Issue #3202125 by jonathanshaw, Berdir, catch, longwave: EntityQuery...

Issue #3202125 by jonathanshaw, Berdir, catch, longwave: EntityQuery accessCheck: unique value validation should not be access sensitive

Issue #3202125 by jonathanshaw, Berdir, catch, longwave: EntityQuery...
Issue #3202125 by jonathanshaw, Berdir, catch, longwave: EntityQuery accessCheck: unique value validation should not be access sensitive
96aa5ca5 · catch · 4b08fbad · 96aa5ca5 · 96aa5ca5 · 96aa5ca5
Commit 96aa5ca5 authored Apr 01, 2021 by catch
--- a/core/lib/Drupal/Core/Validation/Plugin/Validation/Constraint/UniqueFieldValueValidator.php
+++ b/core/lib/Drupal/Core/Validation/Plugin/Validation/Constraint/UniqueFieldValueValidator.php
@@ -25,6 +25,9 @@ public function validate($items, Constraint $constraint) {

    $query = \Drupal::entityQuery($entity_type_id);

+    // @todo Don't check access. http://www.drupal.org/node/3171047
+    $query->accessCheck(TRUE);
+
    $entity_id = $entity->id();
    // Using isset() instead of !empty() as 0 and '0' are valid ID values for
    // entity types using string IDs.

--- a/core/modules/migrate/src/Plugin/migrate/process/MakeUniqueEntityField.php
+++ b/core/modules/migrate/src/Plugin/migrate/process/MakeUniqueEntityField.php
@@ -128,6 +128,7 @@ protected function exists($value) {
      ->entityTypeManager
      ->getStorage($this->configuration['entity_type'])
      ->getQuery()
+      ->accessCheck(FALSE)
      ->condition($this->configuration['field'], $value);
    if (!empty($this->configuration['migrated'])) {
      // Check if each entity is in the ID map.

--- a/core/modules/migrate/tests/src/Unit/process/MakeUniqueEntityFieldTest.php
+++ b/core/modules/migrate/tests/src/Unit/process/MakeUniqueEntityFieldTest.php
@@ -43,6 +43,9 @@ protected function setUp(): void {
    $this->entityQuery = $this->getMockBuilder('Drupal\Core\Entity\Query\QueryInterface')
      ->disableOriginalConstructor()
      ->getMock();
+    $this->entityQuery->expects($this->any())
+      ->method('accessCheck')
+      ->will($this->returnSelf());
    $this->entityTypeManager = $this->createMock(EntityTypeManagerInterface::class);

    $storage = $this->createMock(EntityStorageInterface::class);
@@ -189,6 +192,7 @@ public function testMakeUniqueEntityFieldMigrated() {
    foreach (['forums', 'test_vocab', 'test_vocab1'] as $id) {
      $query = $this->prophesize(QueryInterface::class);
      $query->willBeConstructedWith([]);
+      $query->accessCheck()->willReturn($query);
      $query->execute()->willReturn($id === 'test_vocab1' ? [] : [$id]);
      $map[] = ['test_field', $id, NULL, NULL, $query->reveal()];
    }