Commit c5ef1c9c authored by alexpott's avatar alexpott

Issue #2063405 by dawehner, Wim Leers, Crell: Update all access checkers to...

Issue #2063405 by dawehner, Wim Leers, Crell: Update all access checkers to use static::ALLOW/static::DENY/static::KILL.
parent fc4150ba
......@@ -45,12 +45,12 @@ public function access(Route $route, Request $request) {
if ($request->attributes->has($entity_type)) {
$entity = $request->attributes->get($entity_type);
if ($entity instanceof EntityInterface) {
return $entity->access($operation);
return $entity->access($operation) ? static::ALLOW : static::DENY;
}
}
// No opinion, so other access checks should decide if access should be
// allowed or not.
return NULL;
return static::DENY;
}
}
......@@ -52,7 +52,7 @@ public function appliesTo() {
*/
public function access(Route $route, Request $request) {
list($entity_type, $bundle) = explode(':', $route->getRequirement($this->requirementsKey) . ':');
return $this->entityManager->getAccessController($entity_type)->createAccess($bundle);
return $this->entityManager->getAccessController($entity_type)->createAccess($bundle) ? static::ALLOW : static::DENY;
}
}
......@@ -47,7 +47,7 @@ public function appliesTo() {
public function access(Route $route, Request $request) {
// @todo Replace user_access() with a correctly injected and session-using
// alternative.
return user_access('access news feeds') && (bool) $this->database->queryRange('SELECT 1 FROM {aggregator_category}', 0, 1)->fetchField();
return user_access('access news feeds') && (bool) $this->database->queryRange('SELECT 1 FROM {aggregator_category}', 0, 1)->fetchField() ? static::ALLOW : static::DENY;
}
}
......@@ -28,7 +28,7 @@ public function appliesTo() {
*/
public function access(Route $route, Request $request) {
$theme = $request->attributes->get('theme');
return user_access('administer blocks') && drupal_theme_access($theme);
return (user_access('administer blocks') && drupal_theme_access($theme)) ? static::ALLOW : static::DENY;
}
}
......@@ -35,7 +35,7 @@ public function access(Route $route, Request $request) {
$visibility = ($form_mode == 'default') || !empty($form_mode_settings[$form_mode]['status']);
if ($visibility) {
$permission = $route->getRequirement('_field_ui_form_mode_access');
return user_access($permission);
return user_access($permission) ? static::ALLOW : static::DENY;
}
}
}
......
......@@ -35,7 +35,7 @@ public function access(Route $route, Request $request) {
$visibility = ($view_mode == 'default') || !empty($view_mode_settings[$view_mode]['status']);
if ($visibility) {
$permission = $route->getRequirement('_field_ui_view_mode_access');
return user_access($permission);
return user_access($permission) ? static::ALLOW : static::DENY;
}
}
}
......
......@@ -31,13 +31,13 @@ public function access(Route $route, Request $request) {
// Handle special cases up front. All users have access to the fallback
// format.
if ($format->format == filter_fallback_format()) {
return TRUE;
return static::ALLOW;
}
// Check the permission if one exists; otherwise, we have a non-existent
// format so we return FALSE.
$permission = filter_permission_name($format);
return !empty($permission) && user_access($permission);
return !empty($permission) && user_access($permission) ? static::ALLOW : static::DENY;
}
}
}
......@@ -28,10 +28,10 @@ public function appliesTo() {
*/
public function access(Route $route, Request $request) {
if ($format = $request->attributes->get('filter_format')) {
return user_access('administer filters') && ($format->format != filter_fallback_format());
return (user_access('administer filters') && ($format->format != filter_fallback_format())) ? static::ALLOW : static::DENY;
}
return FALSE;
return static::DENY;
}
}
......@@ -55,12 +55,10 @@ public function access(Route $route, Request $request) {
) {
$csrf_token = $request->headers->get('X-CSRF-Token');
if (!drupal_valid_token($csrf_token, 'rest')) {
return FALSE;
return static::KILL;
}
}
// As we do not perform any authorization here we always return NULL to
// indicate that other access checkers should decide if the request is
// legit.
return NULL;
// Let other access checkers decide if the request is legit.
return static::ALLOW;
}
}
......@@ -30,7 +30,7 @@ public function access(Route $route, Request $request) {
$menu_link = $request->attributes->get('menu_link');
$set_name = str_replace('shortcut-', '', $menu_link['menu_name']);
if ($shortcut_set = shortcut_set_load($set_name)) {
return shortcut_set_edit_access($shortcut_set);
return shortcut_set_edit_access($shortcut_set) ? static::ALLOW : static::DENY;
}
}
......
......@@ -30,12 +30,12 @@ public function access(Route $route, Request $request) {
$key = $request->attributes->get('key');
if ($key != \Drupal::state()->get('system.cron_key')) {
watchdog('cron', 'Cron could not run because an invalid key was used.', array(), WATCHDOG_NOTICE);
return FALSE;
return static::KILL;
}
elseif (\Drupal::config('system.maintenance')->get('enabled')) {
watchdog('cron', 'Cron could not run because the site is in maintenance mode.', array(), WATCHDOG_NOTICE);
return FALSE;
return static::KILL;
}
return TRUE;
return static::ALLOW;
}
}
......@@ -29,6 +29,6 @@ public function applies(Route $route) {
public function access(Route $route, Request $request) {
// No opinion, so other access checks should decide if access should be
// allowed or not.
return NULL;
return static::DENY;
}
}
......@@ -27,7 +27,7 @@ class TaxonomyTermCreateAccess extends EntityCreateAccessCheck {
public function access(Route $route, Request $request) {
$entity_type = $route->getRequirement($this->requirementsKey);
if ($vocabulary = $request->attributes->get('taxonomy_vocabulary')) {
return $this->entityManager->getAccessController($entity_type)->createAccess($vocabulary->id());
return $this->entityManager->getAccessController($entity_type)->createAccess($vocabulary->id()) ? static::ALLOW : static::DENY;
}
return parent::access($route, $request);
}
......
......@@ -28,12 +28,7 @@ public function appliesTo() {
*/
public function access(Route $route, Request $request) {
$hash = $request->get('hash');
if (user_access('access toolbar') && ($hash == _toolbar_get_subtree_hash())) {
return TRUE;
}
else {
return NULL;
}
return (user_access('access toolbar') && ($hash == _toolbar_get_subtree_hash())) ? static::ALLOW : static::DENY;
}
}
......@@ -27,7 +27,7 @@ public function appliesTo() {
* {@inheritdoc}
*/
public function access(Route $route, Request $request) {
return (bool) $GLOBALS['user']->id();
return $GLOBALS['user']->isAuthenticated() ? static::ALLOW : static::DENY;
}
}
......@@ -27,6 +27,6 @@ public function appliesTo() {
* Implements AccessCheckInterface::access().
*/
public function access(Route $route, Request $request) {
return user_is_anonymous() && (\Drupal::config('user.settings')->get('register') != USER_REGISTER_ADMINISTRATORS_ONLY);
return (user_is_anonymous() && (\Drupal::config('user.settings')->get('register') != USER_REGISTER_ADMINISTRATORS_ONLY)) ? static::ALLOW : static::DENY;
}
}
......@@ -31,7 +31,7 @@ public function appliesTo() {
public function access(Route $route, Request $request) {
$access = user_access('access all views');
return $access ?: NULL;
return $access ? static::ALLOW : static::DENY;
}
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment