diff --git a/media_entity.info.yml b/media_entity.info.yml index fe5b1b0..ddf213f 100644 --- a/media_entity.info.yml +++ b/media_entity.info.yml @@ -7,7 +7,7 @@ dependencies: - drupal:image - drupal:user - drupal:views - - entity:entity (>=8.x-1.0-alpha3) + - entity:entity - drupal:system (>=8.1.0) test_dependencies: - entity:entity diff --git a/src/Entity/Media.php b/src/Entity/Media.php index a73200a..2fc64e5 100644 --- a/src/Entity/Media.php +++ b/src/Entity/Media.php @@ -21,7 +21,8 @@ use Drupal\user\UserInterface; * "storage" = "Drupal\media_entity\MediaStorage", * "view_builder" = "Drupal\Core\Entity\EntityViewBuilder", * "list_builder" = "Drupal\Core\Entity\EntityListBuilder", - * "access" = "Drupal\media_entity\MediaAccessController", + * "access" = "\Drupal\entity\EntityAccessControlHandler", + * "permission_provider" = "\Drupal\entity\EntityPermissionProvider", * "form" = { * "default" = "Drupal\media_entity\MediaForm", * "delete" = "Drupal\media_entity\Form\MediaDeleteForm", @@ -46,10 +47,11 @@ use Drupal\user\UserInterface; * "bundle" = "bundle", * "label" = "name", * "langcode" = "langcode", - * "uuid" = "uuid" + * "uuid" = "uuid", + * "uid" = "uid" * }, * bundle_entity_type = "media_bundle", - * permission_granularity = "entity_type", + * permission_granularity = "bundle", * admin_permission = "administer media", * field_ui_base_route = "entity.media_bundle.edit_form", * links = { @@ -484,4 +486,34 @@ class Media extends ContentEntityBase implements MediaInterface { return $this; } + /** + * {@inheritdoc} + */ + public function getOwner() { + return $this->get('uid')->entity; + } + + /** + * {@inheritdoc} + */ + public function getOwnerId() { + return $this->getEntityKey('uid'); + } + + /** + * {@inheritdoc} + */ + public function setOwnerId($uid) { + $this->set('uid', $uid); + return $this; + } + + /** + * {@inheritdoc} + */ + public function setOwner(UserInterface $account) { + $this->set('uid', $account->id()); + return $this; + } + } diff --git a/src/MediaAccessController.php b/src/MediaAccessController.php deleted file mode 100644 index 5b09787..0000000 --- a/src/MediaAccessController.php +++ /dev/null @@ -1,46 +0,0 @@ -hasPermission('administer media')) { - return AccessResult::allowed()->cachePerPermissions(); - } - - $is_owner = ($account->id() && $account->id() == $entity->getPublisherId()) ? TRUE : FALSE; - switch ($operation) { - case 'view': - return AccessResult::allowedIf($account->hasPermission('view media') && $entity->status->value); - - case 'update': - return AccessResult::allowedIf(($account->hasPermission('update media') && $is_owner) || $account->hasPermission('update any media'))->cachePerPermissions()->cachePerUser()->addCacheableDependency($entity); - - case 'delete': - return AccessResult::allowedIf(($account->hasPermission('delete media') && $is_owner) || $account->hasPermission('delete any media'))->cachePerPermissions()->cachePerUser()->addCacheableDependency($entity); - } - - // No opinion. - return AccessResult::neutral()->cachePerPermissions(); - } - - /** - * {@inheritdoc} - */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - return AccessResult::allowedIfHasPermission($account, 'create media'); - } - -} diff --git a/src/MediaInterface.php b/src/MediaInterface.php index 63f7d0b..23f43a7 100644 --- a/src/MediaInterface.php +++ b/src/MediaInterface.php @@ -5,11 +5,12 @@ namespace Drupal\media_entity; use Drupal\Core\Entity\EntityChangedInterface; use Drupal\Core\Entity\ContentEntityInterface; use Drupal\Core\Entity\RevisionLogInterface; +use Drupal\user\EntityOwnerInterface; /** * Provides an interface defining a media entity. */ -interface MediaInterface extends ContentEntityInterface, EntityChangedInterface, RevisionLogInterface { +interface MediaInterface extends ContentEntityInterface, EntityChangedInterface, RevisionLogInterface, EntityOwnerInterface { /** * Returns the media creation timestamp. diff --git a/tests/src/Functional/MediaAccessTest.php b/tests/src/Functional/MediaAccessTest.php index b774fb5..5a72a49 100644 --- a/tests/src/Functional/MediaAccessTest.php +++ b/tests/src/Functional/MediaAccessTest.php @@ -62,7 +62,7 @@ class MediaAccessTest extends MediaEntityFunctionalTestBase { // Test 'view media' permission. $this->drupalGet('media/' . $media->id()); $assert_session->statusCodeEquals(403); - $this->grantPermissions($role, ['view media']); + $this->grantPermissions($role, ['view any ' . $media->bundle() . ' media']); $this->drupalGet('media/' . $media->id()); $assert_session->statusCodeEquals(200); @@ -73,13 +73,13 @@ class MediaAccessTest extends MediaEntityFunctionalTestBase { $this->drupalGet('media/add/' . $this->testBundle->id()); $assert_session->statusCodeEquals(200); - // Test 'update media' and 'delete media' permissions. + // Test 'update own BUNDLE media' and 'delete own BUNDLE media' permissions. $this->drupalGet('media/' . $user_media->id() . '/edit'); $assert_session->statusCodeEquals(403); $this->drupalGet('media/' . $user_media->id() . '/delete'); $assert_session->statusCodeEquals(403); - $this->grantPermissions($role, ['update media']); - $this->grantPermissions($role, ['delete media']); + $this->grantPermissions($role, ['update own ' . $user_media->bundle() . ' media']); + $this->grantPermissions($role, ['delete own ' . $user_media->bundle() . ' media']); $this->drupalGet('media/' . $user_media->id() . '/edit'); $assert_session->statusCodeEquals(200); $this->drupalGet('media/' . $user_media->id() . '/delete');