Commit 95a0059a authored by webchick's avatar webchick

Issue #2421263 by alexpott, formatC'vt, kim.pepper, andypost, larowlan, chx:...

Issue #2421263 by alexpott, formatC'vt, kim.pepper, andypost, larowlan, chx: Potential data loss: concurrent (i.e. by different users) node edits leak through preview
parent d8a6c0a1
......@@ -126,8 +126,8 @@ public function start() {
$_session_user = new AnonymousUserSession();
// Randomly generate a session identifier for this request. This is
// necessary because \Drupal\user\TempStoreFactory::get() wants to know
// the future session ID of a lazily started session in advance.
// necessary because \Drupal\user\SharedTempStoreFactory::get() wants to
// know the future session ID of a lazily started session in advance.
//
// @todo: With current versions of PHP there is little reason to generate
// the session id from within application code. Consider using the
......
......@@ -30,7 +30,7 @@ services:
- { name: event_subscriber }
node_preview:
class: Drupal\node\ParamConverter\NodePreviewConverter
arguments: ['@user.tempstore']
arguments: ['@user.private_tempstore']
tags:
- { name: paramconverter }
node.page_cache_request_policy.deny_node_preview:
......
......@@ -12,7 +12,7 @@
use Drupal\Core\Url;
use Drupal\Component\Utility\String;
use Drupal\Core\Form\FormStateInterface;
use Drupal\user\TempStoreFactory;
use Drupal\user\PrivateTempStoreFactory;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\DependencyInjection\ContainerInterface;
......@@ -31,7 +31,7 @@ class DeleteMultiple extends ConfirmFormBase {
/**
* The tempstore factory.
*
* @var \Drupal\user\TempStoreFactory
* @var \Drupal\user\PrivateTempStoreFactory
*/
protected $tempStoreFactory;
......@@ -45,12 +45,12 @@ class DeleteMultiple extends ConfirmFormBase {
/**
* Constructs a DeleteMultiple form object.
*
* @param \Drupal\user\TempStoreFactory $temp_store_factory
* @param \Drupal\user\PrivateTempStoreFactory $temp_store_factory
* The tempstore factory.
* @param \Drupal\Core\Entity\EntityManagerInterface $manager
* The entity manager.
*/
public function __construct(TempStoreFactory $temp_store_factory, EntityManagerInterface $manager) {
public function __construct(PrivateTempStoreFactory $temp_store_factory, EntityManagerInterface $manager) {
$this->tempStoreFactory = $temp_store_factory;
$this->storage = $manager->getStorage('node');
}
......@@ -60,7 +60,7 @@ public function __construct(TempStoreFactory $temp_store_factory, EntityManagerI
*/
public static function create(ContainerInterface $container) {
return new static(
$container->get('user.tempstore'),
$container->get('user.private_tempstore'),
$container->get('entity.manager')
);
}
......
......@@ -12,7 +12,7 @@
use Drupal\Core\Entity\EntityManagerInterface;
use Drupal\Core\Form\FormStateInterface;
use Drupal\user\Entity\User;
use Drupal\user\TempStoreFactory;
use Drupal\user\PrivateTempStoreFactory;
use Symfony\Component\DependencyInjection\ContainerInterface;
/**
......@@ -23,7 +23,7 @@ class NodeForm extends ContentEntityForm {
/**
* The tempstore factory.
*
* @var \Drupal\user\TempStoreFactory
* @var \Drupal\user\PrivateTempStoreFactory
*/
protected $tempStoreFactory;
......@@ -37,10 +37,10 @@ class NodeForm extends ContentEntityForm {
*
* @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
* The entity manager.
* @param \Drupal\user\TempStoreFactory $temp_store_factory
* @param \Drupal\user\PrivateTempStoreFactory $temp_store_factory
* The factory for the temp store object.
*/
public function __construct(EntityManagerInterface $entity_manager, TempStoreFactory $temp_store_factory) {
public function __construct(EntityManagerInterface $entity_manager, PrivateTempStoreFactory $temp_store_factory) {
parent::__construct($entity_manager);
$this->tempStoreFactory = $temp_store_factory;
}
......@@ -51,7 +51,7 @@ public function __construct(EntityManagerInterface $entity_manager, TempStoreFac
public static function create(ContainerInterface $container) {
return new static(
$container->get('entity.manager'),
$container->get('user.tempstore')
$container->get('user.private_tempstore')
);
}
......@@ -426,9 +426,7 @@ public function save(array $form, FormStateInterface $form_state) {
// Remove the preview entry from the temp store, if any.
$store = $this->tempStoreFactory->get('node_preview');
if ($store->get($node->uuid())) {
$store->delete($node->uuid());
}
$store->delete($node->uuid());
}
else {
// In the unlikely case something went wrong on save, the node will be
......
......@@ -8,9 +8,9 @@
namespace Drupal\node\ParamConverter;
use Drupal\Core\Entity\EntityManagerInterface;
use Drupal\user\PrivateTempStoreFactory;
use Symfony\Component\Routing\Route;
use Drupal\Core\ParamConverter\ParamConverterInterface;
use Drupal\user\TempStoreFactory;
/**
* Provides upcasting for a node entity in preview.
......@@ -20,17 +20,17 @@ class NodePreviewConverter implements ParamConverterInterface {
/**
* Stores the tempstore factory.
*
* @var \Drupal\user\TempStoreFactory
* @var \Drupal\user\PrivateTempStoreFactory
*/
protected $tempStoreFactory;
/**
* Constructs a new NodePreviewConverter.
*
* @param \Drupal\user\TempStoreFactory $temp_store_factory
* @param \Drupal\user\PrivateTempStoreFactory $temp_store_factory
* The factory for the temp store object.
*/
public function __construct(TempStoreFactory $temp_store_factory) {
public function __construct(PrivateTempStoreFactory $temp_store_factory) {
$this->tempStoreFactory = $temp_store_factory;
}
......
......@@ -10,7 +10,7 @@
use Drupal\Core\Action\ActionBase;
use Drupal\Core\Plugin\ContainerFactoryPluginInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\user\TempStoreFactory;
use Drupal\user\PrivateTempStoreFactory;
use Symfony\Component\DependencyInjection\ContainerInterface;
/**
......@@ -28,7 +28,7 @@ class DeleteNode extends ActionBase implements ContainerFactoryPluginInterface {
/**
* The tempstore object.
*
* @var \Drupal\user\TempStore
* @var \Drupal\user\SharedTempStore
*/
protected $tempStore;
......@@ -48,12 +48,12 @@ class DeleteNode extends ActionBase implements ContainerFactoryPluginInterface {
* The plugin ID for the plugin instance.
* @param mixed $plugin_definition
* The plugin implementation definition.
* @param \Drupal\user\TempStoreFactory $temp_store_factory
* @param \Drupal\user\PrivateTempStoreFactory $temp_store_factory
* The tempstore factory.
* @param AccountInterface $current_user
* Current user.
*/
public function __construct(array $configuration, $plugin_id, $plugin_definition, TempStoreFactory $temp_store_factory, AccountInterface $current_user) {
public function __construct(array $configuration, $plugin_id, $plugin_definition, PrivateTempStoreFactory $temp_store_factory, AccountInterface $current_user) {
$this->currentUser = $current_user;
$this->tempStore = $temp_store_factory->get('node_multiple_delete_confirm');
......@@ -68,7 +68,7 @@ public static function create(ContainerInterface $container, array $configuratio
$configuration,
$plugin_id,
$plugin_definition,
$container->get('user.tempstore'),
$container->get('user.private_tempstore'),
$container->get('current_user')
);
}
......
......@@ -257,4 +257,26 @@ function testPagePreviewWithRevisions() {
$this->assertFieldByName('revision_log[0][value]', $edit['revision_log[0][value]'], 'Revision log field displayed.');
}
/**
* Checks the node preview accessible for simultaneous node editing.
*/
public function testSimultaneousPreview() {
$title_key = 'title[0][value]';
$node = $this->drupalCreateNode(array());
$edit = array($title_key => 'New page title');
$this->drupalPostForm('node/' . $node->id() . '/edit', $edit, t('Preview'));
$this->assertText($edit[$title_key]);
$user2 = $this->drupalCreateUser(array('edit any page content'));
$this->drupalLogin($user2);
$this->drupalGet('node/' . $node->id() . '/edit');
$this->assertFieldByName($title_key, $node->label(), 'No title leaked from previous user.');
$edit2 = array($title_key => 'Another page title');
$this->drupalPostForm('node/' . $node->id() . '/edit', $edit2, t('Preview'));
$this->assertUrl(\Drupal::url('entity.node.preview', ['node_preview' => $node->uuid(), 'view_mode_id' => 'default'], ['absolute' => TRUE]));
$this->assertText($edit2[$title_key]);
}
}
......@@ -95,12 +95,13 @@
fieldID: fieldModel.get('fieldID'),
$el: this.$el,
nocssjs: false,
// Reset an existing entry for this entity in the TempStore (if any) when
// loading the field. Logically speaking, this should happen in a separate
// request because this is an entity-level operation, not a field-level
// operation. But that would require an additional request, that might not
// even be necessary: it is only when a user loads a first changed field
// for an entity that this needs to happen: precisely now!
// Reset an existing entry for this entity in the PrivateTempStore (if
// any) when loading the field. Logically speaking, this should happen
// in a separate request because this is an entity-level operation, not
// a field-level operation. But that would require an additional
// request, that might not even be necessary: it is only when a user
// loads a first changed field for an entity that this needs to happen:
// precisely now!
reset: !fieldModel.get('entity').get('inTempStore')
};
Drupal.quickedit.util.form.load(formOptions, function (form, ajax) {
......
......@@ -33,22 +33,24 @@
// Indicates whether this instance of this entity is currently being
// edited in-place.
isActive: false,
// Whether one or more fields have already been stored in TempStore.
// Whether one or more fields have already been stored in
// PrivateTempStore.
inTempStore: false,
// Whether one or more fields have already been stored in TempStore *or*
// the field that's currently being edited is in the 'changed' or a later
// state. In other words, this boolean indicates whether a "Save" button is
// necessary or not.
// Whether one or more fields have already been stored in PrivateTempStore
// *or* the field that's currently being edited is in the 'changed' or a
// later state. In other words, this boolean indicates whether a "Save"
// button is necessary or not.
isDirty: false,
// Whether the request to the server has been made to commit this entity.
// Used to prevent multiple such requests.
isCommitting: false,
// The current processing state of an entity.
state: 'closed',
// The IDs of the fields whose new values have been stored in TempStore. We
// must store this on the EntityModel as well (even though it already is on
// the FieldModel) because when a field is rerendered, its FieldModel is
// destroyed and this allows us to transition it back to the proper state.
// The IDs of the fields whose new values have been stored in
// PrivateTempStore. We must store this on the EntityModel as well (even
// though it already is on the FieldModel) because when a field is
// rerendered, its FieldModel is destroyed and this allows us to
// transition it back to the proper state.
fieldsInTempStore: [],
// A flag the tells the application that this EntityModel must be reloaded
// in order to restore the original values to its fields in the client.
......@@ -118,7 +120,7 @@
fieldModel.set('state', 'candidate');
});
// For fields that are in a changed state, field values must first be
// stored in TempStore.
// stored in PrivateTempStore.
fields.chain()
.filter(function (fieldModel) {
return _.intersection([fieldModel.get('state')], Drupal.quickedit.app.changedFieldStates).length;
......@@ -205,16 +207,17 @@
var previous = fieldModel.previous('state');
var fieldsInTempStore = entityModel.get('fieldsInTempStore');
// If the fieldModel changed to the 'saved' state: remember that this
// field was saved to TempStore.
// field was saved to PrivateTempStore.
if (current === 'saved') {
// Mark the entity as saved in TempStore, so that we can pass the
// proper "reset TempStore" boolean value when communicating with the
// server.
// Mark the entity as saved in PrivateTempStore, so that we can pass the
// proper "reset PrivateTempStore" boolean value when communicating with
// the server.
entityModel.set('inTempStore', true);
// Mark the field as saved in TempStore, so that visual indicators
// signifying just that may be rendered.
// Mark the field as saved in PrivateTempStore, so that visual
// indicators signifying just that may be rendered.
fieldModel.set('inTempStore', true);
// Remember that this field is in TempStore, restore when rerendered.
// Remember that this field is in PrivateTempStore, restore when
// rerendered.
fieldsInTempStore.push(fieldModel.get('fieldID'));
fieldsInTempStore = _.uniq(fieldsInTempStore);
entityModel.set('fieldsInTempStore', fieldsInTempStore);
......@@ -271,11 +274,11 @@
// Set the isDirty attribute when appropriate so that it is known when
// to display the "Save" button in the entity toolbar.
// Note that once a field has been changed, there's no way to discard
// that change, hence it will have to be saved into TempStore, or the
// in-place editing of this field will have to be stopped completely.
// In other words: once any field enters the 'changed' field, then for
// the remainder of the in-place editing session, the entity is by
// definition dirty.
// that change, hence it will have to be saved into PrivateTempStore,
// or the in-place editing of this field will have to be stopped
// completely. In other words: once any field enters the 'changed'
// field, then for the remainder of the in-place editing session, the
// entity is by definition dirty.
if (fieldState === 'changed') {
entityModel.set('isDirty', true);
}
......@@ -380,9 +383,9 @@
entitySaverAjax.commands.quickeditEntitySaved = function (ajax, response, status) {
// Clean up.
$(ajax.element).off('quickedit-save.quickedit');
// All fields have been moved from TempStore to permanent storage, update
// the "inTempStore" attribute on FieldModels, on the EntityModel and
// clear EntityModel's "fieldInTempStore" attribute.
// All fields have been moved from PrivateTempStore to permanent
// storage, update the "inTempStore" attribute on FieldModels, on the
// EntityModel and clear EntityModel's "fieldInTempStore" attribute.
entityModel.get('fields').each(function (fieldModel) {
fieldModel.set('inTempStore', false);
});
......@@ -566,13 +569,14 @@
// User has clicked the 'Save' button (and has thus changed at least one
// field).
// - Trigger: user.
// - Guarantees: see 'opened', plus: either a changed field is in TempStore,
// or the user has just modified a field without activating (switching to)
// another field.
// - Expected behavior: 1) if any of the fields are not yet in TempStore,
// save them to TempStore, 2) if then any of the fields has the 'invalid'
// state, then change the entity state back to 'opened', otherwise: save
// the entity by committing it from TempStore into permanent storage.
// - Guarantees: see 'opened', plus: either a changed field is in
// PrivateTempStore, or the user has just modified a field without
// activating (switching to) another field.
// - Expected behavior: 1) if any of the fields are not yet in
// PrivateTempStore, save them to PrivateTempStore, 2) if then any of
// the fields has the 'invalid' state, then change the entity state back
// to 'opened', otherwise: save the entity by committing it from
// PrivateTempStore into permanent storage.
'committing',
// User has clicked the 'Close' button, or has clicked the 'Save' button and
// that was successfully completed.
......
......@@ -210,14 +210,15 @@
// - Guarantees: see 'candidate', plus in-place editor is ready for use.
// - Expected behavior: visual indicator of change.
'changed',
// User is saving changed field data in in-place editor to TempStore. The
// save mechanism of the in-place editor is called.
// User is saving changed field data in in-place editor to
// PrivateTempStore. The save mechanism of the in-place editor is called.
// - Trigger: user.
// - Guarantees: see 'candidate' and 'active'.
// - Expected behavior: saving indicator, in-place editor is saving field
// data into TempStore. Upon successful saving (without validation
// errors), the in-place editor transitions the field's state to 'saved',
// but to 'invalid' upon failed saving (with validation errors).
// data into PrivateTempStore. Upon successful saving (without
// validation errors), the in-place editor transitions the field's state
// to 'saved', but to 'invalid' upon failed saving (with validation
// errors).
'saving',
// In-place editor has successfully saved the changed field.
// - Trigger: in-place editor.
......
......@@ -82,7 +82,7 @@
* - Boolean nocssjs: (required) boolean indicating whether no CSS and JS
* should be returned (necessary when the form is invisible to the user).
* - Boolean reset: (required) boolean indicating whether the data stored
* for this field's entity in TempStore should be used or reset.
* for this field's entity in PrivateTempStore should be used or reset.
* @param Function callback
* A callback function that will receive the form to be inserted, as well as
* the ajax object, necessary if the callback wants to perform other AJAX
......
......@@ -12,10 +12,10 @@
// Indicates whether the page should be reloaded after in-place editing has
// shut down. A page reload is necessary to re-instate the original HTML of the
// edited fields if in-place editing has been canceled and one or more of the
// entity's fields were saved to TempStore: one of them may have been changed to
// the empty value and hence may have been rerendered as the empty string, which
// makes it impossible for Quick Edit to know where to restore the original
// HTML.
// entity's fields were saved to PrivateTempStore: one of them may have been
// changed to the empty value and hence may have been rerendered as the empty
// string, which makes it impossible for Quick Edit to know where to restore
// the original HTML.
var reload = false;
Drupal.quickedit.AppView = Backbone.View.extend({
......
......@@ -197,12 +197,13 @@
$el: this.$el,
nocssjs: true,
other_view_modes: fieldModel.findOtherViewModes(),
// Reset an existing entry for this entity in the TempStore (if any) when
// saving the field. Logically speaking, this should happen in a separate
// request because this is an entity-level operation, not a field-level
// operation. But that would require an additional request, that might not
// even be necessary: it is only when a user saves a first changed field
// for an entity that this needs to happen: precisely now!
// Reset an existing entry for this entity in the PrivateTempStore (if
// any) when saving the field. Logically speaking, this should happen in
// a separate request because this is an entity-level operation, not a
// field-level operation. But that would require an additional request,
// that might not even be necessary: it is only when a user saves a
// first changed field for an entity that this needs to happen:
// precisely now!
reset: !this.fieldModel.get('entity').get('inTempStore')
};
......
......@@ -99,7 +99,8 @@
/**
* Adds a class to the edited element that indicates whether the field has
* been changed by the user (i.e. locally) or the field has already been
* changed and stored before by the user (i.e. remotely, stored in TempStore).
* changed and stored before by the user (i.e. remotely, stored in
* PrivateTempStore).
*/
renderChanged: function () {
this.$el.toggleClass('quickedit-changed', this.model.get('isChanged') || this.model.get('inTempStore'));
......
......@@ -8,8 +8,8 @@
namespace Drupal\quickedit\Ajax;
/**
* AJAX command to indicate the entity was loaded from TempStore and saved into
* the database.
* AJAX command to indicate the entity was loaded from PrivateTempStore and
* saved into the database.
*/
class EntitySavedCommand extends BaseCommand {
......
......@@ -8,8 +8,9 @@
namespace Drupal\quickedit\Ajax;
/**
* AJAX command to indicate a field was saved into TempStore without validation
* errors and pass the rerendered field to Quick Edit's JavaScript app.
* AJAX command to indicate a field was saved into PrivateTempStore without
* validation errors and pass the rerendered field to Quick Edit's JavaScript
* app.
*/
class FieldFormSavedCommand extends BaseCommand {
......
......@@ -16,7 +16,7 @@
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Render\Element;
use Drupal\Core\Entity\Entity\EntityFormDisplay;
use Drupal\user\TempStoreFactory;
use Drupal\user\PrivateTempStoreFactory;
use Symfony\Component\DependencyInjection\ContainerInterface;
/**
......@@ -27,7 +27,7 @@ class QuickEditFieldForm extends FormBase {
/**
* Stores the tempstore factory.
*
* @var \Drupal\user\TempStoreFactory
* @var \Drupal\user\PrivateTempStoreFactory
*/
protected $tempStoreFactory;
......@@ -48,14 +48,14 @@ class QuickEditFieldForm extends FormBase {
/**
* Constructs a new EditFieldForm.
*
* @param \Drupal\user\TempStoreFactory $temp_store_factory
* @param \Drupal\user\PrivateTempStoreFactory $temp_store_factory
* The tempstore factory.
* @param \Drupal\Core\Extension\ModuleHandlerInterface $module_handler
* The module handler.
* @param \Drupal\Core\Entity\EntityStorageInterface $node_type_storage
* The node type storage.
*/
public function __construct(TempStoreFactory $temp_store_factory, ModuleHandlerInterface $module_handler, EntityStorageInterface $node_type_storage) {
public function __construct(PrivateTempStoreFactory $temp_store_factory, ModuleHandlerInterface $module_handler, EntityStorageInterface $node_type_storage) {
$this->moduleHandler = $module_handler;
$this->nodeTypeStorage = $node_type_storage;
$this->tempStoreFactory = $temp_store_factory;
......@@ -66,7 +66,7 @@ public function __construct(TempStoreFactory $temp_store_factory, ModuleHandlerI
*/
public static function create(ContainerInterface $container) {
return new static(
$container->get('user.tempstore'),
$container->get('user.private_tempstore'),
$container->get('module_handler'),
$container->get('entity.manager')->getStorage('node_type')
);
......
......@@ -9,6 +9,7 @@
use Drupal\Core\Controller\ControllerBase;
use Drupal\Core\Form\FormState;
use Drupal\user\PrivateTempStoreFactory;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
......@@ -19,7 +20,6 @@
use Drupal\quickedit\Ajax\FieldFormSavedCommand;
use Drupal\quickedit\Ajax\FieldFormValidationErrorsCommand;
use Drupal\quickedit\Ajax\EntitySavedCommand;
use Drupal\user\TempStoreFactory;
/**
* Returns responses for Quick Edit module routes.
......@@ -27,9 +27,9 @@
class QuickEditController extends ControllerBase {
/**
* The TempStore factory.
* The PrivateTempStore factory.
*
* @var \Drupal\user\TempStoreFactory
* @var \Drupal\user\PrivateTempStoreFactory
*/
protected $tempStoreFactory;
......@@ -50,14 +50,14 @@ class QuickEditController extends ControllerBase {
/**
* Constructs a new QuickEditController.
*
* @param \Drupal\user\TempStoreFactory $temp_store_factory
* The TempStore factory.
* @param \Drupal\user\PrivateTempStoreFactory $temp_store_factory
* The PrivateTempStore factory.
* @param \Drupal\quickedit\MetadataGeneratorInterface $metadata_generator
* The in-place editing metadata generator.
* @param \Drupal\quickedit\EditorSelectorInterface $editor_selector
* The in-place editor selector.
*/
public function __construct(TempStoreFactory $temp_store_factory, MetadataGeneratorInterface $metadata_generator, EditorSelectorInterface $editor_selector) {
public function __construct(PrivateTempStoreFactory $temp_store_factory, MetadataGeneratorInterface $metadata_generator, EditorSelectorInterface $editor_selector) {
$this->tempStoreFactory = $temp_store_factory;
$this->metadataGenerator = $metadata_generator;
$this->editorSelector = $editor_selector;
......@@ -68,7 +68,7 @@ public function __construct(TempStoreFactory $temp_store_factory, MetadataGenera
*/
public static function create(ContainerInterface $container) {
return new static(
$container->get('user.tempstore'),
$container->get('user.private_tempstore'),
$container->get('quickedit.metadata.generator'),
$container->get('quickedit.editor.selector')
);
......@@ -167,8 +167,8 @@ public function attachments(Request $request) {
public function fieldForm(EntityInterface $entity, $field_name, $langcode, $view_mode_id, Request $request) {
$response = new AjaxResponse();
// Replace entity with TempStore copy if available and not resetting, init
// TempStore copy otherwise.
// Replace entity with PrivateTempStore copy if available and not resetting,
// init PrivateTempStore copy otherwise.
$tempstore_entity = $this->tempStoreFactory->get('quickedit')->get($entity->uuid());
if ($tempstore_entity && $request->request->get('reset') !== 'true') {
$entity = $tempstore_entity;
......@@ -184,8 +184,8 @@ public function fieldForm(EntityInterface $entity, $field_name, $langcode, $view
$form = $this->formBuilder()->buildForm('Drupal\quickedit\Form\QuickEditFieldForm', $form_state);
if ($form_state->isExecuted()) {
// The form submission saved the entity in TempStore. Return the
// updated view of the field from the TempStore copy.
// The form submission saved the entity in PrivateTempStore. Return the
// updated view of the field from the PrivateTempStore copy.
$entity = $this->tempStoreFactory->get('quickedit')->get($entity->uuid());
// Closure to render the field given a view mode.
......@@ -267,7 +267,7 @@ protected function renderField(EntityInterface $entity, $field_name, $langcode,
}
/**
* Saves an entity into the database, from TempStore.
* Saves an entity into the database, from PrivateTempStore.
*
* @param \Drupal\Core\Entity\EntityInterface $entity
* The entity being edited.
......@@ -276,8 +276,8 @@ protected function renderField(EntityInterface $entity, $field_name, $langcode,
* The Ajax response.
*/
public function entitySave(EntityInterface $entity) {
// Take the entity from TempStore and save in entity storage. fieldForm()
// ensures that the TempStore copy exists ahead.
// Take the entity from PrivateTempStore and save in entity storage.
// fieldForm() ensures that the PrivateTempStore copy exists ahead.
$tempstore = $this->tempStoreFactory->get('quickedit');
$tempstore->get($entity->uuid())->save();
$tempstore->delete($entity->uuid());
......
......@@ -170,7 +170,8 @@ public function testAutocompleteQuickEdit() {
$this->assertText('new term');
$this->assertNoLink('new term');
// Load the form again, which should now get it back from TempStore.
// Load the form again, which should now get it back from
// PrivateTempStore.
$quickedit_uri = 'quickedit/form/node/'. $this->node->id() . '/' . $this->fieldName . '/' . $this->node->language()->getId() . '/full';
$post = array('nocssjs' => 'true') + $this->getAjaxPageStatePostData();
$response = $this->drupalPost($quickedit_uri, 'application/vnd.drupal-ajax', $post);
......
......@@ -214,7 +214,7 @@ public function testUserWithPermission() {
$post += $edit + $this->getAjaxPageStatePostData();
// Submit field form and check response. This should store the updated
// entity in TempStore on the server.
// entity in PrivateTempStore on the server.
$response = $this->drupalPost('quickedit/form/' . 'node/1/body/en/full', 'application/vnd.drupal-ajax', $post);
$this->assertResponse(200);
$ajax_commands = Json::decode($response);
......@@ -227,7 +227,7 @@ public function testUserWithPermission() {
$this->drupalGet('node/1');
$this->assertText('How are you?');
// Save the entity by moving the TempStore values to entity storage.
// Save the entity by moving the PrivateTempStore values to entity storage.
$post = array('nocssjs' => 'true');
$response = $this->drupalPost('quickedit/entity/' . 'node/1', 'application/json', $post);
$this->assertResponse(200);
......@@ -249,7 +249,7 @@ public function testUserWithPermission() {
// Now configure this node type to create new revisions automatically,
// then again retrieve the field form, fill it, submit it (so it ends up
// in TempStore) and then save the entity. Now there should be two
// in PrivateTempStore) and then save the entity. Now there should be two
// revisions.
$node_type = entity_load('node_type', 'article');
$node_type->setNewRevision(TRUE);
......@@ -359,7 +359,7 @@ public function testTitleBaseField() {
$post += $edit + $this->getAjaxPageStatePostData();
// Submit field form and check response. This should store the
// updated entity in TempStore on the server.
// updated entity in PrivateTempStore on the server.
$response = $this->drupalPost('quickedit/form/' . 'node/1/title/en/full', 'application/vnd.drupal-ajax', $post);
$this->assertResponse(200);
$ajax_commands = Json::decode($response);
......@@ -371,7 +371,7 @@ public function testTitleBaseField() {
$this->drupalGet('node/1');
$this->assertNoText('Obligatory question');
// Save the entity by moving the TempStore values to entity storage.
// Save the entity by moving the PrivateTempStore values to entity storage.
$post = array('nocssjs' => 'true');
$response = $this->drupalPost('quickedit/entity/' . 'node/1', 'application/json', $post);
$this->assertResponse(200);
......
......@@ -12,7 +12,7 @@
use Drupal\Core\Form\ConfirmFormBase;
use Drupal\Core\Form\FormStateInterface;
use Drupal\Core\Url;
use Drupal\user\TempStoreFactory;
use Drupal\user\PrivateTempStoreFactory;
use Drupal\user\UserStorageInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
......@@ -24,7 +24,7 @@ class UserMultipleCancelConfirm extends ConfirmFormBase {
/**
* The temp store factory.
*
* @var \Drupal\user\TempStoreFactory
* @var \Drupal\user\PrivateTempStoreFactory
*/
protected $tempStoreFactory;
......@@ -45,14 +45,14 @@ class UserMultipleCancelConfirm extends ConfirmFormBase {
/**
* Constructs a new UserMultipleCancelConfirm.
*
* @param \Drupal\user\TempStoreFactory $temp_store_factory
* @param \Drupal\user\PrivateTempStoreFactory $temp_store_factory
* The temp store factory.
* @param \Drupal\user\UserStorageInterface $user_storage
* The user storage.
* @param \Drupal\Core\Entity\EntityManagerInterface $entity_manager
* The entity manager.
*/
public function __construct(TempStoreFactory $temp_store_factory, UserStorageInterface $user_storage, EntityManagerInterface $entity_manager) {
public function __construct(PrivateTempStoreFactory $temp_store_factory, UserStorageInterface $user_storage, EntityManagerInterface $entity_manager) {
$this->tempStoreFactory = $temp_store_factory;
$this->userStorage = $user_storage;
$this->entityManager = $entity_manager;
......@@ -63,7 +63,7 @@ public function __construct(TempStoreFactory $temp_store_factory, UserStorageInt
*/
public static function create(ContainerInterface $container) {
return new static(
$container->get('user.tempstore'),
$container->get('user.private_tempstore'),
$container->get('entity.manager')->getStorage('user'),
$container->get('entity.manager')
);
......
......@@ -10,7 +10,7 @@
use Drupal\Core\Action\ActionBase;
use Drupal\Core\Plugin\ContainerFactoryPluginInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\user\TempStoreFactory;
use Drupal\user\PrivateTempStoreFactory;
use Symfony\Component\DependencyInjection\ContainerInterface;
/**
......@@ -28,7 +28,7 @@ class CancelUser extends ActionBase implements ContainerFactoryPluginInterface {
/**
* The tempstore factory.
*
* @var \Drupal\user\TempStoreFactory
* @var \Drupal\user\PrivateTempStoreFactory
*/
protected $tempStoreFactory;
......@@ -48,12 +48,12 @@ class CancelUser extends ActionBase implements ContainerFactoryPluginInterface {
* The plugin ID for the plugin instance.
* @param mixed $plugin_definition
* The plugin implementation definition.
* @param \Drupal\user\TempStoreFactory $temp_store_factory
* @param \Drupal\user\PrivateTempStoreFactory $temp_store_factory