Commit f73e5432 authored by Crell's avatar Crell

Issue #2687789 by Crell, josephdpurcell: Latest revision gives access denied

Merge branch '2687789-latest-tab' into 8.x-1.x
parents cbcad8b9 c5e43031
......@@ -80,7 +80,7 @@ class EntityModerationRouteProvider implements EntityRouteProviderInterface, Ent
// If the entity type is a node, unpublished content will be visible
// if the user has the "view all unpublished content" permission.
->setRequirement('_entity_access', "{$entity_type_id}.view")
->setRequirement('_permission', 'view latest version')
->setRequirement('_permission', 'view latest version,view any unpublished content')
->setRequirement('_workbench_moderation_latest_version', 'TRUE')
->setOption('_workbench_moderation_entity_type', $entity_type_id)
->setOption('parameters', [
......
......@@ -39,7 +39,7 @@ abstract class ModerationStateTestBase extends WebTestBase {
'administer content types',
'administer nodes',
'view latest version',
'view own unpublished content',
'view any unpublished content',
'access content overview',
];
......
<?php
namespace Drupal\Tests\workbench_moderation\Unit;
use Drupal\block_content\Entity\BlockContent;
use Drupal\Core\Access\AccessResult;
use Drupal\Core\Access\AccessResultAllowed;
use Drupal\Core\Access\AccessResultForbidden;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Routing\RouteMatch;
use Drupal\node\Entity\Node;
use Drupal\workbench_moderation\Access\LatestRevisionCheck;
use Drupal\workbench_moderation\ModerationInformation;
use Drupal\workbench_moderation\ModerationInformationInterface;
use Symfony\Component\Routing\Route;
/**
* @coversDefaultClass \Drupal\workbench_moderation\Access\LatestRevisionCheck
* @group workbench_moderation
*/
class LatestRevisionCheckTest extends \PHPUnit_Framework_TestCase {
/**
* Test the access check of the LatestRevisionCheck service.
*
* @dataProvider accessSituationProvider
*
* @param string $entity_class
* The class of the entity to mock.
* @param string $entity_type
* The machine name of the entity to mock.
* @param bool $has_forward
* Whether this entity should have a forward revision in the system.
* @param string $result_class
* The AccessResult class that should result. One of AccessResultAllowed,
* AccessResultForbidden, AccessResultNeutral.
*/
public function testLatestAccessPermissions($entity_class, $entity_type, $has_forward, $result_class) {
/** @var EntityInterface $entity */
$entity = $this->prophesize($entity_class);
$entity->getCacheContexts()->willReturn([]);
$entity->getCacheTags()->willReturn([]);
$entity->getCacheMaxAge()->willReturn(0);
/** @var ModerationInformationInterface $mod_info */
$mod_info = $this->prophesize(ModerationInformation::class);
$mod_info->hasForwardRevision($entity->reveal())->willReturn($has_forward);
$route = $this->prophesize(Route::class);
$route->getOption('_workbench_moderation_entity_type')->willReturn($entity_type);
$route_match = $this->prophesize(RouteMatch::class);
$route_match->getParameter($entity_type)->willReturn($entity->reveal());
$lrc = new LatestRevisionCheck($mod_info->reveal());
/** @var AccessResult $result */
$result = $lrc->access($route->reveal(), $route_match->reveal());
$this->assertInstanceOf($result_class, $result);
}
/**
* Data provider for testLastAccessPermissions().
*
* @return array
*/
public function accessSituationProvider() {
return [
[Node::class, 'node', TRUE, AccessResultAllowed::class],
[Node::class, 'node', FALSE, AccessResultForbidden::class],
[BlockContent::class, 'block_content', TRUE, AccessResultAllowed::class],
[BlockContent::class, 'block_content', FALSE, AccessResultForbidden::class],
];
}
}
......@@ -18,10 +18,22 @@ use Drupal\workbench_moderation\ModerationInformation;
*/
class ModerationInformationTest extends \PHPUnit_Framework_TestCase {
/**
* Builds a mock user.
*
* @return AccountInterface
*/
protected function getUser() {
return $this->prophesize(AccountInterface::class)->reveal();
}
/**
* Returns a mock Entity Type Manager.
*
* @param \Drupal\Core\Entity\EntityStorageInterface $entity_bundle_storage
*
* @return EntityTypeManagerInterface
*/
protected function getEntityTypeManager(EntityStorageInterface $entity_bundle_storage) {
$entity_type_manager = $this->prophesize(EntityTypeManagerInterface::class);
$entity_type_manager->getStorage('entity_test_bundle')->willReturn($entity_bundle_storage);
......
......@@ -14,7 +14,7 @@ view any unpublished content:
view latest version:
title: View the latest version
description: View the latest version of an entity
description: View the latest version of an entity. (Also requires "View any unpublished content" permission)
permission_callbacks:
- \Drupal\workbench_moderation\Permissions::transitionPermissions
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment