diff --git a/core/modules/node/lib/Drupal/node/Access/NodeRevisionAccessCheck.php b/core/modules/node/lib/Drupal/node/Access/NodeRevisionAccessCheck.php index aca491d..8f9a7be 100644 --- a/core/modules/node/lib/Drupal/node/Access/NodeRevisionAccessCheck.php +++ b/core/modules/node/lib/Drupal/node/Access/NodeRevisionAccessCheck.php @@ -130,7 +130,9 @@ public function checkAccess(NodeInterface $node, $op = 'view', AccountInterface if (!isset($this->access[$cid])) { // Perform basic permission checks first. - if (!user_access($map[$op], $account) && !user_access($type_map[$op], $account) && !user_access('administer nodes', $account)) { + if (!$account->hasPermission($map[$op]) + && !$account->hasPermission($type_map[$op]) + && !$account->hasPermission('administer nodes')) { return $this->access[$cid] = FALSE; } @@ -142,7 +144,7 @@ public function checkAccess(NodeInterface $node, $op = 'view', AccountInterface if ($node->isDefaultRevision() && ($this->connection->query('SELECT COUNT(*) FROM {node_field_revision} WHERE nid = :nid AND default_langcode = 1', array(':nid' => $node->id()))->fetchField() == 1 || $op == 'update' || $op == 'delete')) { $this->access[$cid] = FALSE; } - elseif (user_access('administer nodes', $account)) { + elseif ($account->hasPermission('administer nodes')) { $this->access[$cid] = TRUE; } else { diff --git a/core/modules/node/lib/Drupal/node/NodeAccessController.php b/core/modules/node/lib/Drupal/node/NodeAccessController.php index 2556d76..1e0542d 100644 --- a/core/modules/node/lib/Drupal/node/NodeAccessController.php +++ b/core/modules/node/lib/Drupal/node/NodeAccessController.php @@ -70,12 +70,14 @@ public static function createInstance(ContainerInterface $container, $entity_typ * {@inheritdoc} */ public function access(EntityInterface $entity, $operation, $langcode = Language::LANGCODE_DEFAULT, AccountInterface $account = NULL) { - if (user_access('bypass node access', $account)) { + $account = $account ?: \Drupal::request()->attributes->get('_account'); + if ($account->hasPermission('bypass node access')) { return TRUE; } - if (!user_access('access content', $account)) { + if (!$account->hasPermission('access content')) { return FALSE; } + return parent::access($entity, $operation, $langcode, $account); } @@ -85,10 +87,10 @@ public function access(EntityInterface $entity, $operation, $langcode = Language public function createAccess($entity_bundle = NULL, AccountInterface $account = NULL, array $context = array()) { $account = $this->prepareUser($account); - if (user_access('bypass node access', $account)) { + if ($account->hasPermission('bypass node access')) { return TRUE; } - if (!user_access('access content', $account)) { + if (!$account->hasPermission('access content')) { return FALSE; } @@ -109,7 +111,8 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc } // Check if authors can view their own unpublished nodes. - if ($operation === 'view' && !$status && user_access('view own unpublished content', $account)) { + if ($operation === 'view' && !$status + && $account->hasPermission('view own unpublished content')) { if ($account->id() != 0 && $account->id() == $uid) { return TRUE; @@ -135,7 +138,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { $configured_types = node_permissions_get_configured_types(); if (isset($configured_types[$entity_bundle])) { - return user_access('create ' . $entity_bundle . ' content', $account); + return $account->hasPermission('create ' . $entity_bundle . ' content'); } } diff --git a/core/modules/node/lib/Drupal/node/NodeFormController.php b/core/modules/node/lib/Drupal/node/NodeFormController.php index c9649ef..41ed528 100644 --- a/core/modules/node/lib/Drupal/node/NodeFormController.php +++ b/core/modules/node/lib/Drupal/node/NodeFormController.php @@ -141,14 +141,15 @@ public function form(array $form, array &$form_state) { 'js' => array(drupal_get_path('module', 'node') . '/node.js'), ), '#weight' => 20, - '#access' => $node->isNewRevision() || user_access('administer nodes'), + '#access' => $node->isNewRevision() + || \Drupal::request()->attributes->get('_account')->hasPermission('administer nodes'), ); $form['revision_information']['revision']['revision'] = array( '#type' => 'checkbox', '#title' => t('Create new revision'), '#default_value' => $node->isNewRevision(), - '#access' => user_access('administer nodes'), + '#access' => \Drupal::request()->attributes->get('_account')->hasPermission('administer nodes'), ); $form['revision_information']['revision']['log'] = array( @@ -167,7 +168,7 @@ public function form(array $form, array &$form_state) { // Node author information for administrators. $form['author'] = array( '#type' => 'details', - '#access' => user_access('administer nodes'), + '#access' => \Drupal::request()->attributes->get('_account')->hasPermission('administer nodes'), '#title' => t('Authoring information'), '#collapsed' => TRUE, '#group' => 'advanced', @@ -206,7 +207,7 @@ public function form(array $form, array &$form_state) { // Node options for administrators. $form['options'] = array( '#type' => 'details', - '#access' => user_access('administer nodes'), + '#access' => \Drupal::request()->attributes->get('_account')->hasPermission('administer nodes'), '#title' => t('Promotion options'), '#collapsed' => TRUE, '#group' => 'advanced', @@ -257,7 +258,8 @@ protected function actions(array $form, array &$form_state) { // modules to integrate with "the Save operation" of this form. Modules // need a way to plug themselves into 1) the ::submit() step, and // 2) the ::save() step, both decoupled from the pressed form button. - if ($element['submit']['#access'] && user_access('administer nodes')) { + if ($element['submit']['#access'] + && \Drupal::request()->attributes->get('_account')->hasPermission('administer nodes')) { // isNew | prev status » default & publish label & unpublish label // 1 | 1 » publish & Save and publish & Save as unpublished // 1 | 0 » unpublish & Save and publish & Save as unpublished diff --git a/core/modules/node/lib/Drupal/node/NodeTypeAccessController.php b/core/modules/node/lib/Drupal/node/NodeTypeAccessController.php index 55238a6..b07c113 100644 --- a/core/modules/node/lib/Drupal/node/NodeTypeAccessController.php +++ b/core/modules/node/lib/Drupal/node/NodeTypeAccessController.php @@ -25,14 +25,14 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A if ($operation == 'delete' && $entity->isLocked()) { return FALSE; } - return user_access('administer content types', $account); + return $account->hasPermission('administer content types'); } /** * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer content types', $account); + return $account->hasPermission('administer content types'); } } diff --git a/core/modules/node/lib/Drupal/node/NodeTypeListController.php b/core/modules/node/lib/Drupal/node/NodeTypeListController.php index d6be67d..ce68696 100644 --- a/core/modules/node/lib/Drupal/node/NodeTypeListController.php +++ b/core/modules/node/lib/Drupal/node/NodeTypeListController.php @@ -91,7 +91,8 @@ public function buildRow(EntityInterface $entity) { public function getOperations(EntityInterface $entity) { $operations = parent::getOperations($entity); $uri = $entity->uri(); - if ($this->moduleHandler->moduleExists('field_ui') && user_access('administer node fields')) { + if ($this->moduleHandler->moduleExists('field_ui') + && \Drupal::request()->attributes->get('_account')->hasPermission('administer node fields')) { $operations['manage-fields'] = array( 'title' => t('Manage fields'), 'href' => $uri['path'] . '/fields', @@ -99,7 +100,8 @@ public function getOperations(EntityInterface $entity) { 'weight' => 0, ); } - if ($this->moduleHandler->moduleExists('field_ui') && user_access('administer node form display')) { + if ($this->moduleHandler->moduleExists('field_ui') + && \Drupal::request()->attributes->get('_account')->hasPermission('administer node form display')) { $operations['manage-form-display'] = array( 'title' => t('Manage form display'), 'href' => $uri['path'] . '/form-display', @@ -107,7 +109,8 @@ public function getOperations(EntityInterface $entity) { 'weight' => 5, ); } - if ($this->moduleHandler->moduleExists('field_ui') && user_access('administer node display')) { + if ($this->moduleHandler->moduleExists('field_ui') + && \Drupal::request()->attributes->get('_account')->hasPermission('administer node display')) { $operations['manage-display'] = array( 'title' => t('Manage display'), 'href' => $uri['path'] . '/display', diff --git a/core/modules/node/lib/Drupal/node/Plugin/Block/RecentContentBlock.php b/core/modules/node/lib/Drupal/node/Plugin/Block/RecentContentBlock.php index 8144161..4c09b07 100644 --- a/core/modules/node/lib/Drupal/node/Plugin/Block/RecentContentBlock.php +++ b/core/modules/node/lib/Drupal/node/Plugin/Block/RecentContentBlock.php @@ -35,7 +35,11 @@ public function settings() { * Overrides \Drupal\block\BlockBase::access(). */ public function access() { - return user_access('access content'); + $account = \Drupal::request()->attributes->get('_account'); + if (!$account) { + $account = drupal_anonymous_user(); + } + return $account->hasPermission('access content'); } /** diff --git a/core/modules/node/lib/Drupal/node/Plugin/Block/SyndicateBlock.php b/core/modules/node/lib/Drupal/node/Plugin/Block/SyndicateBlock.php index 1440a48..e0c8012 100644 --- a/core/modules/node/lib/Drupal/node/Plugin/Block/SyndicateBlock.php +++ b/core/modules/node/lib/Drupal/node/Plugin/Block/SyndicateBlock.php @@ -35,7 +35,11 @@ public function settings() { * Overrides \Drupal\block\BlockBase::access(). */ public function access() { - return user_access('access content'); + $account = \Drupal::request()->attributes->get('_account'); + if (!$account) { + $account = drupal_anonymous_user(); + } + return $account->hasPermission('access content'); } /** diff --git a/core/modules/node/lib/Drupal/node/Plugin/entity_reference/selection/NodeSelection.php b/core/modules/node/lib/Drupal/node/Plugin/entity_reference/selection/NodeSelection.php index 5a087a8..56cbd14 100644 --- a/core/modules/node/lib/Drupal/node/Plugin/entity_reference/selection/NodeSelection.php +++ b/core/modules/node/lib/Drupal/node/Plugin/entity_reference/selection/NodeSelection.php @@ -34,7 +34,8 @@ public function buildEntityQuery($match = NULL, $match_operator = 'CONTAINS') { // 'unpublished'. We need to do that as long as there are no access control // modules in use on the site. As long as one access control module is there, // it is supposed to handle this check. - if (!user_access('bypass node access') && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) { + if (!\Drupal::request()->attributes->get('_account')->hasPermission('bypass node access') + && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) { $query->condition('status', NODE_PUBLISHED); } return $query; diff --git a/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLink.php b/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLink.php index 6b43b81..5c73315 100644 --- a/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLink.php +++ b/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLink.php @@ -32,7 +32,9 @@ public function init(ViewExecutable $view, DisplayPluginBase $display, array &$o } public function access() { - return user_access('view revisions') || user_access('administer nodes'); + $account = \Drupal::request()->attributes->get('_account'); + return $account->hasPermission('view revisions') + || $account->hasPermission('administer nodes'); } protected function renderLink($data, ResultRow $values) { diff --git a/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLinkDelete.php b/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLinkDelete.php index 306b5ba..05b1f76 100644 --- a/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLinkDelete.php +++ b/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLinkDelete.php @@ -21,7 +21,9 @@ class RevisionLinkDelete extends RevisionLink { public function access() { - return user_access('delete revisions') || user_access('administer nodes'); + $account = \Drupal::request()->attributes->get('_account'); + return $account->hasPermission('delete revisions') + || $account->hasPermission('administer nodes'); } protected function renderLink($data, ResultRow $values) { diff --git a/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLinkRevert.php b/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLinkRevert.php index 6318bd4..a41d082 100644 --- a/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLinkRevert.php +++ b/core/modules/node/lib/Drupal/node/Plugin/views/field/RevisionLinkRevert.php @@ -21,7 +21,9 @@ class RevisionLinkRevert extends RevisionLink { public function access() { - return user_access('revert revisions') || user_access('administer nodes'); + $account = \Drupal::request()->attributes->get('_account'); + return $account->hasPermission('revert revisions') + || $account->hasPermission('administer nodes'); } protected function renderLink($data, ResultRow $values) { diff --git a/core/modules/node/lib/Drupal/node/Plugin/views/filter/Access.php b/core/modules/node/lib/Drupal/node/Plugin/views/filter/Access.php index b5bf773..711d484 100644 --- a/core/modules/node/lib/Drupal/node/Plugin/views/filter/Access.php +++ b/core/modules/node/lib/Drupal/node/Plugin/views/filter/Access.php @@ -29,7 +29,7 @@ public function canExpose() { * See _node_access_where_sql() for a non-views query based implementation. */ public function query() { - if (!user_access('administer nodes')) { + if (!\Drupal::request()->attributes->get('_account')->hasPermission('administer nodes')) { $table = $this->ensureMyTable(); $grants = db_or(); foreach (node_access_grants('view') as $realm => $gids) { diff --git a/core/modules/node/lib/Drupal/node/Tests/NodeRevisionPermissionsTest.php b/core/modules/node/lib/Drupal/node/Tests/NodeRevisionPermissionsTest.php index 3bcf362..1283ee1 100644 --- a/core/modules/node/lib/Drupal/node/Tests/NodeRevisionPermissionsTest.php +++ b/core/modules/node/lib/Drupal/node/Tests/NodeRevisionPermissionsTest.php @@ -99,7 +99,8 @@ function testNodeRevisionAccessAnyType() { foreach ($permutations as $case) { // Skip this test if there are no revisions for the node. if (!($revision->isDefaultRevision() && (db_query('SELECT COUNT(vid) FROM {node_field_revision} WHERE nid = :nid', array(':nid' => $revision->id()))->fetchField() == 1 || $case['op'] == 'update' || $case['op'] == 'delete'))) { - if (!empty($case['account']->is_admin) || user_access($this->map[$case['op']], $case['account'])) { + if (!empty($case['account']->is_admin) + || $case['account']->hasPermission($this->map[$case['op']])) { $this->assertTrue(_node_revision_access($revision, $case['op'], $case['account']), "{$this->map[$case['op']]} granted."); } else { @@ -145,7 +146,8 @@ function testNodeRevisionAccessPerType() { foreach ($permutations as $case) { // Skip this test if there are no revisions for the node. if (!($revision->isDefaultRevision() && (db_query('SELECT COUNT(vid) FROM {node_field_revision} WHERE nid = :nid', array(':nid' => $revision->id()))->fetchField() == 1 || $case['op'] == 'update' || $case['op'] == 'delete'))) { - if (!empty($case['account']->is_admin) || user_access($this->type_map[$case['op']], $case['account'])) { + if (!empty($case['account']->is_admin) + || $case['account']->hasPermission($this->type_map[$case['op']])) { $this->assertTrue(_node_revision_access($revision, $case['op'], $case['account']), "{$this->type_map[$case['op']]} granted."); } else { diff --git a/core/modules/node/node.admin.inc b/core/modules/node/node.admin.inc index ded7789..e63680a 100644 --- a/core/modules/node/node.admin.inc +++ b/core/modules/node/node.admin.inc @@ -202,11 +202,12 @@ function node_admin_nodes() { ->extend('Drupal\Core\Database\Query\PagerSelectExtender') ->extend('Drupal\Core\Database\Query\TableSortExtender'); - if (!user_access('bypass node access')) { + if (!