Verified Commit 255b4529 authored by Lee Rowlands's avatar Lee Rowlands
Browse files

Issue #3039499 by alexpott, acbramley: Role permissions not sorted in config export

parent 831f7992

core/modules/user/config/schema/user.schema.yml

+1 −0
Original line number Diff line number Diff line
@@ -122,6 +122,7 @@ user.role.*: 
    permissions:

      type: sequence

      label: 'Permissions'

      orderby: value

      sequence:

        type: string

        label: 'Permission'

core/modules/user/src/Entity/Role.php

+0 −6
Original line number Diff line number Diff line
@@ -185,12 +185,6 @@ public function preSave(EntityStorageInterface $storage) { 
      });

      $this->weight = $max + 1;

    }



    if (!$this->isSyncing()) {

      // Permissions are always ordered alphabetically to avoid conflicts in the

      // exported configuration.

      sort($this->permissions);

    }

  }



  /**

core/modules/user/tests/src/Functional/Update/UserUpdateRoleDependenciesTest.php

+1 −1
Original line number Diff line number Diff line
@@ -47,7 +47,7 @@ public function testRolePermissions() { 
    $this->drupalLogin($this->createUser(['access site reports']));

    $this->drupalGet('admin/reports/dblog', ['query' => ['type[]' => 'update']]);

    $this->clickLink('The role Authenticated user has had the following non-…');

    $this->assertSession()->pageTextContains('The role Authenticated user has had the following non-existent permission(s) removed: use text format plain_text, does_not_exist.');

    $this->assertSession()->pageTextContains('The role Authenticated user has had the following non-existent permission(s) removed: does_not_exist, use text format plain_text.');

    $this->getSession()->back();

    $this->clickLink('The role Anonymous user has had the following non-…');

    $this->assertSession()->pageTextContains('The role Anonymous user has had the following non-existent permission(s) removed: use text format plain_text.');

core/modules/user/tests/src/Kernel/UserRoleEntityTest.php

+12 −0
Original line number Diff line number Diff line
@@ -46,4 +46,16 @@ public function testGrantingNonExistentPermission() { 
      ->save();

  }



  public function testPermissionRevokeAndConfigSync() {

    $role = Role::create(['id' => 'test_role', 'label' => 'Test role']);

    $role->setSyncing(TRUE);

    $role->grantPermission('a')

      ->grantPermission('b')

      ->grantPermission('c')

      ->save();

    $this->assertSame(['a', 'b', 'c'], $role->getPermissions());

    $role->revokePermission('b')->save();

    $this->assertSame(['a', 'c'], $role->getPermissions());

  }



}

core/modules/user/user.post_update.php

+11 −0
Original line number Diff line number Diff line
@@ -47,3 +47,14 @@ function user_post_update_update_roles(&$sandbox = NULL) { 
    );

  }

}



/**

 * Ensure permissions stored in role configuration are sorted using the schema.

 */

function user_post_update_sort_permissions(&$sandbox = NULL) {

  \Drupal::classResolver(ConfigEntityUpdater::class)->update($sandbox, 'user_role', function (Role $role) {

    $permissions = $role->getPermissions();

    sort($permissions);

    return $permissions !== $role->getPermissions();

  });

}