diff --git a/core/includes/entity.api.php b/core/includes/entity.api.php index 8b97b74..a0f0642 100644 --- a/core/includes/entity.api.php +++ b/core/includes/entity.api.php @@ -629,7 +629,7 @@ function hook_entity_operation_alter(array &$operations, \Drupal\Core\Entity\Ent */ function hook_entity_field_access($operation, $field, \Drupal\Core\Session\AccountInterface $account) { if ($field->getName() == 'field_of_interest' && $operation == 'update') { - return user_access('update field of interest', $account); + return $account->hasPermission('update field of interest'); } } diff --git a/core/lib/Drupal.php b/core/lib/Drupal.php index 1fa80fc..abb66a5 100644 --- a/core/lib/Drupal.php +++ b/core/lib/Drupal.php @@ -391,4 +391,14 @@ public static function languageManager() { return static::$container->get('language_manager'); } + /** + * Returns the currently logged in account. + * + * @return \Drupal\Core\Session\AccountInterface + * The currently logged in account. + */ + public static function account() { + return static::request()->attributes->get('account'); + } + } diff --git a/core/modules/action/lib/Drupal/action/ActionAccessController.php b/core/modules/action/lib/Drupal/action/ActionAccessController.php index d94edd3..ad16f41 100644 --- a/core/modules/action/lib/Drupal/action/ActionAccessController.php +++ b/core/modules/action/lib/Drupal/action/ActionAccessController.php @@ -18,7 +18,7 @@ class ActionAccessController extends EntityAccessController { * {@inheritdoc} */ public function access(EntityInterface $entity, $operation, $langcode = Language::LANGCODE_DEFAULT, AccountInterface $account = NULL) { - return user_access('administer actions', $account); + return $account->hasPermission('administer actions'); } } diff --git a/core/modules/aggregator/lib/Drupal/aggregator/Access/CategoriesAccessCheck.php b/core/modules/aggregator/lib/Drupal/aggregator/Access/CategoriesAccessCheck.php index 2429572..f39d6a5 100644 --- a/core/modules/aggregator/lib/Drupal/aggregator/Access/CategoriesAccessCheck.php +++ b/core/modules/aggregator/lib/Drupal/aggregator/Access/CategoriesAccessCheck.php @@ -47,7 +47,7 @@ public function appliesTo() { public function access(Route $route, Request $request) { // @todo Replace user_access() with a correctly injected and session-using // alternative. - return user_access('access news feeds') && (bool) $this->database->queryRange('SELECT 1 FROM {aggregator_category}', 0, 1)->fetchField(); + return $request->attributes->get('account')->hasPermission('access news feeds') && (bool) $this->database->queryRange('SELECT 1 FROM {aggregator_category}', 0, 1)->fetchField(); } } diff --git a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php index 9990a2e..169a576 100644 --- a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php +++ b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php @@ -24,7 +24,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return TRUE; } elseif (in_array($operation, array('update', 'delete'))) { - return user_access('administer blocks', $account); + return $account->hasPermission('administer blocks'); } } @@ -32,7 +32,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer blocks', $account); + return $account->hasPermission('administer blocks'); } } diff --git a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockTypeAccessController.php b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockTypeAccessController.php index 95b74ac..150a688 100644 --- a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockTypeAccessController.php +++ b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockTypeAccessController.php @@ -24,7 +24,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return TRUE; } elseif (in_array($operation, array('update', 'delete'))) { - return user_access('administer blocks', $account); + return $account->hasPermission('administer blocks'); } } @@ -32,7 +32,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer blocks', $account); + return $account->hasPermission('administer blocks'); } } diff --git a/core/modules/block/lib/Drupal/block/BlockAccessController.php b/core/modules/block/lib/Drupal/block/BlockAccessController.php index 372e56d..6bea2ce 100644 --- a/core/modules/block/lib/Drupal/block/BlockAccessController.php +++ b/core/modules/block/lib/Drupal/block/BlockAccessController.php @@ -21,7 +21,7 @@ class BlockAccessController extends EntityAccessController { */ protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation != 'view') { - return user_access('administer blocks', $account); + return $account->hasPermission('administer blocks'); } // Deny access to disabled blocks. diff --git a/core/modules/book/book.module b/core/modules/book/book.module index e113661..4b8857c 100644 --- a/core/modules/book/book.module +++ b/core/modules/book/book.module @@ -126,7 +126,7 @@ function book_node_view_link(EntityInterface $node, $view_mode) { if (isset($node->book['depth'])) { if ($view_mode == 'full' && node_is_page($node)) { $child_type = config('book.settings')->get('child_type'); - if ((user_access('add content to books') || user_access('administer book outlines')) && node_access('create', $child_type) && $node->status == 1 && $node->book['depth'] < MENU_MAX_DEPTH) { + if (($child_type->hasPermission('add content to books') || user_access('administer book outlines')) && node_access('create') && $node->status == 1 && $node->book['depth'] < MENU_MAX_DEPTH) { $links['book_add_child'] = array( 'title' => t('Add child page'), 'href' => 'node/add/' . $child_type, @@ -224,7 +224,7 @@ function book_menu() { * The node whose export page is to be viewed. */ function book_export_access(EntityInterface $node) { - return user_access('access printer-friendly version') && node_access('view', $node); + return $node->hasPermission('access printer-friendly version') && node_access('view'); } /** @@ -240,7 +240,7 @@ function book_export_access(EntityInterface $node) { * @see book_menu() */ function _book_outline_access(EntityInterface $node) { - return user_access('administer book outlines') && node_access('view', $node); + return $node->hasPermission('administer book outlines') && node_access('view'); } /** diff --git a/core/modules/comment/lib/Drupal/comment/CommentAccessController.php b/core/modules/comment/lib/Drupal/comment/CommentAccessController.php index 98e03e1..7c30668 100644 --- a/core/modules/comment/lib/Drupal/comment/CommentAccessController.php +++ b/core/modules/comment/lib/Drupal/comment/CommentAccessController.php @@ -24,19 +24,19 @@ class CommentAccessController extends EntityAccessController { protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'view': - return user_access('access comments', $account); + return $account->hasPermission('access comments'); break; case 'update': - return ($account->id() && $account->id() == $entity->uid->value && $entity->status->value == COMMENT_PUBLISHED && user_access('edit own comments', $account)) || user_access('administer comments', $account); + return ($account->id() && $account->id() == $entity->uid->value && $entity->status->value == COMMENT_PUBLISHED && $account->hasPermission('edit own comments')) || $account->hasPermission('administer comments'); break; case 'delete': - return user_access('administer comments', $account); + return $account->hasPermission('administer comments'); break; case 'approve': - return user_access('administer comments', $account); + return $account->hasPermission('administer comments'); break; } } @@ -45,7 +45,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('post comments', $account); + return $account->hasPermission('post comments'); } } diff --git a/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php b/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php index ca6ca90..45aaecf 100644 --- a/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php +++ b/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php @@ -23,10 +23,10 @@ class CategoryAccessController extends EntityAccessController { public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation == 'delete' || $operation == 'update') { // Do not allow delete 'personal' category used for personal contact form. - return user_access('administer contact forms', $account) && $entity->id() !== 'personal'; + return $account->hasPermission('administer contact forms') && $entity->id() !== 'personal'; } else { - return user_access('administer contact forms', $account); + return $account->hasPermission('administer contact forms'); } } diff --git a/core/modules/content_translation/content_translation.module b/core/modules/content_translation/content_translation.module index a6988cf..e387deb 100644 --- a/core/modules/content_translation/content_translation.module +++ b/core/modules/content_translation/content_translation.module @@ -294,7 +294,7 @@ function content_translation_translate_access(EntityInterface $entity) { */ function content_translation_view_access(EntityInterface $entity, $langcode, AccountInterface $account = NULL) { $entity_type = $entity->entityType(); - return !empty($entity->translation[$langcode]['status']) || user_access('translate any entity', $account) || user_access("translate $entity_type entities", $account); + return !empty($entity->translation[$langcode]['status']) || $account->hasPermission('translate any entity') || $account->hasPermission("translate $entity_type entities"); } /** diff --git a/core/modules/entity/lib/Drupal/entity/EntityDisplayModeAccessController.php b/core/modules/entity/lib/Drupal/entity/EntityDisplayModeAccessController.php index 8c3e194..92e8f42 100644 --- a/core/modules/entity/lib/Drupal/entity/EntityDisplayModeAccessController.php +++ b/core/modules/entity/lib/Drupal/entity/EntityDisplayModeAccessController.php @@ -24,7 +24,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return TRUE; } elseif (in_array($operation, array('create', 'update', 'delete'))) { - return user_access('administer display modes', $account); + return $account->hasPermission('administer display modes'); } } diff --git a/core/modules/field/field.api.php b/core/modules/field/field.api.php index 312ebb5..9deadaf 100644 --- a/core/modules/field/field.api.php +++ b/core/modules/field/field.api.php @@ -1382,7 +1382,7 @@ function hook_field_storage_purge(\Drupal\Core\Entity\EntityInterface $entity, $ */ function hook_field_access($op, \Drupal\field\FieldInterface $field, $entity_type, $entity, $account) { if ($field['field_name'] == 'field_of_interest' && $op == 'edit') { - return user_access('edit field of interest', $account); + return $account->hasPermission('edit field of interest'); } return TRUE; } diff --git a/core/modules/filter/lib/Drupal/filter/FilterFormatAccessController.php b/core/modules/filter/lib/Drupal/filter/FilterFormatAccessController.php index 1242b94..9ba77f0 100644 --- a/core/modules/filter/lib/Drupal/filter/FilterFormatAccessController.php +++ b/core/modules/filter/lib/Drupal/filter/FilterFormatAccessController.php @@ -26,7 +26,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return TRUE; } - if (user_access('administer filters', $account)) { + if ($account->hasPermission('administer filters')) { return TRUE; } @@ -40,7 +40,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer filters', $account); + return $account->hasPermission('administer filters'); } } diff --git a/core/modules/menu/lib/Drupal/menu/MenuAccessController.php b/core/modules/menu/lib/Drupal/menu/MenuAccessController.php index b7128c0..48ef135 100644 --- a/core/modules/menu/lib/Drupal/menu/MenuAccessController.php +++ b/core/modules/menu/lib/Drupal/menu/MenuAccessController.php @@ -32,7 +32,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } if (in_array($operation, array('update', 'delete'))) { - return user_access('administer menu', $account); + return $account->hasPermission('administer menu'); } } @@ -40,7 +40,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer menu', $account); + return $account->hasPermission('administer menu'); } } diff --git a/core/modules/node/lib/Drupal/node/Access/NodeRevisionAccessCheck.php b/core/modules/node/lib/Drupal/node/Access/NodeRevisionAccessCheck.php index aca491d..430c8cb 100644 --- a/core/modules/node/lib/Drupal/node/Access/NodeRevisionAccessCheck.php +++ b/core/modules/node/lib/Drupal/node/Access/NodeRevisionAccessCheck.php @@ -130,7 +130,7 @@ public function checkAccess(NodeInterface $node, $op = 'view', AccountInterface if (!isset($this->access[$cid])) { // Perform basic permission checks first. - if (!user_access($map[$op], $account) && !user_access($type_map[$op], $account) && !user_access('administer nodes', $account)) { + if (!user_access($map[$op], $account) && !user_access($type_map[$op], $account) && !$account->hasPermission('administer nodes')) { return $this->access[$cid] = FALSE; } @@ -142,7 +142,7 @@ public function checkAccess(NodeInterface $node, $op = 'view', AccountInterface if ($node->isDefaultRevision() && ($this->connection->query('SELECT COUNT(*) FROM {node_field_revision} WHERE nid = :nid AND default_langcode = 1', array(':nid' => $node->id()))->fetchField() == 1 || $op == 'update' || $op == 'delete')) { $this->access[$cid] = FALSE; } - elseif (user_access('administer nodes', $account)) { + elseif ($account->hasPermission('administer nodes')) { $this->access[$cid] = TRUE; } else { diff --git a/core/modules/node/lib/Drupal/node/NodeAccessController.php b/core/modules/node/lib/Drupal/node/NodeAccessController.php index 2556d76..afa9f3b 100644 --- a/core/modules/node/lib/Drupal/node/NodeAccessController.php +++ b/core/modules/node/lib/Drupal/node/NodeAccessController.php @@ -70,10 +70,10 @@ public static function createInstance(ContainerInterface $container, $entity_typ * {@inheritdoc} */ public function access(EntityInterface $entity, $operation, $langcode = Language::LANGCODE_DEFAULT, AccountInterface $account = NULL) { - if (user_access('bypass node access', $account)) { + if ($account->hasPermission('bypass node access')) { return TRUE; } - if (!user_access('access content', $account)) { + if (!$account->hasPermission('access content')) { return FALSE; } return parent::access($entity, $operation, $langcode, $account); @@ -85,10 +85,10 @@ public function access(EntityInterface $entity, $operation, $langcode = Language public function createAccess($entity_bundle = NULL, AccountInterface $account = NULL, array $context = array()) { $account = $this->prepareUser($account); - if (user_access('bypass node access', $account)) { + if ($account->hasPermission('bypass node access')) { return TRUE; } - if (!user_access('access content', $account)) { + if (!$account->hasPermission('access content')) { return FALSE; } @@ -109,7 +109,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc } // Check if authors can view their own unpublished nodes. - if ($operation === 'view' && !$status && user_access('view own unpublished content', $account)) { + if ($operation === 'view' && !$status && $account->hasPermission('view own unpublished content')) { if ($account->id() != 0 && $account->id() == $uid) { return TRUE; @@ -135,7 +135,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { $configured_types = node_permissions_get_configured_types(); if (isset($configured_types[$entity_bundle])) { - return user_access('create ' . $entity_bundle . ' content', $account); + return $account->hasPermission('create ' . $entity_bundle . ' content'); } } diff --git a/core/modules/node/lib/Drupal/node/NodeTypeAccessController.php b/core/modules/node/lib/Drupal/node/NodeTypeAccessController.php index 55238a6..b07c113 100644 --- a/core/modules/node/lib/Drupal/node/NodeTypeAccessController.php +++ b/core/modules/node/lib/Drupal/node/NodeTypeAccessController.php @@ -25,14 +25,14 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A if ($operation == 'delete' && $entity->isLocked()) { return FALSE; } - return user_access('administer content types', $account); + return $account->hasPermission('administer content types'); } /** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer content types', $account); + return $account->hasPermission('administer content types'); } } diff --git a/core/modules/node/node.api.php b/core/modules/node/node.api.php index 5e57dda..b09dbde 100644 --- a/core/modules/node/node.api.php +++ b/core/modules/node/node.api.php @@ -184,7 +184,7 @@ * @ingroup node_access */ function hook_node_grants($account, $op) { - if (user_access('access private content', $account)) { + if ($account->hasPermission('access private content')) { $grants['example'] = array(1); } $grants['example_owner'] = array($account->id()); @@ -572,18 +572,18 @@ function hook_node_access($node, $op, $account, $langcode) { $configured_types = node_permissions_get_configured_types(); if (isset($configured_types[$type])) { - if ($op == 'create' && user_access('create ' . $type . ' content', $account)) { + if ($op == 'create' && $account->hasPermission('create ' . $type . ' content')) { return NODE_ACCESS_ALLOW; } if ($op == 'update') { - if (user_access('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content', $account) && ($account->id() == $node->uid))) { + if ($account->hasPermission('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content') && ($account->id() == $node->uid))) { return NODE_ACCESS_ALLOW; } } if ($op == 'delete') { - if (user_access('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content', $account) && ($account->id() == $node->uid))) { + if ($account->hasPermission('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content') && ($account->id() == $node->uid))) { return NODE_ACCESS_ALLOW; } } diff --git a/core/modules/node/node.module b/core/modules/node/node.module index d0a928b..e0414e4 100644 --- a/core/modules/node/node.module +++ b/core/modules/node/node.module @@ -2070,18 +2070,18 @@ function node_node_access($node, $op, $account) { $configured_types = node_permissions_get_configured_types(); if (isset($configured_types[$type])) { - if ($op == 'create' && user_access('create ' . $type . ' content', $account)) { + if ($op == 'create' && $account->hasPermission('create ' . $type . ' content')) { return NODE_ACCESS_ALLOW; } if ($op == 'update') { - if (user_access('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content', $account) && ($account->id() == $node->getAuthorId()))) { + if ($account->hasPermission('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content') && ($account->id() == $node->getAuthorId()))) { return NODE_ACCESS_ALLOW; } } if ($op == 'delete') { - if (user_access('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content', $account) && ($account->id() == $node->getAuthorId()))) { + if ($account->hasPermission('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content') && ($account->id() == $node->getAuthorId()))) { return NODE_ACCESS_ALLOW; } } @@ -2271,7 +2271,7 @@ function node_query_node_access_alter(AlterableInterface $query) { // If $account can bypass node access, or there are no node access modules, // or the operation is 'view' and the $account has a global view grant // (such as a view grant for node ID 0), we don't need to alter the query. - if (user_access('bypass node access', $account)) { + if ($account->hasPermission('bypass node access')) { return; } if (!count(module_implements('node_grants'))) { diff --git a/core/modules/node/node.pages.inc b/core/modules/node/node.pages.inc index de16e50..52e6e8c 100644 --- a/core/modules/node/node.pages.inc +++ b/core/modules/node/node.pages.inc @@ -202,11 +202,11 @@ function node_revision_overview($node) { $type = $node->type; $revert_permission = FALSE; - if ((user_access("revert $type revisions") || user_access('revert all revisions') || user_access('administer nodes')) && node_access('update', $node)) { + if ((user_access("revert $type revisions") || $node->hasPermission('revert all revisions') || user_access('administer nodes')) && node_access('update')) { $revert_permission = TRUE; } $delete_permission = FALSE; - if ((user_access("delete $type revisions") || user_access('delete all revisions') || user_access('administer nodes')) && node_access('delete', $node)) { + if ((user_access("delete $type revisions") || $node->hasPermission('delete all revisions') || user_access('administer nodes')) && node_access('delete')) { $delete_permission = TRUE; } foreach ($revisions as $revision) { diff --git a/core/modules/node/tests/modules/node_access_test/node_access_test.module b/core/modules/node/tests/modules/node_access_test/node_access_test.module index d4bfc29..a169e6a 100644 --- a/core/modules/node/tests/modules/node_access_test/node_access_test.module +++ b/core/modules/node/tests/modules/node_access_test/node_access_test.module @@ -18,7 +18,7 @@ function node_access_test_node_grants($account, $op) { $grants = array(); // First grant a grant to the author for own content. $grants['node_access_test_author'] = array($account->id()); - if ($op == 'view' && user_access('node test view', $account)) { + if ($op == 'view' && $account->hasPermission('node test view')) { $grants['node_access_test'] = array(8888, 8889); } diff --git a/core/modules/overlay/lib/Drupal/overlay/Access/DismissMessageAccessCheck.php b/core/modules/overlay/lib/Drupal/overlay/Access/DismissMessageAccessCheck.php index 3c74bab..0e87644 100644 --- a/core/modules/overlay/lib/Drupal/overlay/Access/DismissMessageAccessCheck.php +++ b/core/modules/overlay/lib/Drupal/overlay/Access/DismissMessageAccessCheck.php @@ -28,7 +28,7 @@ public function applies(Route $route) { */ public function access(Route $route, Request $request) { $account = $request->attributes->get('account'); - if (!user_access('access overlay', $account)) { + if (!$account->hasPermission('access overlay')) { return static::DENY; } // It's unlikely, but possible that "access overlay" permission is granted diff --git a/core/modules/overlay/overlay.module b/core/modules/overlay/overlay.module index 05c6fb8..5aa4730 100644 --- a/core/modules/overlay/overlay.module +++ b/core/modules/overlay/overlay.module @@ -96,7 +96,7 @@ function overlay_field_extra_fields() { */ function overlay_form_user_form_alter(&$form, &$form_state) { $account = $form_state['controller']->getEntity(); - if (user_access('access overlay', $account)) { + if ($account->hasPermission('access overlay')) { $account_data = Drupal::service('user.data')->get('overlay', $account->id(), 'enabled'); $form['overlay_control'] = array( '#type' => 'details', diff --git a/core/modules/picture/lib/Drupal/picture/PictureMappingAccessController.php b/core/modules/picture/lib/Drupal/picture/PictureMappingAccessController.php index 2696100..281bcee 100644 --- a/core/modules/picture/lib/Drupal/picture/PictureMappingAccessController.php +++ b/core/modules/picture/lib/Drupal/picture/PictureMappingAccessController.php @@ -24,7 +24,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return TRUE; } elseif (in_array($operation, array('update', 'delete'))) { - return user_access('administer pictures', $account); + return $account->hasPermission('administer pictures'); } } @@ -32,7 +32,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer pictures', $account); + return $account->hasPermission('administer pictures'); } } diff --git a/core/modules/shortcut/lib/Drupal/shortcut/ShortcutAccessController.php b/core/modules/shortcut/lib/Drupal/shortcut/ShortcutAccessController.php index 572423e..650715d 100644 --- a/core/modules/shortcut/lib/Drupal/shortcut/ShortcutAccessController.php +++ b/core/modules/shortcut/lib/Drupal/shortcut/ShortcutAccessController.php @@ -23,16 +23,16 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A switch ($operation) { case 'create': case 'update': - if (user_access('administer shortcuts', $account)) { + if ($account->hasPermission('administer shortcuts')) { return TRUE; } - if (user_access('customize shortcut links', $account)) { + if ($account->hasPermission('customize shortcut links')) { return !isset($entity) || $entity == shortcut_current_displayed_set($account); } return FALSE; break; case 'delete': - if (!user_access('administer shortcuts', $account)) { + if (!$account->hasPermission('administer shortcuts')) { return FALSE; } return $entity->id() != 'default'; diff --git a/core/modules/system/lib/Drupal/system/DateFormatAccessController.php b/core/modules/system/lib/Drupal/system/DateFormatAccessController.php index 9608271..5fe5cb8 100644 --- a/core/modules/system/lib/Drupal/system/DateFormatAccessController.php +++ b/core/modules/system/lib/Drupal/system/DateFormatAccessController.php @@ -28,7 +28,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A if (in_array($operation, array('update', 'delete')) && $entity->isLocked()) { return FALSE; } - return user_access('administer site configuration', $account); + return $account->hasPermission('administer site configuration'); } } diff --git a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php index 034caa3..b98c67f 100644 --- a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php +++ b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php @@ -23,12 +23,12 @@ class EntityTestAccessController extends EntityAccessController { protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation === 'view') { if ($langcode != Language::LANGCODE_DEFAULT) { - return user_access('view test entity translations', $account); + return $account->hasPermission('view test entity translations'); } - return user_access('view test entity', $account); + return $account->hasPermission('view test entity'); } elseif (in_array($operation, array('update', 'delete'))) { - return user_access('administer entity_test content', $account); + return $account->hasPermission('administer entity_test content'); } } @@ -36,7 +36,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer entity_test content', $account); + return $account->hasPermission('administer entity_test content'); } } diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php index d945ef5..bb0e807 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php @@ -24,15 +24,15 @@ class TermAccessController extends EntityAccessController { protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'view': - return user_access('access content', $account); + return $account->hasPermission('access content'); break; case 'update': - return user_access("edit terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); + return $account->hasPermission("edit terms in {$entity->bundle()}") || $account->hasPermission('administer taxonomy'); break; case 'delete': - return user_access("delete terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); + return $account->hasPermission("delete terms in {$entity->bundle()}") || $account->hasPermission('administer taxonomy'); break; } } @@ -41,7 +41,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer taxonomy', $account); + return $account->hasPermission('administer taxonomy'); } } diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php index ac5ebe9..5247bde 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php @@ -22,14 +22,14 @@ class VocabularyAccessController extends EntityAccessController { * {@inheritdoc} */ protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { - return user_access('administer taxonomy', $account); + return $account->hasPermission('administer taxonomy'); } /** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer taxonomy', $account); + return $account->hasPermission('administer taxonomy'); } } diff --git a/core/modules/translation/translation.module b/core/modules/translation/translation.module index 17d148e..9c62ae7 100644 --- a/core/modules/translation/translation.module +++ b/core/modules/translation/translation.module @@ -154,7 +154,7 @@ function translation_user_can_translate_node($node, $account = NULL) { if (empty($account)) { $account = $GLOBALS['user']; } - return node_access('view', $node, $account) && (user_access('translate all content', $account) || ($node->uid == $account->id() && user_access('translate own content', $account))); + return node_access('view', $node, $account) && ($account->hasPermission('translate all content') || ($node->uid == $account->id() && $account->hasPermission('translate own content'))); } /** diff --git a/core/modules/user/lib/Drupal/user/AccountFormController.php b/core/modules/user/lib/Drupal/user/AccountFormController.php index 950c341..77f520b 100644 --- a/core/modules/user/lib/Drupal/user/AccountFormController.php +++ b/core/modules/user/lib/Drupal/user/AccountFormController.php @@ -204,7 +204,7 @@ public function form(array $form, array &$form_state) { '#title' => t('Administration pages language'), '#languages' => Language::STATE_CONFIGURABLE, '#default_value' => $user_preferred_admin_langcode, - '#access' => user_access('access administration pages', $account), + '#access' => $account->hasPermission('access administration pages'), ); // User entities contain both a langcode property (for identifying the diff --git a/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php b/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php index 0f4a387..2936446 100644 --- a/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php +++ b/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php @@ -35,7 +35,7 @@ class Permission extends AccessPluginBase { * {@inheritdoc} */ public function access(AccountInterface $account) { - return user_access($this->options['perm'], $account) || user_access('access all views', $account); + return user_access($this->options['perm'], $account) || $account->hasPermission('access all views'); } /** diff --git a/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php b/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php index 8b10a21..9556e69 100644 --- a/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php +++ b/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php @@ -35,7 +35,7 @@ class Role extends AccessPluginBase { * {@inheritdoc} */ public function access(AccountInterface $account) { - return user_access('access all views', $account) || array_intersect(array_filter($this->options['role']), $account->roles); + return $account->hasPermission('access all views') || array_intersect(array_filter($this->options['role']), $account->roles); } /** diff --git a/core/modules/user/lib/Drupal/user/RoleAccessController.php b/core/modules/user/lib/Drupal/user/RoleAccessController.php index e98c540..3b7382f 100644 --- a/core/modules/user/lib/Drupal/user/RoleAccessController.php +++ b/core/modules/user/lib/Drupal/user/RoleAccessController.php @@ -27,7 +27,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } default: - return user_access('administer permissions', $account); + return $account->hasPermission('administer permissions'); } } @@ -35,7 +35,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer permissions', $account); + return $account->hasPermission('administer permissions'); } } diff --git a/core/modules/user/lib/Drupal/user/Tests/UserPermissionsTest.php b/core/modules/user/lib/Drupal/user/Tests/UserPermissionsTest.php index 3c8cd54..dccb50e 100644 --- a/core/modules/user/lib/Drupal/user/Tests/UserPermissionsTest.php +++ b/core/modules/user/lib/Drupal/user/Tests/UserPermissionsTest.php @@ -42,23 +42,23 @@ function testUserPermissionChanges() { $account = $this->admin_user; // Add a permission. - $this->assertFalse(user_access('administer nodes', $account), 'User does not have "administer nodes" permission.'); + $this->assertFalse($account->hasPermission('administer nodes'), 'User does not have "administer nodes" permission.'); $edit = array(); $edit[$rid . '[administer nodes]'] = TRUE; $this->drupalPost('admin/people/permissions', $edit, t('Save permissions')); $this->assertText(t('The changes have been saved.'), 'Successful save message displayed.'); $storage_controller = $this->container->get('plugin.manager.entity')->getStorageController('user_role'); $storage_controller->resetCache(); - $this->assertTrue(user_access('administer nodes', $account), 'User now has "administer nodes" permission.'); + $this->assertTrue($account->hasPermission('administer nodes'), 'User now has "administer nodes" permission.'); // Remove a permission. - $this->assertTrue(user_access('access user profiles', $account), 'User has "access user profiles" permission.'); + $this->assertTrue($account->hasPermission('access user profiles'), 'User has "access user profiles" permission.'); $edit = array(); $edit[$rid . '[access user profiles]'] = FALSE; $this->drupalPost('admin/people/permissions', $edit, t('Save permissions')); $this->assertText(t('The changes have been saved.'), 'Successful save message displayed.'); $storage_controller->resetCache(); - $this->assertFalse(user_access('access user profiles', $account), 'User no longer has "access user profiles" permission.'); + $this->assertFalse($account->hasPermission('access user profiles'), 'User no longer has "access user profiles" permission.'); } /** @@ -91,9 +91,9 @@ function testUserRoleChangePermissions() { $account = $this->admin_user; // Verify current permissions. - $this->assertFalse(user_access('administer nodes', $account), 'User does not have "administer nodes" permission.'); - $this->assertTrue(user_access('access user profiles', $account), 'User has "access user profiles" permission.'); - $this->assertTrue(user_access('administer site configuration', $account), 'User has "administer site configuration" permission.'); + $this->assertFalse($account->hasPermission('administer nodes'), 'User does not have "administer nodes" permission.'); + $this->assertTrue($account->hasPermission('access user profiles'), 'User has "access user profiles" permission.'); + $this->assertTrue($account->hasPermission('administer site configuration'), 'User has "administer site configuration" permission.'); // Change permissions. $permissions = array( @@ -103,8 +103,8 @@ function testUserRoleChangePermissions() { user_role_change_permissions($rid, $permissions); // Verify proper permission changes. - $this->assertTrue(user_access('administer nodes', $account), 'User now has "administer nodes" permission.'); - $this->assertFalse(user_access('access user profiles', $account), 'User no longer has "access user profiles" permission.'); - $this->assertTrue(user_access('administer site configuration', $account), 'User still has "administer site configuration" permission.'); + $this->assertTrue($account->hasPermission('administer nodes'), 'User now has "administer nodes" permission.'); + $this->assertFalse($account->hasPermission('access user profiles'), 'User no longer has "access user profiles" permission.'); + $this->assertTrue($account->hasPermission('administer site configuration'), 'User still has "administer site configuration" permission.'); } } diff --git a/core/modules/user/lib/Drupal/user/UserAccessController.php b/core/modules/user/lib/Drupal/user/UserAccessController.php index e6f6ed6..ffff2a9 100644 --- a/core/modules/user/lib/Drupal/user/UserAccessController.php +++ b/core/modules/user/lib/Drupal/user/UserAccessController.php @@ -28,14 +28,14 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A case 'update': // Users can always edit their own account. Users with the 'administer // users' permission can edit any account except the anonymous account. - return (($account->id() == $entity->id()) || user_access('administer users', $account)) && $entity->id() > 0; + return (($account->id() == $entity->id()) || $account->hasPermission('administer users')) && $entity->id() > 0; break; case 'delete': // Users with 'cancel account' permission can cancel their own account, // users with 'administer users' permission can cancel any account // except the anonymous account. - return ((($account->id() == $entity->id()) && user_access('cancel account', $account)) || user_access('administer users', $account)) && $entity->id() > 0; + return ((($account->id() == $entity->id()) && $account->hasPermission('cancel account')) || $account->hasPermission('administer users')) && $entity->id() > 0; break; } } @@ -44,7 +44,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer users', $account); + return $account->hasPermission('administer users'); } /** @@ -56,10 +56,10 @@ protected function viewAccess(EntityInterface $entity, $langcode, AccountInterfa // Never allow access to view the anonymous user account. if ($entity->id()) { // Admins can view all, users can view own profiles at all times. - if ($account->id() == $entity->id() || user_access('administer users', $account)) { + if ($account->id() == $entity->id() || $account->hasPermission('administer users')) { return TRUE; } - elseif (user_access('access user profiles', $account)) { + elseif ($account->hasPermission('access user profiles')) { // Only allow view access if the account is active. return $entity->status->value; } diff --git a/core/modules/user/user.module b/core/modules/user/user.module index 924b221..be702f0 100644 --- a/core/modules/user/user.module +++ b/core/modules/user/user.module @@ -454,7 +454,7 @@ function user_access($string, AccountInterface $account = NULL) { if (!isset($account)) { // In the installer request session is not set, so we have to fall back // to the global $user. In all other cases the session key is preferred. - $account = Drupal::request()->attributes->get('account') ?: $user; + $account = Drupal::account() ?: $user; } return $account->hasPermission($string); diff --git a/core/modules/views/lib/Drupal/views/Plugin/views/display/DisplayPluginBase.php b/core/modules/views/lib/Drupal/views/Plugin/views/display/DisplayPluginBase.php index b0cbb7b..675177d 100644 --- a/core/modules/views/lib/Drupal/views/Plugin/views/display/DisplayPluginBase.php +++ b/core/modules/views/lib/Drupal/views/Plugin/views/display/DisplayPluginBase.php @@ -2519,7 +2519,7 @@ public function access($account = NULL) { } // Full override. - if (user_access('access all views', $account)) { + if ($account->hasPermission('access all views')) { return TRUE; } diff --git a/core/modules/views/lib/Drupal/views/ViewAccessController.php b/core/modules/views/lib/Drupal/views/ViewAccessController.php index 80ad8a9..5c569f2 100644 --- a/core/modules/views/lib/Drupal/views/ViewAccessController.php +++ b/core/modules/views/lib/Drupal/views/ViewAccessController.php @@ -21,14 +21,14 @@ class ViewAccessController extends EntityAccessController { * {@inheritdoc} */ public function access(EntityInterface $entity, $operation, $langcode = Language::LANGCODE_DEFAULT, AccountInterface $account = NULL) { - return $operation == 'view' || user_access('administer views', $account); + return $operation == 'view' || $account->hasPermission('administer views'); } /** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer views', $account); + return $account->hasPermission('administer views'); } }