ -19,12 +19,14 @@
 *   id = "contact_message",
 *   label = @Translation("Contact message"),
 *   handlers = {
+ *     "access" = "Drupal\contact\ContactMessageAccessControlHandler",
 *     "storage" = "Drupal\Core\Entity\ContentEntityNullStorage",
 *     "view_builder" = "Drupal\contact\MessageViewBuilder",
 *     "form" = {
 *       "default" = "Drupal\contact\MessageForm"
 *     }
 *   },
+ *   admin_permission = "administer contact forms",
 *   entity_keys = {
 *     "bundle" = "contact_form",
 *     "uuid" = "uuid"

--- a/core/modules/contact/src/Tests/MessageEntityTest.php
+++ b/core/modules/contact/src/Tests/MessageEntityTest.php
@@ -7,7 +7,7 @@
 namespace Drupal\contact\Tests;

 use Drupal\contact\Entity\Message;
-use Drupal\simpletest\KernelTestBase;
+use Drupal\system\Tests\Entity\EntityUnitTestBase;

 /**
 * Tests the message entity class.
@@ -15,7 +15,7 @@
 * @group contact
 * @see \Drupal\contact\Entity\Message
 */
-class MessageEntityTest extends KernelTestBase {
+class MessageEntityTest extends EntityUnitTestBase {

  /**
   * Modules to enable.
@@ -62,6 +62,15 @@ public function testMessageMethods() {
    $this->assertEqual($message->getSenderName(), 'sender_name');
    $this->assertEqual($message->getSenderMail(), 'sender_mail');
    $this->assertTrue($message->copySender());
+
+    $no_access_user = $this->createUser(['uid' => 2]);
+    $access_user = $this->createUser(['uid' => 3], ['access site-wide contact form']);
+    $admin = $this->createUser(['uid' => 4], ['administer contact forms']);
+
+    $this->assertFalse(\Drupal::entityManager()->getAccessControlHandler('contact_message')->createAccess(NULL, $no_access_user));
+    $this->assertTrue(\Drupal::entityManager()->getAccessControlHandler('contact_message')->createAccess(NULL, $access_user));
+    $this->assertTrue($message->access('edit', $admin));
+    $this->assertFalse($message->access('edit', $access_user));
  }

 }