diff --git a/core/lib/Drupal/Core/Theme/ThemeAccessCheck.php b/core/lib/Drupal/Core/Theme/ThemeAccessCheck.php index 90e4a79..7da53ef 100644 --- a/core/lib/Drupal/Core/Theme/ThemeAccessCheck.php +++ b/core/lib/Drupal/Core/Theme/ThemeAccessCheck.php @@ -8,6 +8,7 @@ namespace Drupal\Core\Theme; use Drupal\Core\Access\StaticAccessCheckInterface; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Routing\Route; @@ -26,7 +27,7 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { return $this->checkAccess($request->attributes->get('theme')) ? static::ALLOW : static::DENY; } diff --git a/core/modules/book/lib/Drupal/book/Access/BookNodeIsRemovableAccessCheck.php b/core/modules/book/lib/Drupal/book/Access/BookNodeIsRemovableAccessCheck.php index ccf343c..c80ae27 100644 --- a/core/modules/book/lib/Drupal/book/Access/BookNodeIsRemovableAccessCheck.php +++ b/core/modules/book/lib/Drupal/book/Access/BookNodeIsRemovableAccessCheck.php @@ -9,6 +9,7 @@ use Drupal\book\BookManager; use Drupal\Core\Access\StaticAccessCheckInterface; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\Routing\Route; use Symfony\Component\HttpFoundation\Request; @@ -44,7 +45,7 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { $node = $request->attributes->get('node'); if (!empty($node)) { return $this->bookManager->checkNodeIsRemovable($node) ? static::ALLOW : static::DENY; diff --git a/core/modules/contact/lib/Drupal/contact/Access/ContactPageAccess.php b/core/modules/contact/lib/Drupal/contact/Access/ContactPageAccess.php index 0bfee5c..182cc1a 100644 --- a/core/modules/contact/lib/Drupal/contact/Access/ContactPageAccess.php +++ b/core/modules/contact/lib/Drupal/contact/Access/ContactPageAccess.php @@ -9,6 +9,7 @@ use Drupal\Core\Access\StaticAccessCheckInterface; use Drupal\Core\Config\ConfigFactory; +use Drupal\Core\Session\AccountInterface; use Drupal\user\UserDataInterface; use Symfony\Component\Routing\Route; use Symfony\Component\HttpFoundation\Request; @@ -55,10 +56,8 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { $contact_account = $request->attributes->get('user'); - // @todo revisit after https://drupal.org/node/2048223 - $user = \Drupal::currentUser(); // Anonymous users cannot have contact forms. if ($contact_account->isAnonymous()) { @@ -66,12 +65,12 @@ public function access(Route $route, Request $request) { } // Users may not contact themselves. - if ($user->id() == $contact_account->id()) { + if ($account->id() == $contact_account->id()) { return static::DENY; } // User administrators should always have access to personal contact forms. - if ($user->hasPermission('administer users')) { + if ($account->hasPermission('administer users')) { return static::ALLOW; } @@ -92,7 +91,7 @@ public function access(Route $route, Request $request) { return static::DENY; } - return $user->hasPermission('access user contact forms') ? static::ALLOW : static::DENY; + return $account->hasPermission('access user contact forms') ? static::ALLOW : static::DENY; } } diff --git a/core/modules/content_translation/lib/Drupal/content_translation/Access/ContentTranslationManageAccessCheck.php b/core/modules/content_translation/lib/Drupal/content_translation/Access/ContentTranslationManageAccessCheck.php index 3a53710..85e1d27 100644 --- a/core/modules/content_translation/lib/Drupal/content_translation/Access/ContentTranslationManageAccessCheck.php +++ b/core/modules/content_translation/lib/Drupal/content_translation/Access/ContentTranslationManageAccessCheck.php @@ -10,6 +10,7 @@ use Drupal\Core\Entity\EntityManager; use Drupal\Core\Access\StaticAccessCheckInterface; use Drupal\Core\Language\Language; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\Routing\Route; use Symfony\Component\HttpFoundation\Request; @@ -45,7 +46,7 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { if ($entity = $request->attributes->get('entity')) { $route_requirements = $route->getRequirements(); $operation = $route_requirements['_access_content_translation_manage']; diff --git a/core/modules/content_translation/lib/Drupal/content_translation/Access/ContentTranslationOverviewAccess.php b/core/modules/content_translation/lib/Drupal/content_translation/Access/ContentTranslationOverviewAccess.php index 116e9c5..23608fa 100644 --- a/core/modules/content_translation/lib/Drupal/content_translation/Access/ContentTranslationOverviewAccess.php +++ b/core/modules/content_translation/lib/Drupal/content_translation/Access/ContentTranslationOverviewAccess.php @@ -7,8 +7,9 @@ namespace Drupal\content_translation\Access; -use Drupal\Core\Entity\EntityManager; use Drupal\Core\Access\StaticAccessCheckInterface; +use Drupal\Core\Entity\EntityManager; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\Routing\Route; use Symfony\Component\HttpFoundation\Request; @@ -44,15 +45,12 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { if ($entity = $request->attributes->get('entity')) { // Get entity base info. $entity_type = $entity->entityType(); $bundle = $entity->bundle(); - // Get account details from request. - $account = \Drupal::currentUser(); - // Get entity access callback. $definitions = $this->entityManager->getDefinitions(); $access_callback = $definitions[$entity_type]['translation']['content_translation']['access_callback']; diff --git a/core/modules/node/lib/Drupal/node/Access/NodeAddAccessCheck.php b/core/modules/node/lib/Drupal/node/Access/NodeAddAccessCheck.php index 6608ff8..f67232d 100644 --- a/core/modules/node/lib/Drupal/node/Access/NodeAddAccessCheck.php +++ b/core/modules/node/lib/Drupal/node/Access/NodeAddAccessCheck.php @@ -8,6 +8,7 @@ namespace Drupal\node\Access; use Drupal\Core\Entity\EntityCreateAccessCheck; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\Routing\Route; use Symfony\Component\HttpFoundation\Request; @@ -24,14 +25,14 @@ class NodeAddAccessCheck extends EntityCreateAccessCheck { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { $access_controller = $this->entityManager->getAccessController('node'); // If a node type is set on the request, just check that. if ($request->attributes->has('node_type')) { - return $access_controller->createAccess($request->attributes->get('node_type')->type) ? static::ALLOW : static::DENY; + return $access_controller->createAccess($request->attributes->get('node_type')->type, $account) ? static::ALLOW : static::DENY; } foreach (node_permissions_get_configured_types() as $type) { - if ($access_controller->createAccess($type->type)) { + if ($access_controller->createAccess($type->type, $account)) { // Allow access if at least one type is permitted. return static::ALLOW; } diff --git a/core/modules/search/lib/Drupal/search/Access/SearchAccessCheck.php b/core/modules/search/lib/Drupal/search/Access/SearchAccessCheck.php index fb9a74e..b36d88e 100644 --- a/core/modules/search/lib/Drupal/search/Access/SearchAccessCheck.php +++ b/core/modules/search/lib/Drupal/search/Access/SearchAccessCheck.php @@ -8,6 +8,7 @@ namespace Drupal\search\Access; use Drupal\Core\Access\StaticAccessCheckInterface; +use Drupal\Core\Session\AccountInterface; use Drupal\search\SearchPluginManager; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Routing\Route; @@ -44,7 +45,7 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { return $this->searchManager->getActiveDefinitions() ? static::ALLOW : static::DENY; } diff --git a/core/modules/search/lib/Drupal/search/Access/SearchPluginAccessCheck.php b/core/modules/search/lib/Drupal/search/Access/SearchPluginAccessCheck.php index af4b1df..9ecda1d 100644 --- a/core/modules/search/lib/Drupal/search/Access/SearchPluginAccessCheck.php +++ b/core/modules/search/lib/Drupal/search/Access/SearchPluginAccessCheck.php @@ -7,6 +7,7 @@ namespace Drupal\search\Access; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Routing\Route; @@ -25,8 +26,7 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { - $account = \Drupal::currentUser(); + public function access(Route $route, Request $request, AccountInterface $account) { $plugin_id = $route->getRequirement('_search_plugin_view_access'); return $this->searchManager->pluginAccess($plugin_id, $account) ? static::ALLOW : static::DENY; } diff --git a/core/modules/shortcut/lib/Drupal/shortcut/Access/ShortcutSetEditAccessCheck.php b/core/modules/shortcut/lib/Drupal/shortcut/Access/ShortcutSetEditAccessCheck.php index 7ca4b01..283825a 100644 --- a/core/modules/shortcut/lib/Drupal/shortcut/Access/ShortcutSetEditAccessCheck.php +++ b/core/modules/shortcut/lib/Drupal/shortcut/Access/ShortcutSetEditAccessCheck.php @@ -8,6 +8,7 @@ namespace Drupal\shortcut\Access; use Drupal\Core\Access\StaticAccessCheckInterface; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\Routing\Route; use Symfony\Component\HttpFoundation\Request; @@ -26,7 +27,7 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { $account = \Drupal::currentUser(); $shortcut_set = $request->attributes->get('shortcut_set'); // Sufficiently-privileged users can edit their currently displayed shortcut diff --git a/core/modules/shortcut/lib/Drupal/shortcut/Access/ShortcutSetSwitchAccessCheck.php b/core/modules/shortcut/lib/Drupal/shortcut/Access/ShortcutSetSwitchAccessCheck.php index aacecc4..cae339e 100644 --- a/core/modules/shortcut/lib/Drupal/shortcut/Access/ShortcutSetSwitchAccessCheck.php +++ b/core/modules/shortcut/lib/Drupal/shortcut/Access/ShortcutSetSwitchAccessCheck.php @@ -8,6 +8,7 @@ namespace Drupal\shortcut\Access; use Drupal\Core\Access\StaticAccessCheckInterface; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\Routing\Route; use Symfony\Component\HttpFoundation\Request; @@ -26,9 +27,8 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { $user = \Drupal::currentUser(); - $account = $request->attributes->get('account'); if ($user->hasPermission('administer shortcuts')) { // Administrators can switch anyone's shortcut set. @@ -40,7 +40,7 @@ public function access(Route $route, Request $request) { return static::DENY; } - if (!isset($account) || $user->id() == $account->id()) { + if ($user->id() == $account->id()) { // Users with the 'switch shortcut sets' permission can switch their own // shortcuts sets. return static::ALLOW; diff --git a/core/modules/translation/lib/Drupal/translation/Access/TranslationNodeOverviewAccessCheck.php b/core/modules/translation/lib/Drupal/translation/Access/TranslationNodeOverviewAccessCheck.php index 3b54fe1..0f5342a 100644 --- a/core/modules/translation/lib/Drupal/translation/Access/TranslationNodeOverviewAccessCheck.php +++ b/core/modules/translation/lib/Drupal/translation/Access/TranslationNodeOverviewAccessCheck.php @@ -8,6 +8,7 @@ namespace Drupal\translation\Access; use Drupal\Core\Access\StaticAccessCheckInterface; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Routing\Route; @@ -26,7 +27,7 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { $key = $route->getRequirement('_access_translation_tab'); if ($request->attributes->has($key)) { // @todo Remove _translation_tab_access(). diff --git a/core/modules/update/lib/Drupal/update/Access/UpdateManagerAccessCheck.php b/core/modules/update/lib/Drupal/update/Access/UpdateManagerAccessCheck.php index adc04c8..4c805cd 100644 --- a/core/modules/update/lib/Drupal/update/Access/UpdateManagerAccessCheck.php +++ b/core/modules/update/lib/Drupal/update/Access/UpdateManagerAccessCheck.php @@ -9,6 +9,7 @@ use Drupal\Component\Utility\Settings; use Drupal\Core\Access\StaticAccessCheckInterface; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\Routing\Route; use Symfony\Component\HttpFoundation\Request; @@ -44,7 +45,7 @@ public function appliesTo() { /** * {@inheritdoc} */ - public function access(Route $route, Request $request) { + public function access(Route $route, Request $request, AccountInterface $account) { return $this->settings->get('allow_authorize_operations', TRUE) ? static::ALLOW : static::DENY; }