From 9fbba7e0a227e1d44931cb1c3c03f6eaff666bf6 Mon Sep 17 00:00:00 2001
From: Alex Pott <alex.a.pott@googlemail.com>
Date: Fri, 30 Mar 2018 11:37:18 +0100
Subject: [PATCH] Issue #2743931 by aaronbauman, gambry, harsha012, joachim,
 acbramley, rackberg, koryp, DedMoroz, akalam, Yogesh Pawar, alexpott,
 alexej_d, larowlan, stefan.r, unstatu, sathish.redcrackle: Saving to the
 private tempstore doesn't start a session for anonymous users

---
 .../Core/TempStore/PrivateTempStore.php       | 12 ++++
 .../Functional/NodePreviewAnonymousTest.php   | 62 +++++++++++++++++++
 .../AnonymousPrivateTempStoreTest.php         | 60 ++++++++++++++++++
 3 files changed, 134 insertions(+)
 create mode 100644 core/modules/node/tests/src/Functional/NodePreviewAnonymousTest.php
 create mode 100644 core/tests/Drupal/KernelTests/Core/TempStore/AnonymousPrivateTempStoreTest.php

diff --git a/core/lib/Drupal/Core/TempStore/PrivateTempStore.php b/core/lib/Drupal/Core/TempStore/PrivateTempStore.php
index f9d103470504..67d6e32d6cd6 100644
--- a/core/lib/Drupal/Core/TempStore/PrivateTempStore.php
+++ b/core/lib/Drupal/Core/TempStore/PrivateTempStore.php
@@ -117,6 +117,18 @@ public function get($key) {
    *   Thrown when a lock for the backend storage could not be acquired.
    */
   public function set($key, $value) {
+    // Ensure that an anonymous user has a session created for them, as
+    // otherwise subsequent page loads will not be able to retrieve their
+    // tempstore data.
+    if ($this->currentUser->isAnonymous()) {
+      // @todo when https://www.drupal.org/node/2865991 is resolved, use force
+      //   start session API rather than setting an arbitrary value directly.
+      $this->requestStack
+        ->getCurrentRequest()
+        ->getSession()
+        ->set('core.tempstore.private', TRUE);
+    }
+
     $key = $this->createkey($key);
     if (!$this->lockBackend->acquire($key)) {
       $this->lockBackend->wait($key);
diff --git a/core/modules/node/tests/src/Functional/NodePreviewAnonymousTest.php b/core/modules/node/tests/src/Functional/NodePreviewAnonymousTest.php
new file mode 100644
index 000000000000..66660f9507bd
--- /dev/null
+++ b/core/modules/node/tests/src/Functional/NodePreviewAnonymousTest.php
@@ -0,0 +1,62 @@
+<?php
+
+namespace Drupal\Tests\node\Functional;
+
+use Drupal\Core\Session\AccountInterface;
+use Drupal\Tests\BrowserTestBase;
+use Drupal\user\Entity\Role;
+
+/**
+ * Tests the node entity preview functionality for anonymous user.
+ *
+ * @group node
+ */
+class NodePreviewAnonymousTest extends BrowserTestBase {
+
+  /**
+   * Enable node module to test on the preview.
+   *
+   * @var array
+   */
+  public static $modules = ['node'];
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function setUp() {
+    parent::setUp();
+    // Create Basic page node type.
+    $this->drupalCreateContentType([
+      'type' => 'page',
+      'name' => 'Basic page',
+      'display_submitted' => FALSE,
+    ]);
+
+    // Grant create and editing permissions to anonymous user:
+    $anonymous_role = Role::load(AccountInterface::ANONYMOUS_ROLE);
+    $anonymous_role->grantPermission('create page content');
+    $anonymous_role->save();
+  }
+
+  /**
+   * Checks the node preview functionality for anonymous users.
+   */
+  public function testAnonymousPagePreview() {
+
+    $title_key = 'title[0][value]';
+    $body_key = 'body[0][value]';
+
+    // Fill in node creation form and preview node.
+    $edit = [
+      $title_key => $this->randomMachineName(),
+      $body_key => $this->randomMachineName()
+    ];
+    $this->drupalPostForm('node/add/page', $edit, t('Preview'));
+
+    // Check that the preview is displaying the title, body and term.
+    $this->assertSession()->linkExists(t('Back to content editing'));
+    $this->assertSession()->responseContains($edit[$body_key]);
+    $this->assertSession()->titleEquals($edit[$title_key] . ' | Drupal');
+  }
+
+}
diff --git a/core/tests/Drupal/KernelTests/Core/TempStore/AnonymousPrivateTempStoreTest.php b/core/tests/Drupal/KernelTests/Core/TempStore/AnonymousPrivateTempStoreTest.php
new file mode 100644
index 000000000000..7b1faa86cce1
--- /dev/null
+++ b/core/tests/Drupal/KernelTests/Core/TempStore/AnonymousPrivateTempStoreTest.php
@@ -0,0 +1,60 @@
+<?php
+
+namespace Drupal\KernelTests\Core\TempStore;
+
+use Drupal\KernelTests\KernelTestBase;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * Tests the PrivateTempStore for anonymous users.
+ *
+ * @group TempStore
+ */
+class AnonymousPrivateTempStoreTest extends KernelTestBase {
+
+  /**
+   * Modules to enable.
+   *
+   * @var array
+   */
+  public static $modules = ['system'];
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function setUp() {
+    parent::setUp();
+
+    // Install system tables to test the key/value storage without installing a
+    // full Drupal environment.
+    $this->installSchema('system', ['key_value_expire']);
+
+    $session = $this->container->get('session');
+    $request = Request::create('/');
+    $request->setSession($session);
+
+    $stack = $this->container->get('request_stack');
+    $stack->pop();
+    $stack->push($request);
+
+  }
+
+  /**
+   * Tests anonymous can use the PrivateTempStore.
+   */
+  public function testAnonymousCanUsePrivateTempStore() {
+    $temp_store = $this->container->get('tempstore.private')->get('anonymous_private_temp_store');
+    $temp_store->set('foo', 'bar');
+    $metadata1 = $temp_store->getMetadata('foo');
+
+    $this->assertEquals('bar', $temp_store->get('foo'));
+    $this->assertNotEmpty($metadata1->owner);
+
+    $temp_store->set('foo', 'bar2');
+    $metadata2 = $temp_store->getMetadata('foo');
+    $this->assertEquals('bar2', $temp_store->get('foo'));
+    $this->assertNotEmpty($metadata2->owner);
+    $this->assertEquals($metadata2->owner, $metadata1->owner);
+  }
+
+}
-- 
GitLab