\Drupal::request()->attributes->get('_account')->hasPermission('bypass node access')) { // If the user is able to view their own unpublished nodes, allow them // to see these in addition to published nodes. Check that they actually // have some unpublished nodes to view before adding the condition. - if (user_access('view own unpublished content') && $own_unpublished = db_query('SELECT DISTINCT nid FROM {node_field_data} WHERE uid = :uid AND status = :status', array(':uid' => $GLOBALS['user']->id(), ':status' => 0))->fetchCol()) { + if (\Drupal::request()->attributes->get('_account')->hasPermission('view own unpublished content') + && $own_unpublished = db_query('SELECT DISTINCT nid FROM {node_field_data} WHERE uid = :uid AND status = :status', array(':uid' => $GLOBALS['user']->id(), ':status' => 0))->fetchCol()) { $query->condition(db_or() ->condition('n.status', 1) ->condition('n.nid', $own_unpublished, 'IN') diff --git a/core/modules/node/node.api.php b/core/modules/node/node.api.php index 2166391..f13ea30 100644 --- a/core/modules/node/node.api.php +++ b/core/modules/node/node.api.php @@ -184,7 +184,7 @@ * @ingroup node_access */ function hook_node_grants($account, $op) { - if (user_access('access private content', $account)) { + if ($account->hasPermission('access private content')) { $grants['example'] = array(1); } $grants['example_owner'] = array($account->id()); @@ -572,18 +572,20 @@ function hook_node_access($node, $op, $account, $langcode) { $configured_types = node_permissions_get_configured_types(); if (isset($configured_types[$type])) { - if ($op == 'create' && user_access('create ' . $type . ' content', $account)) { + if ($op == 'create' && $account->hasPermission('create ' . $type . ' content')) { return NODE_ACCESS_ALLOW; } if ($op == 'update') { - if (user_access('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content', $account) && ($account->id() == $node->uid))) { + if ($account->hasPermission('edit any ' . $type . ' content') + || ($account->hasPermission('edit own ' . $type . ' content') && ($account->id() == $node->uid))) { return NODE_ACCESS_ALLOW; } } if ($op == 'delete') { - if (user_access('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content', $account) && ($account->id() == $node->uid))) { + if ($account->hasPermission('delete any ' . $type . ' content') + || ($account->hasPermission('delete own ' . $type . ' content') && ($account->id() == $node->uid))) { return NODE_ACCESS_ALLOW; } } diff --git a/core/modules/node/node.module b/core/modules/node/node.module index 26f11a2..12ee29a 100644 --- a/core/modules/node/node.module +++ b/core/modules/node/node.module @@ -86,7 +86,8 @@ function node_help($path, $arg) { // for rebuild. We don't need to issue the message on the confirm form, or // while the rebuild is being processed. if ($path != 'admin/reports/status/rebuild' && $path != 'batch' && strpos($path, '#') === FALSE - && user_access('access administration pages') && node_access_needs_rebuild()) { + && Drupal::request()->attributes->get('_account')->hasPermission('access administration pages') + && node_access_needs_rebuild()) { if ($path == 'admin/reports/status') { $message = t('The content access permissions need to be rebuilt.'); } @@ -767,6 +768,10 @@ function template_preprocess_node(&$variables) { * Implements hook_permission(). */ function node_permission() { + $account = Drupal::request()->attributes->get('_account'); + if (!$account) { + $account = drupal_anonymous_user(); + } $perms = array( 'bypass node access' => array( 'title' => t('Bypass content access control'), @@ -783,7 +788,7 @@ function node_permission() { ), 'access content overview' => array( 'title' => t('Access the Content overview page'), - 'description' => user_access('access content overview') + 'description' => $account->hasPermission('access content overview') ? t('Get an overview of all content.', array('@url' => url('admin/content'))) : t('Get an overview of all content.'), ), @@ -850,7 +855,7 @@ function node_search_info() { * Implements hook_search_access(). */ function node_search_access() { - return user_access('access content'); + return Drupal::request()->attributes->get('_account')->hasPermission('access content'); } /** @@ -1134,7 +1139,7 @@ function _node_add_access() { return TRUE; } } - if (user_access('administer content types')) { + if (Drupal::request()->attributes->get('_account')->hasPermission('administer content types')) { // There are no content types defined that the user has permission to create, // but the user does have the permission to administer the content types, so // grant them access to the page anyway. @@ -1341,11 +1346,12 @@ function node_revision_list(EntityInterface $node) { function node_get_recent($number = 10) { $query = db_select('node_field_data', 'n'); - if (!user_access('bypass node access')) { + if (!Drupal::request()->attributes->get('_account')->hasPermission('bypass node access')) { // If the user is able to view their own unpublished nodes, allow them // to see these in addition to published nodes. Check that they actually // have some unpublished nodes to view before adding the condition. - if (user_access('view own unpublished content') && $own_unpublished = db_query('SELECT DISTINCT nid FROM {node_field_data} WHERE uid = :uid AND status = :status', array(':uid' => $GLOBALS['user']->id(), ':status' => NODE_NOT_PUBLISHED))->fetchCol()) { + if (Drupal::request()->attributes->get('_account')->hasPermission('view own unpublished content') + && $own_unpublished = db_query('SELECT DISTINCT nid FROM {node_field_data} WHERE uid = :uid AND status = :status', array(':uid' => $GLOBALS['user']->id(), ':status' => NODE_NOT_PUBLISHED))->fetchCol()) { $query->condition(db_or() ->condition('n.status', NODE_PUBLISHED) ->condition('n.nid', $own_unpublished, 'IN') @@ -1415,7 +1421,7 @@ function theme_node_recent_block($variables) { '#rows' => $rows, ); $output = drupal_render($table); - if (user_access('access content overview')) { + if (Drupal::request()->attributes->get('_account')->hasPermission('access content overview')) { $more_link = array( '#theme' => 'more_link', '#url' => 'admin/content', @@ -1772,7 +1778,8 @@ function _node_index_node(EntityInterface $node) { * @see node_search_validate() */ function node_form_search_form_alter(&$form, $form_state) { - if (isset($form['module']) && $form['module']['#value'] == 'node' && user_access('use advanced search')) { + if (isset($form['module']) && $form['module']['#value'] == 'node' + && Drupal::request()->attributes->get('_account')->hasPermission('use advanced search')) { // Keyword boxes: $form['advanced'] = array( '#type' => 'details', @@ -2070,18 +2077,22 @@ function node_node_access($node, $op, $account) { $configured_types = node_permissions_get_configured_types(); if (isset($configured_types[$type])) { - if ($op == 'create' && user_access('create ' . $type . ' content', $account)) { + if ($op == 'create' && $account->hasPermission('create ' . $type . ' content')) { return NODE_ACCESS_ALLOW; } if ($op == 'update') { - if (user_access('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content', $account) && ($account->id() == $node->getAuthorId()))) { + if ($account->hasPermission('edit any ' . $type . ' content') + || ($account->hasPermission('edit own ' . $type . ' content') + && ($account->id() == $node->getAuthorId()))) { return NODE_ACCESS_ALLOW; } } if ($op == 'delete') { - if (user_access('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content', $account) && ($account->id() == $node->getAuthorId()))) { + if ($account->hasPermission('delete any ' . $type . ' content') + || ($account->hasPermission('delete own ' . $type . ' content') + && ($account->id() == $node->getAuthorId()))) { return NODE_ACCESS_ALLOW; } } @@ -2271,7 +2282,7 @@ function node_query_node_access_alter(AlterableInterface $query) { // If $account can bypass node access, or there are no node access modules, // or the operation is 'view' and the $account has a global view grant // (such as a view grant for node ID 0), we don't need to alter the query. - if (user_access('bypass node access', $account)) { + if ($account->hasPermission('bypass node access')) { return; } if (!count(Drupal::moduleHandler()->getImplementations('node_grants'))) { diff --git a/core/modules/node/node.pages.inc b/core/modules/node/node.pages.inc index e66e10c..dec5c76 100644 --- a/core/modules/node/node.pages.inc +++ b/core/modules/node/node.pages.inc @@ -202,11 +202,18 @@ function node_revision_overview($node) { $type = $node->type; $revert_permission = FALSE; - if ((user_access("revert $type revisions") || user_access('revert all revisions') || user_access('administer nodes')) && node_access('update', $node)) { + $account = Drupal::request()->attributes->get('_account'); + if (($account->hasPermission("revert $type revisions") + || $account->hasPermission('revert all revisions') + || $account->hasPermission('administer nodes')) + && node_access('update', $node)) { $revert_permission = TRUE; } $delete_permission = FALSE; - if ((user_access("delete $type revisions") || user_access('delete all revisions') || user_access('administer nodes')) && node_access('delete', $node)) { + if (($account->hasPermission("delete $type revisions") + || $account->hasPermission('delete all revisions') + || $account->hasPermission('administer nodes')) + && node_access('delete', $node)) { $delete_permission = TRUE; } foreach ($revisions as $revision) { diff --git a/core/modules/node/node.views.inc b/core/modules/node/node.views.inc index b2d00a6..3312d66 100644 --- a/core/modules/node/node.views.inc +++ b/core/modules/node/node.views.inc @@ -635,7 +635,7 @@ function node_row_node_view_preprocess_node(&$variables) { unset($variables['content']['links']); } - if (!empty($options['comments']) && user_access('access comments') && $node->comment) { + if (!empty($options['comments']) && Drupal::request()->attributes->get('_account')->hasPermission('access comments') && $node->comment) { $variables['content']['comments'] = comment_node_page_additions($node); } } diff --git a/core/modules/node/node.views_execution.inc b/core/modules/node/node.views_execution.inc index e43690b..735ee81 100644 --- a/core/modules/node/node.views_execution.inc +++ b/core/modules/node/node.views_execution.inc @@ -11,10 +11,11 @@ * Implements hook_views_query_substitutions(). */ function node_views_query_substitutions(ViewExecutable $view) { + $account = Drupal::request()->attributes->get('_account'); return array( - '***ADMINISTER_NODES***' => intval(user_access('administer nodes')), - '***VIEW_OWN_UNPUBLISHED_NODES***' => intval(user_access('view own unpublished content')), - '***BYPASS_NODE_ACCESS***' => intval(user_access('bypass node access')), + '***ADMINISTER_NODES***' => intval($account->hasPermission('administer nodes')), + '***VIEW_OWN_UNPUBLISHED_NODES***' => intval($account->hasPermission('view own unpublished content')), + '***BYPASS_NODE_ACCESS***' => intval($account->hasPermission('bypass node access')), ); } diff --git a/core/modules/node/tests/modules/node_access_test/node_access_test.module b/core/modules/node/tests/modules/node_access_test/node_access_test.module index d4bfc29..a169e6a 100644 --- a/core/modules/node/tests/modules/node_access_test/node_access_test.module +++ b/core/modules/node/tests/modules/node_access_test/node_access_test.module @@ -18,7 +18,7 @@ function node_access_test_node_grants($account, $op) { $grants = array(); // First grant a grant to the author for own content. $grants['node_access_test_author'] = array($account->id()); - if ($op == 'view' && user_access('node test view', $account)) { + if ($op == 'view' && $account->hasPermission('node test view')) { $grants['node_access_test'] = array(8888, 8889); }