diff --git a/core/includes/entity.inc b/core/includes/entity.inc index a866864..8fe3f94 100644 --- a/core/includes/entity.inc +++ b/core/includes/entity.inc @@ -8,6 +8,8 @@ use Drupal\Core\Cache\CacheBackendInterface; use Drupal\Core\Entity\EntityStorageException; use Drupal\Core\Entity\EntityInterface; +use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Entity\Entity; /** * Gets the entity definition for an entity type. @@ -326,6 +328,32 @@ function entity_access_controller($entity_type) { } /** + * Menu access callback to check access to a certain entity. + * + * If you have the $entity object available better use $entity->access() directly. + * + * @param Drupal\Core\Entity\Entity $entity + * The entire entity object, to check access for. + * @param string $operation + * (optional) The operation to be performed. Supported values are: + * - view + * - create + * - update + * - delete + * Defaults to 'view'. + * @param \Drupal\user\Plugin\Core\Entity\User $account + * (optional) The user for which to check access, or NULL to check access + * for the current user. Defaults to NULL. + * + * @return bool + * TRUE if the given user has access for the given operation, FALSE + * otherwise. + */ +function entity_access(Entity $entity, $operation = 'view', User $account = NULL) { + return $entity->access($operation, $account); +} + +/** * Returns an entity form controller for the given operation. * * Since there might be different scenarios in which an entity is edited, diff --git a/core/modules/comment/comment.module b/core/modules/comment/comment.module index ab757a9..1f2ef3c 100644 --- a/core/modules/comment/comment.module +++ b/core/modules/comment/comment.module @@ -247,8 +247,8 @@ function comment_menu() { 'title' => 'Edit', 'page callback' => 'comment_edit_page', 'page arguments' => array(1), - 'access callback' => 'comment_access', - 'access arguments' => array('edit', 1), + 'access callback' => 'entity_access', + 'access arguments' => array(1, 'edit'), 'type' => MENU_LOCAL_TASK, 'weight' => 0, ); @@ -991,7 +991,7 @@ function comment_links(Comment $comment, Node $node) { } } elseif (user_access('post comments')) { - if (comment_access('edit', $comment)) { + if ($comment->access('update')) { $links['comment-edit'] = array( 'title' => t('edit'), 'href' => "comment/$comment->cid/edit", @@ -1371,30 +1371,6 @@ function comment_user_predelete($account) { } /** - * Determines whether the current user has access to a particular comment. - * - * Authenticated users can edit their comments as long they have not been - * replied to. This prevents people from changing or revising their statements - * based on the replies to their posts. - * - * @param $op - * The operation that is to be performed on the comment. Only 'edit' is - * recognized now. - * @param Drupal\comment\Comment $comment - * The comment object. - * - * @return - * TRUE if the current user has acces to the comment, FALSE otherwise. - */ -function comment_access($op, Comment $comment) { - global $user; - - if ($op == 'edit') { - return ($user->uid && $user->uid == $comment->uid && $comment->status == COMMENT_PUBLISHED && user_access('edit own comments')) || user_access('administer comments'); - } -} - -/** * Accepts a submission of new or changed comment content. * * @param Drupal\comment\Comment $comment diff --git a/core/modules/comment/lib/Drupal/comment/Plugin/Core/Entity/Comment.php b/core/modules/comment/lib/Drupal/comment/Plugin/Core/Entity/Comment.php index e0bbfd9..0f51d77 100644 --- a/core/modules/comment/lib/Drupal/comment/Plugin/Core/Entity/Comment.php +++ b/core/modules/comment/lib/Drupal/comment/Plugin/Core/Entity/Comment.php @@ -20,6 +20,7 @@ * label = @Translation("Comment"), * module = "comment", * controller_class = "Drupal\comment\CommentStorageController", + * access_controller_class = "Drupal\comment\AccessController", * render_controller_class = "Drupal\comment\CommentRenderController", * form_controller_class = { * "default" = "Drupal\comment\CommentFormController" diff --git a/core/modules/comment/lib/Drupal/comment/Plugin/views/field/LinkEdit.php b/core/modules/comment/lib/Drupal/comment/Plugin/views/field/LinkEdit.php index 4a17fe7..53c358a 100644 --- a/core/modules/comment/lib/Drupal/comment/Plugin/views/field/LinkEdit.php +++ b/core/modules/comment/lib/Drupal/comment/Plugin/views/field/LinkEdit.php @@ -44,7 +44,7 @@ function render_link($data, $values) { parent::render_link($data, $values); // ensure user has access to edit this comment. $comment = $this->get_value($values); - if (!comment_access('edit', $comment)) { + if (!$comment->access('update')) { return; }