Skip to content
Snippets Groups Projects
Commit 224f0d73 authored by Domen Šlogar's avatar Domen Šlogar Committed by Sascha Grossenbacher
Browse files

Issue #3265236 by slogar32: Relying on entity queries to check access by... 

Issue #3265236 by slogar32: Relying on entity queries to check access by default is deprecated in drupal:9.2.0 and an error will be thrown from drupal:10.0.0
parent 7a2375d3
Branches
Tags
1 merge request!18Issue #3265236: Relying on entity queries to check access by default is deprecated in drupal:9.2.0 and an error will be thrown from drupal:10.0.0.
Hide whitespace changes
Inline Side-by-side
src/FlagService.php
+ 9
6
View file @ 224f0d73
...@@ -69,7 +69,7 @@ class FlagService implements FlagServiceInterface { ...@@ -69,7 +69,7 @@ class FlagService implements FlagServiceInterface {
*/ */
public function getAllFlags($entity_type = NULL, $bundle = NULL) { public function getAllFlags($entity_type = NULL, $bundle = NULL) {
$query = $this->entityTypeManager->getStorage('flag')->getQuery(); $query = $this->entityTypeManager->getStorage('flag')->getQuery();
$query->accessCheck();
if ($entity_type != NULL) { if ($entity_type != NULL) {
$query->condition('entity_type', $entity_type); $query->condition('entity_type', $entity_type);
} }
...@@ -178,7 +178,7 @@ class FlagService implements FlagServiceInterface { ...@@ -178,7 +178,7 @@ class FlagService implements FlagServiceInterface {
*/ */
public function getEntityFlaggings(FlagInterface $flag, EntityInterface $entity, AccountInterface $account = NULL, $session_id = NULL) { public function getEntityFlaggings(FlagInterface $flag, EntityInterface $entity, AccountInterface $account = NULL, $session_id = NULL) {
$query = $this->entityTypeManager->getStorage('flagging')->getQuery(); $query = $this->entityTypeManager->getStorage('flagging')->getQuery();
$query->accessCheck();
$query->condition('flag_id', $flag->id()); $query->condition('flag_id', $flag->id());
if (!is_null($account)) { if (!is_null($account)) {
...@@ -210,7 +210,7 @@ class FlagService implements FlagServiceInterface { ...@@ -210,7 +210,7 @@ class FlagService implements FlagServiceInterface {
*/ */
public function getAllEntityFlaggings(EntityInterface $entity, AccountInterface $account = NULL, $session_id = NULL) { public function getAllEntityFlaggings(EntityInterface $entity, AccountInterface $account = NULL, $session_id = NULL) {
$query = $this->entityTypeManager->getStorage('flagging')->getQuery(); $query = $this->entityTypeManager->getStorage('flagging')->getQuery();
$query->accessCheck();
if (!empty($account)) { if (!empty($account)) {
// Use an OR condition group to check that either the account flagged // Use an OR condition group to check that either the account flagged
// the entity, or the flag itself is a global flag. // the entity, or the flag itself is a global flag.
...@@ -255,7 +255,8 @@ class FlagService implements FlagServiceInterface { ...@@ -255,7 +255,8 @@ class FlagService implements FlagServiceInterface {
*/ */
public function getFlaggingUsers(EntityInterface $entity, FlagInterface $flag = NULL) { public function getFlaggingUsers(EntityInterface $entity, FlagInterface $flag = NULL) {
$query = $this->entityTypeManager->getStorage('flagging')->getQuery(); $query = $this->entityTypeManager->getStorage('flagging')->getQuery();
$query->condition('entity_type', $entity->getEntityTypeId()) $query->accessCheck()
->condition('entity_type', $entity->getEntityTypeId())
->condition('entity_id', $entity->id()); ->condition('entity_id', $entity->id());
if (!empty($flag)) { if (!empty($flag)) {
...@@ -348,7 +349,7 @@ class FlagService implements FlagServiceInterface { ...@@ -348,7 +349,7 @@ class FlagService implements FlagServiceInterface {
*/ */
public function unflagAllByFlag(FlagInterface $flag) { public function unflagAllByFlag(FlagInterface $flag) {
$query = $this->entityTypeManager->getStorage('flagging')->getQuery(); $query = $this->entityTypeManager->getStorage('flagging')->getQuery();
$query->accessCheck();
$query->condition('flag_id', $flag->id()); $query->condition('flag_id', $flag->id());
$ids = $query->execute(); $ids = $query->execute();
...@@ -364,7 +365,8 @@ class FlagService implements FlagServiceInterface { ...@@ -364,7 +365,8 @@ class FlagService implements FlagServiceInterface {
public function unflagAllByEntity(EntityInterface $entity) { public function unflagAllByEntity(EntityInterface $entity) {
$query = $this->entityTypeManager->getStorage('flagging')->getQuery(); $query = $this->entityTypeManager->getStorage('flagging')->getQuery();
$query->condition('entity_type', $entity->getEntityTypeId()) $query->accessCheck()
->condition('entity_type', $entity->getEntityTypeId())
->condition('entity_id', $entity->id()); ->condition('entity_id', $entity->id());
$ids = $query->execute(); $ids = $query->execute();
...@@ -379,6 +381,7 @@ class FlagService implements FlagServiceInterface { ...@@ -379,6 +381,7 @@ class FlagService implements FlagServiceInterface {
*/ */
public function unflagAllByUser(AccountInterface $account, $session_id = NULL) { public function unflagAllByUser(AccountInterface $account, $session_id = NULL) {
$query = $this->entityTypeManager->getStorage('flagging')->getQuery(); $query = $this->entityTypeManager->getStorage('flagging')->getQuery();
$query->accessCheck();
$query->condition('uid', $account->id()); $query->condition('uid', $account->id());
if ($account->isAnonymous()) { if ($account->isAnonymous()) {
......
tests/src/Functional/AdminUITest.php
+ 4
2
View file @ 224f0d73
...@@ -181,7 +181,8 @@ class AdminUITest extends FlagTestBase { ...@@ -181,7 +181,8 @@ class AdminUITest extends FlagTestBase {
$this->flagService->flag($this->flag, $this->node, $this->adminUser); $this->flagService->flag($this->flag, $this->node, $this->adminUser);
$query_before = $this->entityTypeManager->getStorage('flagging')->getQuery(); $query_before = $this->entityTypeManager->getStorage('flagging')->getQuery();
$query_before->condition('flag_id', $this->flag->id()) $query_before->accessCheck()
->condition('flag_id', $this->flag->id())
->condition('entity_type', 'node') ->condition('entity_type', 'node')
->condition('entity_id', $this->node->id()); ->condition('entity_id', $this->node->id());
$ids_before = $query_before->execute(); $ids_before = $query_before->execute();
...@@ -196,7 +197,8 @@ class AdminUITest extends FlagTestBase { ...@@ -196,7 +197,8 @@ class AdminUITest extends FlagTestBase {
$this->submitForm([], 'Reset'); $this->submitForm([], 'Reset');
$query_after = $this->entityTypeManager->getStorage('flagging')->getQuery(); $query_after = $this->entityTypeManager->getStorage('flagging')->getQuery();
$query_after->condition('flag_id', $this->flag->id()) $query_after->accessCheck()
->condition('flag_id', $this->flag->id())
->condition('entity_type', 'node') ->condition('entity_type', 'node')
->condition('entity_id', $this->node->id()); ->condition('entity_id', $this->node->id());
$ids_after = $query_after->execute(); $ids_after = $query_after->execute();
......
tests/src/Kernel/FlagKernelTestBase.php
+ 1
0
View file @ 224f0d73
...@@ -65,6 +65,7 @@ abstract class FlagKernelTestBase extends KernelTestBase { ...@@ -65,6 +65,7 @@ abstract class FlagKernelTestBase extends KernelTestBase {
*/ */
protected function getFlagFlaggings(FlagInterface $flag) { protected function getFlagFlaggings(FlagInterface $flag) {
$query = \Drupal::entityQuery('flagging'); $query = \Drupal::entityQuery('flagging');
$query->accessCheck();
$query->condition('flag_id', $flag->id()); $query->condition('flag_id', $flag->id());
$ids = $query->execute(); $ids = $query->execute();
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment