diff --git a/core/lib/Drupal/Core/Entity/Entity.php b/core/lib/Drupal/Core/Entity/Entity.php index 785c81c..b1e4843 100644 --- a/core/lib/Drupal/Core/Entity/Entity.php +++ b/core/lib/Drupal/Core/Entity/Entity.php @@ -257,10 +257,9 @@ public function getIterator() { * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ public function access($operation = 'view', \Drupal\user\Plugin\Core\Entity\User $account = NULL) { - $method = $operation . 'Access'; return drupal_container()->get('plugin.manager.entity') ->getAccessController($this->entityType) - ->$method($this, LANGUAGE_DEFAULT, $account); + ->access($this, $operation, LANGUAGE_DEFAULT, $account); } /** @@ -312,7 +311,7 @@ public function getTranslationLanguages($include_default = TRUE) { foreach (field_info_instances($this->entityType, $this->bundle()) as $field_name => $instance) { $field = field_info_field($field_name); if (field_is_translatable($this->entityType, $field) && isset($this->$field_name)) { - foreach (array_filter($this->$field_name) as $langcode => $value) { + foreach (array_filter($this->$field_name) as $langcode => $value) { $languages[$langcode] = TRUE; } } diff --git a/core/lib/Drupal/Core/Entity/EntityAccessController.php b/core/lib/Drupal/Core/Entity/EntityAccessController.php index 423281f..57b8d62 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessController.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessController.php @@ -22,51 +22,15 @@ class EntityAccessController implements EntityAccessControllerInterface { protected $accessCache = array(); /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). + * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::access(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($access = $this->getCache($entity, 'view', $langcode, $account)) !== NULL) { + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + if (($access = $this->getCache($entity, $operation, $langcode, $account)) !== NULL) { return $access; } - $access = (bool) $this->access($entity, 'view', $langcode, $account); - return $this->setCache($access, $entity, 'view', $langcode, $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($access = $this->getCache($entity, 'create', $langcode, $account)) !== NULL) { - return $access; - } - - $access = (bool) $this->access($entity, 'create', $langcode, $account); - return $this->setCache($access, $entity, 'create', $langcode, $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($access = $this->getCache($entity, 'update', $langcode, $account)) !== NULL) { - return $access; - } - - $access = (bool) $this->access($entity, 'update', $langcode, $account); - return $this->setCache($access, $entity, 'update', $langcode, $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($access = $this->getCache($entity, 'delete', $langcode, $account)) !== NULL) { - return $access; - } - - $access = (bool) $this->access($entity, 'delete', $langcode, $account); - return $this->setCache($access, $entity, 'delete', $langcode, $account); + $access = (bool) $this->computeAccess($entity, $operation , $langcode, $account); + return $this->setCache($access, $entity, $operation, $langcode, $account); } /** @@ -88,7 +52,7 @@ public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAU * TRUE if access was granted, FALSE if access was denied and NULL if access * could not be determined. */ - protected function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + protected function computeAccess(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { // @todo Remove this once we can rely on $account. if (!$account) { $account = user_load($GLOBALS['user']->uid); diff --git a/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php b/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php index 66730f6..c998571 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php @@ -16,10 +16,13 @@ interface EntityAccessControllerInterface { /** - * Checks 'view' access for a given entity or entity translation. + * Check access to an operation on a given entity or entity translation. * * @param \Drupal\Core\Entity\EntityInterface $entity - * The entity for which to check 'view' access. + * The entity for which to check access. + * @param string $operation + * The operation acces should be checked for. + * Usually one of "view", "create", "update" or "delete". * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. @@ -30,61 +33,11 @@ * @return bool * TRUE if access was granted, FALSE otherwise. */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); - - /** - * Checks 'create' access for a given entity or entity translation. - * - * @param \Drupal\Core\Entity\EntityInterface $entity - * The entity for which to check 'create' access. - * @param string $langcode - * (optional) The language code for which to check access. Defaults to - * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. - * - * @return bool - * TRUE if access was granted, FALSE otherwise. - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); - - /** - * Checks 'update' access for a given entity or entity translation. - * - * @param \Drupal\Core\Entity\EntityInterface $entity - * The entity to check 'update' access. - * @param string $langcode - * (optional) The language code for which to check access. Defaults to - * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. - * - * @return bool - * TRUE if access was granted, FALSE otherwise. - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); - - /** - * Checks 'delete' access for a given entity or entity translation. - * - * @param \Drupal\Core\Entity\EntityInterface $entity - * The entity for which to check 'delete' access. - * @param string $langcode - * (optional) The language code for which to check access. Defaults to - * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. - * - * @return bool - * TRUE if access was granted, FALSE otherwise. - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL); /** * Clears all cached access checks. */ public function resetCache(); + } diff --git a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php index 014d54f..30e64a8 100644 --- a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php +++ b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php @@ -17,31 +17,20 @@ class CustomBlockAccessController extends EntityAccessController { /** - * Implements EntityAccessControllerInterface::viewAccess(). + * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::access(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return TRUE; - } - - /** - * Implements EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer blocks', $account); - } - - /** - * Implements EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer blocks', $account); - } - - /** - * Implements EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer blocks', $account); + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + if ($operation === 'view') { + $flag = TRUE; + } + elseif (in_array($operation, array('create', 'update', 'delete'))) { + $flag = user_access('administer blocks', $account); + } + else { + $flag = FALSE; + } + + return $flag; } } diff --git a/core/modules/block/lib/Drupal/block/BlockAccessController.php b/core/modules/block/lib/Drupal/block/BlockAccessController.php index 8e8a563..50733ee 100644 --- a/core/modules/block/lib/Drupal/block/BlockAccessController.php +++ b/core/modules/block/lib/Drupal/block/BlockAccessController.php @@ -17,10 +17,15 @@ class BlockAccessController extends EntityAccessController { /** - * Overrides \Drupal\Core\Entity\EntityAccessController::viewAccess(). + * Overrides \Drupal\Core\Entity\EntityAccessController::computeAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return $entity->getPlugin()->access(); + public function computeAccess(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + if ($operation === 'view') { + return $entity->getPlugin()->access(); + } + else { + return parent::computeAccess($entity, $operation, $langcode, $account); + } } } diff --git a/core/modules/node/lib/Drupal/node/NodeAccessController.php b/core/modules/node/lib/Drupal/node/NodeAccessController.php index 815c2ab..33f68c7 100644 --- a/core/modules/node/lib/Drupal/node/NodeAccessController.php +++ b/core/modules/node/lib/Drupal/node/NodeAccessController.php @@ -18,27 +18,9 @@ class NodeAccessController extends EntityAccessController { /** - * Overrides \Drupal\Core\Entity\EntityAccessController::viewAccess(). - */ - public function viewAccess(EntityInterface $node, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (($cached = $this->getCache($node, 'view', $langcode, $account)) !== NULL ) { - return $cached; - } - - if (($access = $this->access($node, 'view', $langcode, $account)) !== NULL) { - return $this->setCache((bool) $access, $node, 'view', $langcode, $account); - }; - - // If no modules implement hook_node_grants(), the default behavior is to - // allow all users to view published nodes, so reflect that here. - $status = $node instanceof EntityNG ? $node->getTranslation($langcode, FALSE)->status->value : $node->status; - return $this->setCache($status, $node, 'view', $langcode, $account); - } - - /** * Overrides \Drupal\Core\Entity\EntityAccessController::access(). */ - protected function access(EntityInterface $node, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + protected function computeAccess(EntityInterface $node, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { if (user_access('bypass node access', $account)) { return TRUE; } @@ -82,7 +64,7 @@ protected function access(EntityInterface $node, $operation, $langcode = LANGUAG /** * Determines access to nodes based on node grants. * - * @param \Drupal\Core\Entity\EntityInterface $entity + * @param \Drupal\Core\Entity\EntityInterface $node * The entity for which to check 'create' access. * @param string $operation * The entity operation. Usually one of 'view', 'edit', 'create' or diff --git a/core/modules/node/node.module b/core/modules/node/node.module index 4c7392b..2c628d5 100644 --- a/core/modules/node/node.module +++ b/core/modules/node/node.module @@ -2530,8 +2530,7 @@ function node_access($op, $node, $account = NULL, $langcode = NULL) { $account = user_load($account->uid); } - $method = $op . 'Access'; - return entity_access_controller('node')->$method($node, $langcode, $account); + return entity_access_controller('node')->access($node, $op, $langcode, $account); } /** diff --git a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php index b9e9361..9c45f46 100644 --- a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php +++ b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php @@ -17,34 +17,23 @@ class EntityTestAccessController extends EntityAccessController { /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). + * Implements EntityAccessControllerInterface::access(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if ($langcode != LANGUAGE_DEFAULT) { - return user_access('view test entity translations', $account); + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + if ($operation === 'view') { + if ($langcode != LANGUAGE_DEFAULT) { + $flag = user_access('view test entity translations', $account); + } + $flag = user_access('view test entity', $account); + } + elseif (in_array($operation, array('create', 'update', 'delete'))) { + $flag = user_access('administer entity_test content', $account); + } + else { + $flag = FALSE; } - return user_access('view test entity', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer entity_test content', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer entity_test content', $account); - } - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer entity_test content', $account); + return $flag; } } diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php index c45aa02..464112c 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php @@ -19,31 +19,32 @@ class TermAccessController extends EntityAccessController { /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). + * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::access(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('access content', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access("update terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access("delete terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + switch ($operation) { + case 'view': + $flag = user_access('access content', $account); + break; + + case 'create': + $flag = user_access('administer taxonomy', $account); + break; + + case 'update': + $flag = user_access("update terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); + break; + + case 'delete': + $flag = user_access("delete terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); + break; + + default: + $flag = FALSE; + break; + } + + return $flag; } } diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php index b1ec119..37855d4 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php @@ -19,30 +19,9 @@ class VocabularyAccessController extends EntityAccessController { /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). + * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::access(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer taxonomy', $account); - } - - /** - * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { return user_access('administer taxonomy', $account); } diff --git a/core/modules/user/lib/Drupal/user/UserAccessController.php b/core/modules/user/lib/Drupal/user/UserAccessController.php index 13b8c6b..4b9af32 100644 --- a/core/modules/user/lib/Drupal/user/UserAccessController.php +++ b/core/modules/user/lib/Drupal/user/UserAccessController.php @@ -17,7 +17,46 @@ class UserAccessController extends EntityAccessController { /** - * Implements EntityAccessControllerInterface::viewAccess(). + * Implements EntityAccessControllerInterface::access(). + */ + public function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + if (!$account) { + $account = $GLOBALS['user']; + } + + switch ($operation) { + case 'view': + $flag = $this->viewAccess($entity, $langcode, $account); + break; + + case 'create': + $flag = user_access('administer users', $account); + break; + + case 'update': + // Users can always edit their own account. Users with the 'administer + // users' permission can edit any account except the anonymous account. + $flag = (($account->uid == $entity->uid) || user_access('administer users', $account)) && $entity->uid > 0; + break; + + case 'delete': + // Users with 'cancel account' permission can cancel their own account, + // users with 'administer users' permission can cancel any account + // except the anonymous account. + $flag = ((($account->uid == $entity->uid) && user_access('cancel account', $account)) || user_access('administer users', $account)) && $entity->uid > 0; + break; + + default: + $flag = FALSE; + break; + } + + return $flag; + } + + /** + * Check view access. + * See EntityAccessControllerInterface::view() for parameters. */ public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { $uid = $entity->uid; @@ -39,36 +78,4 @@ public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT return FALSE; } - /** - * Implements EntityAccessControllerInterface::createAccess(). - */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - return user_access('administer users', $account); - } - - /** - * Implements EntityAccessControllerInterface::updateAccess(). - */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (!$account) { - $account = $GLOBALS['user']; - } - // Users can always edit their own account. Users with the 'administer - // users' permission can edit any account except the anonymous account. - return (($account->uid == $entity->uid) || user_access('administer users', $account)) && $entity->uid > 0; - } - - /** - * Implements EntityAccessControllerInterface::deleteAccess(). - */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { - if (!$account) { - $account = $GLOBALS['user']; - } - // Users with 'cancel account' permission can cancel their own account, - // users with 'administer users' permission can cancel any account except - // the anonymous account. - return ((($account->uid == $entity->uid) && user_access('cancel account', $account)) || user_access('administer users', $account)) && $entity->uid > 0; - } - }