Commit 08f7324f authored by Gábor Hojtsy's avatar Gábor Hojtsy
Browse files

Issue #3223068 by Gábor Hojtsy, benjifisher: Check for invalid permissions,...

Issue #3223068 by Gábor Hojtsy, benjifisher: Check for invalid permissions, will throw runtime exceptions in Drupal 10
parent 7b6ad12a
......@@ -19,6 +19,7 @@ use Drupal\upgrade_status\DeprecationAnalyzer;
use Drupal\upgrade_status\ProjectCollector;
use Drupal\upgrade_status\ScanResultFormatter;
use Drupal\upgrade_status\Util\CorrectDbServerVersion;
use Drupal\user\Entity\Role;
use GuzzleHttp\Cookie\CookieJar;
use GuzzleHttp\Cookie\SetCookie;
use Symfony\Component\DependencyInjection\ContainerInterface;
......@@ -717,6 +718,35 @@ MARKUP
]
];
// Check user roles on the site for invalid permissions.
$class = 'no-known-error';
$requirement = [$this->t('None found.')];
$user_roles = Role::loadMultiple();
$all_permissions = array_keys(\Drupal::service('user.permissions')->getPermissions());
foreach ($user_roles as $role) {
$role_permissions = $role->getPermissions();
$valid_role_permissions = array_intersect($role_permissions, $all_permissions);
$invalid_role_permissions = array_diff($role_permissions, $valid_role_permissions);
if (!empty($invalid_role_permissions)) {
$class = 'known-error';
$status = FALSE;
$requirement = [$this->t('"@permissions" of user role: "@role".', ['@permissions' => implode('", "', $invalid_role_permissions), '@role' => $role->label()])];
}
}
$build['data']['#rows'][] = [
'class' => [$class],
'data' => [
'requirement' => [
'class' => 'requirement-label',
'data' => $this->t('Invalid permissions will trigger runtime exceptions in Drupal 10. Permissions should be defined in a permissions.yml file or a permission callback. See https://www.drupal.org/node/3193348'),
],
'status' => [
'data' => join(' ', $requirement),
'class' => 'status-info',
],
]
];
// Save the overall status indicator in the build array. It will be
// popped off later to be used in the summary table.
$build['status'] = $status;
......
......@@ -3,6 +3,7 @@
namespace Drupal\Tests\upgrade_status\Functional;
use Drupal\Core\Url;
use Drupal\user\Entity\Role;
/**
* Tests the UI before and after running scans.
......@@ -114,4 +115,18 @@ class UpgradeStatusUiTest extends UpgradeStatusTestBase {
$this->assertText('Syntax error, unexpected T_STRING on line 3');
}
}
/**
* Test the user interface for role checking.
*/
public function testRoleChecking() {
if ($this->getDrupalCoreMajorVersion() == 9) {
$authenticated = Role::load('authenticated');
$authenticated->grantPermission('upgrade status invalid permission test');
$authenticated->save();
$this->drupalGet(Url::fromRoute('upgrade_status.report'));
$this->assertSession()->pageTextContains('"upgrade status invalid permission test" of user role: "Authenticated user".');
}
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment