Unverified Commit 62538991 authored by alexpott's avatar alexpott

Issue #3021247 by jeqq, alexpott, amateescu: Bypass workspace access...

Issue #3021247 by jeqq, alexpott, amateescu: Bypass workspace access permission is not working as expected
parent 48df34d3
......@@ -124,8 +124,10 @@ protected function bypassAccessResult(AccountInterface $account) {
// to ALL THE THINGS! That's why this is a dangerous permission.
$active_workspace = $this->workspaceManager->getActiveWorkspace();
return AccessResult::allowedIf($active_workspace->getOwnerId() == $account->id())->cachePerUser()->addCacheableDependency($active_workspace)
->andIf(AccessResult::allowedIfHasPermission($account, 'bypass entity access own workspace'));
$owner_has_access = AccessResult::allowedIf($active_workspace->getOwnerId() == $account->id())
->cachePerUser()->addCacheableDependency($active_workspace);
$access_bypass = AccessResult::allowedIfHasPermission($account, 'bypass entity access own workspace');
return $owner_has_access->orIf($access_bypass);
}
}
......@@ -55,10 +55,10 @@ public function testBypassOwnWorkspace() {
$this->drupalLogin($lombardi);
$this->switchToWorkspace($bears);
// Because editor 2 has the bypass permission, editor 2 should be able to
// create and edit any node.
// Editor 2 should be able to create and edit any node because of the
// assigned bypass permission.
$this->drupalGet('/node/' . $ditka_bears_node_id . '/edit');
$this->assertSession()->statusCodeEquals(403);
$this->assertSession()->statusCodeEquals(200);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment