Commit fb40bd6f authored by alexpott's avatar alexpott

Issue #2382931 by larowlan, pfrenssen, Mile23:...

Issue #2382931 by larowlan, pfrenssen, Mile23: Drupal\field\Plugin\views\field\Field::access returns an object instead of the expected boolean
parent 0bcabf50
......@@ -216,7 +216,7 @@ public function init(ViewExecutable $view, DisplayPluginBase $display, array &$o
public function access(AccountInterface $account) {
$base_table = $this->get_base_table();
$access_control_handler = $this->entityManager->getAccessControlHandler($this->definition['entity_tables'][$base_table]);
return $access_control_handler->fieldAccess('view', $this->getFieldDefinition(), $account, NULL, TRUE);
return $access_control_handler->fieldAccess('view', $this->getFieldDefinition(), $account);
}
/**
......
......@@ -23,6 +23,11 @@
*/
class HandlerFieldFieldTest extends FieldTestBase {
/**
* {@inheritdoc}
*/
public static $modules = array('node', 'field_test');
/**
* Views used by this test.
*
......@@ -30,10 +35,15 @@ class HandlerFieldFieldTest extends FieldTestBase {
*/
public static $testViews = array('test_view_fieldapi');
/**
* Test nodes.
*
* @var \Drupal\node\NodeInterface[]
*/
public $nodes;
/**
* @todo.
* {@inheritdoc}
*/
protected function setUp() {
parent::setUp();
......@@ -66,6 +76,15 @@ protected function setUp() {
));
$this->fieldStorages[5]->save();
// Setup a text field with access control.
// @see field_test_entity_field_access()
$this->fieldStorages[6] = entity_create('field_storage_config', array(
'field_name' => 'field_no_view_access',
'entity_type' => 'node',
'type' => 'text',
));
$this->fieldStorages[6]->save();
$this->setUpFields();
// Create some nodes.
......@@ -77,6 +96,8 @@ protected function setUp() {
$field_storage = $this->fieldStorages[$key];
$edit[$field_storage->getName()][0]['value'] = $this->randomMachineName(8);
}
// Add a hidden value for the no-view field.
$edit[$this->fieldStorages[6]->getName()][0]['value'] = 'ssh secret squirrel';
for ($j = 0; $j < 5; $j++) {
$edit[$this->fieldStorages[3]->getName()][$j]['value'] = $this->randomMachineName(8);
}
......@@ -107,6 +128,7 @@ protected function prepareView(ViewExecutable $view) {
public function testFieldRender() {
$this->_testSimpleFieldRender();
$this->_testInaccessibleFieldRender();
$this->_testFormatterSimpleFieldRender();
$this->_testMultipleFieldRender();
}
......@@ -127,6 +149,24 @@ public function _testSimpleFieldRender() {
}
}
public function _testInaccessibleFieldRender() {
$view = Views::getView('test_view_fieldapi');
$this->prepareView($view);
$this->executeView($view);
// Check that the field handler for the hidden field is correctly removed
// from the display.
// @see https://www.drupal.org/node/2382931
$this->assertFalse(array_key_exists('field_no_view_access', $view->field));
// Check that the access-denied field is not visible.
for ($i = 0; $i < 3; $i++) {
$field_name = $this->fieldStorages[6]->getName();
$rendered_field = $view->style_plugin->getField($i, $field_name);
$this->assertFalse($rendered_field, 'Hidden field not rendered');
}
}
/**
* Tests that fields with formatters runs as expected.
*/
......
......@@ -33,6 +33,11 @@ display:
table: node__field_name_5
field: field_name_5
plugin_id: field
field_no_view_access:
id: field_no_view_access
table: node__field_no_view_access
field: field_no_view_access
plugin_id: field
cache:
type: none
exposed_form:
......
......@@ -47,11 +47,13 @@ public function broken();
public function ensureMyTable();
/**
* Check whether current user has access to this handler.
* Check whether given user has access to this handler.
*
* @param AccountInterface $account
* The user account to check.
*
* @return boolean
* @return bool
* TRUE if the user has access to the handler, FALSE otherwise.
*/
public function access(AccountInterface $account);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment