Resolve #3480110 "Disallow the programmatic"

Closes #3480110

src/Entity/GroupMembershipTrait.php

@@ -4,14 +4,34 @@ namespace Drupal\group\Entity;
 
 use Drupal\Core\Cache\CacheBackendInterface;
 use Drupal\Core\Cache\CacheableMetadata;
+use Drupal\Core\Entity\EntityMalformedException;
+use Drupal\Core\Entity\EntityStorageInterface;
 use Drupal\Core\Session\AccountInterface;
 use Drupal\group\Entity\Storage\GroupRoleStorageInterface;
+use Drupal\group\Plugin\Validation\Constraint\GroupMembershipRoles;
 
 /**
  * Functionality trait for a group_membership bundle class.
  */
 trait GroupMembershipTrait {
 
+  /**
+   * {@inheritdoc}
+   */
+  public function preSave(EntityStorageInterface $storage) {
+    parent::preSave($storage);
+
+    // @todo 4.x.x Validate all constraints in parent preSave()?.
+    $violations = $this->validate();
+    foreach ($violations as $violation) {
+      // To not break BC we only throw exceptions for our constraint.
+      if (!$violation->getConstraint() instanceof GroupMembershipRoles) {
+        continue;
+      }
+      throw new EntityMalformedException($violation->getMessage());
+    }
+  }
+
   /**
    * {@inheritdoc}
    */
@@ -32,16 +52,6 @@ trait GroupMembershipTrait {
       }
     }
 
-    // @todo Add the below two checks to a preSave() hook.
-    $storage = \Drupal::entityTypeManager()->getStorage('group_role');
-    if (!$group_role = $storage->load($role_id)) {
-      throw new \InvalidArgumentException(sprintf('Could not add role with ID %s, role does not exist.', $role_id));
-    }
-    assert($group_role instanceof GroupRoleInterface);
-    if ($group_role->getGroupTypeId() !== $this->getGroupTypeId()) {
-      throw new \InvalidArgumentException(sprintf('Could not add role with ID %s, role belongs to a different group type.', $role_id));
-    }
-
     $this->group_roles[] = $role_id;
     $this->save();
   }