diff --git a/core/lib/Drupal/Core/Entity/EntityAccessController.php b/core/lib/Drupal/Core/Entity/EntityAccessController.php index a811110..128c28f 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessController.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessController.php @@ -33,6 +33,13 @@ class EntityAccessController implements EntityAccessControllerInterface { protected $entityType; /** + * The entity info array. + * + * @var array + */ + protected $entityInfo; + + /** * The module handler service. * * @var \Drupal\Core\Extension\ModuleHandlerInterface @@ -44,9 +51,12 @@ class EntityAccessController implements EntityAccessControllerInterface { * * @param string $entity_type * The entity type of the access controller instance. + * @param array $entity_info + * An array of entity info for the entity type. */ - public function __construct($entity_type) { + public function __construct($entity_type, array $entity_info) { $this->entityType = $entity_type; + $this->entityInfo = $entity_info; } /** @@ -127,7 +137,12 @@ protected function processAccessHookResults(array $access) { * could not be determined. */ protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { - return NULL; + if (!empty($this->entityInfo['admin_permission'])) { + return $account->hasPermission($this->entityInfo['admin_permission']); + } + else { + return NULL; + } } /** @@ -243,7 +258,12 @@ public function createAccess($entity_bundle = NULL, AccountInterface $account = * could not be determined. */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return NULL; + if (!empty($this->entityInfo['admin_permission'])) { + return $account->hasPermission($this->entityInfo['admin_permission']); + } + else { + return NULL; + } } /** diff --git a/core/lib/Drupal/Core/Entity/EntityManager.php b/core/lib/Drupal/Core/Entity/EntityManager.php index e9808d2..90bf5d1 100644 --- a/core/lib/Drupal/Core/Entity/EntityManager.php +++ b/core/lib/Drupal/Core/Entity/EntityManager.php @@ -354,7 +354,7 @@ protected function getController($entity_type, $controller_type) { $this->controllers[$controller_type][$entity_type] = $class::createInstance($this->container, $entity_type, $this->getDefinition($entity_type)); } else { - $this->controllers[$controller_type][$entity_type] = new $class($entity_type); + $this->controllers[$controller_type][$entity_type] = new $class($entity_type, $this->getDefinition($entity_type)); } } return $this->controllers[$controller_type][$entity_type]; diff --git a/core/modules/action/lib/Drupal/action/ActionAccessController.php b/core/modules/action/lib/Drupal/action/ActionAccessController.php deleted file mode 100644 index d94edd3..0000000 --- a/core/modules/action/lib/Drupal/action/ActionAccessController.php +++ /dev/null @@ -1,24 +0,0 @@ -aliasManager = $alias_manager; } @@ -46,6 +48,7 @@ public function __construct($entity_type, AliasManagerInterface $alias_manager) public static function createInstance(ContainerInterface $container, $entity_type, array $entity_info) { return new static( $entity_type, + $entity_info, $container->get('path.alias_manager') ); } diff --git a/core/modules/language/lib/Drupal/language/Entity/Language.php b/core/modules/language/lib/Drupal/language/Entity/Language.php index 53e721f..c1c1006 100644 --- a/core/modules/language/lib/Drupal/language/Entity/Language.php +++ b/core/modules/language/lib/Drupal/language/Entity/Language.php @@ -31,6 +31,7 @@ * "delete" = "Drupal\language\Form\LanguageDeleteForm" * } * }, + * admin_permission = "administer languages", * config_prefix = "language.entity", * entity_keys = { * "id" = "id", diff --git a/core/modules/language/lib/Drupal/language/LanguageAccessController.php b/core/modules/language/lib/Drupal/language/LanguageAccessController.php index 1609dd0..597a4c0 100644 --- a/core/modules/language/lib/Drupal/language/LanguageAccessController.php +++ b/core/modules/language/lib/Drupal/language/LanguageAccessController.php @@ -21,17 +21,10 @@ public function access(EntityInterface $entity, $operation, $langcode = Language switch ($operation) { case 'update': case 'delete': - return !$entity->locked && user_access('administer languages'); + return !$entity->locked && parent::checkAccess($entity, $operation, $langcode, $account); break; } return FALSE; } - /** - * {@inheritdoc} - */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return $account->hasPermission('administer languages'); - } - } diff --git a/core/modules/menu_link/lib/Drupal/menu_link/Entity/MenuLink.php b/core/modules/menu_link/lib/Drupal/menu_link/Entity/MenuLink.php index a238ad6..616755f 100644 --- a/core/modules/menu_link/lib/Drupal/menu_link/Entity/MenuLink.php +++ b/core/modules/menu_link/lib/Drupal/menu_link/Entity/MenuLink.php @@ -33,6 +33,7 @@ * "default" = "Drupal\menu_link\MenuLinkFormController" * } * }, + * admin_permission = "administer menu", * static_cache = FALSE, * base_table = "menu_links", * uri_callback = "menu_link_uri", diff --git a/core/modules/menu_link/lib/Drupal/menu_link/MenuLinkAccessController.php b/core/modules/menu_link/lib/Drupal/menu_link/MenuLinkAccessController.php index a1c2c69..85cc796 100644 --- a/core/modules/menu_link/lib/Drupal/menu_link/MenuLinkAccessController.php +++ b/core/modules/menu_link/lib/Drupal/menu_link/MenuLinkAccessController.php @@ -38,11 +38,4 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return $access; } - /** - * {@inheritdoc} - */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return $account->hasPermission('administer menu'); - } - } diff --git a/core/modules/node/lib/Drupal/node/NodeAccessController.php b/core/modules/node/lib/Drupal/node/NodeAccessController.php index 0f06917..944b411 100644 --- a/core/modules/node/lib/Drupal/node/NodeAccessController.php +++ b/core/modules/node/lib/Drupal/node/NodeAccessController.php @@ -35,11 +35,13 @@ class NodeAccessController extends EntityAccessController implements NodeAccessC * * @param string $entity_type * The entity type of the access controller instance. + * @param array $entity_info + * An array of entity info for the entity type. * @param \Drupal\node\NodeGrantDatabaseStorageInterface $grant_storage * The node grant storage. */ - public function __construct($entity_type, NodeGrantDatabaseStorageInterface $grant_storage) { - parent::__construct($entity_type); + public function __construct($entity_type, array $entity_info, NodeGrantDatabaseStorageInterface $grant_storage) { + parent::__construct($entity_type, $entity_info); $this->grantStorage = $grant_storage; } @@ -49,6 +51,7 @@ public function __construct($entity_type, NodeGrantDatabaseStorageInterface $gra public static function createInstance(ContainerInterface $container, $entity_type, array $entity_info) { return new static( $entity_type, + $entity_info, $container->get('node.grant_storage') ); } diff --git a/core/modules/system/lib/Drupal/system/Entity/Action.php b/core/modules/system/lib/Drupal/system/Entity/Action.php index ac68e3e..e12ce4a 100644 --- a/core/modules/system/lib/Drupal/system/Entity/Action.php +++ b/core/modules/system/lib/Drupal/system/Entity/Action.php @@ -24,8 +24,9 @@ * module = "system", * controllers = { * "storage" = "Drupal\Core\Config\Entity\ConfigStorageController", - * "access" = "Drupal\action\ActionAccessController" + * "access" = "\Drupal\Core\Entity\EntityAccessController" * }, + * admin_permission = "administer actions", * config_prefix = "system.action", * entity_keys = { * "id" = "id", diff --git a/core/modules/user/lib/Drupal/user/Entity/Role.php b/core/modules/user/lib/Drupal/user/Entity/Role.php index 0f8e90e..d51ef15 100644 --- a/core/modules/user/lib/Drupal/user/Entity/Role.php +++ b/core/modules/user/lib/Drupal/user/Entity/Role.php @@ -27,6 +27,7 @@ * "delete" = "Drupal\user\Form\UserRoleDelete" * } * }, + * admin_permission = "administer permission", * config_prefix = "user.role", * entity_keys = { * "id" = "id", diff --git a/core/modules/user/lib/Drupal/user/Entity/User.php b/core/modules/user/lib/Drupal/user/Entity/User.php index d8dc8e4..074cd9b 100644 --- a/core/modules/user/lib/Drupal/user/Entity/User.php +++ b/core/modules/user/lib/Drupal/user/Entity/User.php @@ -30,6 +30,7 @@ * }, * "translation" = "Drupal\user\ProfileTranslationController" * }, + * admin_permission = "administer user", * base_table = "users", * uri_callback = "user_uri", * route_base_path = "admin/config/people/accounts", diff --git a/core/modules/user/lib/Drupal/user/RoleAccessController.php b/core/modules/user/lib/Drupal/user/RoleAccessController.php index e98c540..0ab9ad8 100644 --- a/core/modules/user/lib/Drupal/user/RoleAccessController.php +++ b/core/modules/user/lib/Drupal/user/RoleAccessController.php @@ -27,15 +27,8 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } default: - return user_access('administer permissions', $account); + return parent::checkAccess($entity, $operation, $langcode, $account); } } - /** - * {@inheritdoc} - */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer permissions', $account); - } - } diff --git a/core/modules/user/lib/Drupal/user/UserAccessController.php b/core/modules/user/lib/Drupal/user/UserAccessController.php index e6f6ed6..618dfe3 100644 --- a/core/modules/user/lib/Drupal/user/UserAccessController.php +++ b/core/modules/user/lib/Drupal/user/UserAccessController.php @@ -41,13 +41,6 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } /** - * {@inheritdoc} - */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer users', $account); - } - - /** * Check view access. * * See EntityAccessControllerInterface::view() for parameters. diff --git a/core/modules/views/lib/Drupal/views/Entity/View.php b/core/modules/views/lib/Drupal/views/Entity/View.php index a24e53e..ceb423e 100644 --- a/core/modules/views/lib/Drupal/views/Entity/View.php +++ b/core/modules/views/lib/Drupal/views/Entity/View.php @@ -25,6 +25,7 @@ * "storage" = "Drupal\views\ViewStorageController", * "access" = "Drupal\views\ViewAccessController" * }, + * admin_permission = "administer views", * config_prefix = "views.view", * entity_keys = { * "id" = "id", diff --git a/core/modules/views/lib/Drupal/views/ViewAccessController.php b/core/modules/views/lib/Drupal/views/ViewAccessController.php index 80ad8a9..2831b37 100644 --- a/core/modules/views/lib/Drupal/views/ViewAccessController.php +++ b/core/modules/views/lib/Drupal/views/ViewAccessController.php @@ -21,14 +21,7 @@ class ViewAccessController extends EntityAccessController { * {@inheritdoc} */ public function access(EntityInterface $entity, $operation, $langcode = Language::LANGCODE_DEFAULT, AccountInterface $account = NULL) { - return $operation == 'view' || user_access('administer views', $account); - } - - /** - * {@inheritdoc} - */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return user_access('administer views', $account); + return $operation == 'view' || parent::checkAccess($entity, $operation, $langcode, $account); } }