diff --git a/core/lib/Drupal/Core/Action/ActionInterface.php b/core/lib/Drupal/Core/Action/ActionInterface.php index 4147cea..bbed25a 100644 --- a/core/lib/Drupal/Core/Action/ActionInterface.php +++ b/core/lib/Drupal/Core/Action/ActionInterface.php @@ -9,6 +9,7 @@ use Drupal\Component\Plugin\PluginInspectionInterface; use Drupal\Core\Executable\ExecutableInterface; +use Drupal\Core\Plugin\AccessAwarePluginInterface; /** * Provides an interface for an Action plugin. @@ -18,7 +19,7 @@ * @see \Drupal\Core\Action\ActionBase * @see plugin_api */ -interface ActionInterface extends ExecutableInterface, PluginInspectionInterface { +interface ActionInterface extends ExecutableInterface, PluginInspectionInterface, AccessAwarePluginInterface { /** * Executes the plugin for an array of objects. diff --git a/core/lib/Drupal/Core/Block/BlockPluginInterface.php b/core/lib/Drupal/Core/Block/BlockPluginInterface.php index e363d7c..ffe10c3 100644 --- a/core/lib/Drupal/Core/Block/BlockPluginInterface.php +++ b/core/lib/Drupal/Core/Block/BlockPluginInterface.php @@ -13,8 +13,8 @@ use Drupal\Component\Plugin\PluginInspectionInterface; use Drupal\Component\Plugin\ConfigurablePluginInterface; use Drupal\Core\Form\FormStateInterface; +use Drupal\Core\Plugin\AccessAwarePluginInterface; use Drupal\Core\Plugin\PluginFormInterface; -use Drupal\Core\Session\AccountInterface; /** * Defines the required interface for all block plugins. @@ -26,7 +26,7 @@ * * @ingroup block_api */ -interface BlockPluginInterface extends ConfigurablePluginInterface, PluginFormInterface, PluginInspectionInterface, CacheableInterface, DerivativeInspectionInterface { +interface BlockPluginInterface extends ConfigurablePluginInterface, PluginFormInterface, PluginInspectionInterface, CacheableInterface, DerivativeInspectionInterface, AccessAwarePluginInterface { /** * Returns the user-facing block label. @@ -40,22 +40,6 @@ public function label(); /** - * Indicates whether the block should be shown. - * - * This method allows base implementations to add general access restrictions - * that should apply to all extending block plugins. - * - * @param \Drupal\Core\Session\AccountInterface $account - * The user session for which to check access. - * - * @return bool - * TRUE if the block should be shown, or FALSE otherwise. - * - * @see \Drupal\block\BlockAccessControlHandler - */ - public function access(AccountInterface $account); - - /** * Builds and returns the renderable array for this block plugin. * * @return array diff --git a/core/lib/Drupal/Core/Plugin/AccessAwarePluginInterface.php b/core/lib/Drupal/Core/Plugin/AccessAwarePluginInterface.php new file mode 100644 index 0000000..f807986 --- /dev/null +++ b/core/lib/Drupal/Core/Plugin/AccessAwarePluginInterface.php @@ -0,0 +1,32 @@ +configuration['message'] = $form_state->getValue('message'); } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return TRUE; + } + } diff --git a/core/modules/action/src/Plugin/Action/GotoAction.php b/core/modules/action/src/Plugin/Action/GotoAction.php index 833f304..c8cfa6a 100644 --- a/core/modules/action/src/Plugin/Action/GotoAction.php +++ b/core/modules/action/src/Plugin/Action/GotoAction.php @@ -113,4 +113,11 @@ public function submitConfigurationForm(array &$form, FormStateInterface $form_s $this->configuration['url'] = $form_state->getValue('url'); } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return TRUE; + } + } diff --git a/core/modules/action/src/Plugin/Action/MessageAction.php b/core/modules/action/src/Plugin/Action/MessageAction.php index 7996514..1882623 100644 --- a/core/modules/action/src/Plugin/Action/MessageAction.php +++ b/core/modules/action/src/Plugin/Action/MessageAction.php @@ -11,6 +11,7 @@ use Drupal\Core\Action\ConfigurableActionBase; use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Plugin\ContainerFactoryPluginInterface; +use Drupal\Core\Session\AccountInterface; use Drupal\Core\Utility\Token; use Symfony\Component\DependencyInjection\ContainerInterface; @@ -89,4 +90,11 @@ public function submitConfigurationForm(array &$form, FormStateInterface $form_s unset($this->configuration['node']); } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return TRUE; + } + } diff --git a/core/modules/comment/src/Plugin/Action/SaveComment.php b/core/modules/comment/src/Plugin/Action/SaveComment.php index 5ce763e..c03c852 100644 --- a/core/modules/comment/src/Plugin/Action/SaveComment.php +++ b/core/modules/comment/src/Plugin/Action/SaveComment.php @@ -8,6 +8,7 @@ namespace Drupal\comment\Plugin\Action; use Drupal\Core\Action\ActionBase; +use Drupal\Core\Session\AccountInterface; /** * Saves a comment. @@ -27,4 +28,11 @@ public function execute($comment = NULL) { $comment->save(); } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return $account->hasPermission('administer comments'); + } + } diff --git a/core/modules/comment/src/Plugin/Action/UnpublishByKeywordComment.php b/core/modules/comment/src/Plugin/Action/UnpublishByKeywordComment.php index 3d10bcb..25f5a0b 100644 --- a/core/modules/comment/src/Plugin/Action/UnpublishByKeywordComment.php +++ b/core/modules/comment/src/Plugin/Action/UnpublishByKeywordComment.php @@ -11,6 +11,7 @@ use Drupal\Core\Action\ConfigurableActionBase; use Drupal\comment\CommentInterface; use Drupal\Core\Form\FormStateInterface; +use Drupal\Core\Session\AccountInterface; /** * Unpublishes a comment containing certain keywords. @@ -67,4 +68,11 @@ public function submitConfigurationForm(array &$form, FormStateInterface $form_s $this->configuration['keywords'] = Tags::explode($form_state->getValue('keywords')); } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return $account->hasPermission('administer comments'); + } + } diff --git a/core/modules/node/src/Plugin/Action/AssignOwnerNode.php b/core/modules/node/src/Plugin/Action/AssignOwnerNode.php index 17e62d1..8e7ecc9 100644 --- a/core/modules/node/src/Plugin/Action/AssignOwnerNode.php +++ b/core/modules/node/src/Plugin/Action/AssignOwnerNode.php @@ -11,6 +11,7 @@ use Drupal\Core\Database\Connection; use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Plugin\ContainerFactoryPluginInterface; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\DependencyInjection\ContainerInterface; /** @@ -132,4 +133,11 @@ public function submitConfigurationForm(array &$form, FormStateInterface $form_s $this->configuration['owner_uid'] = $this->connection->query('SELECT uid from {users_field_data} WHERE name = :name AND default_langcode = 1', array(':name' => $form_state->getValue('owner_name')))->fetchField(); } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return $account->hasPermission('administer nodes'); + } + } diff --git a/core/modules/node/src/Plugin/Action/DeleteNode.php b/core/modules/node/src/Plugin/Action/DeleteNode.php index e71b581..58c1621 100644 --- a/core/modules/node/src/Plugin/Action/DeleteNode.php +++ b/core/modules/node/src/Plugin/Action/DeleteNode.php @@ -9,6 +9,7 @@ use Drupal\Core\Action\ActionBase; use Drupal\Core\Plugin\ContainerFactoryPluginInterface; +use Drupal\Core\Session\AccountInterface; use Drupal\user\TempStoreFactory; use Symfony\Component\DependencyInjection\ContainerInterface; @@ -70,4 +71,11 @@ public function execute($object = NULL) { $this->executeMultiple(array($object)); } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return $account->hasPermission('administer nodes'); + } + } diff --git a/core/modules/node/src/Plugin/Action/UnpublishByKeywordNode.php b/core/modules/node/src/Plugin/Action/UnpublishByKeywordNode.php index 60bd836..6ef4e1c 100644 --- a/core/modules/node/src/Plugin/Action/UnpublishByKeywordNode.php +++ b/core/modules/node/src/Plugin/Action/UnpublishByKeywordNode.php @@ -10,6 +10,7 @@ use Drupal\Component\Utility\Tags; use Drupal\Core\Action\ConfigurableActionBase; use Drupal\Core\Form\FormStateInterface; +use Drupal\Core\Session\AccountInterface; /** * Unpublishes a node containing certain keywords. @@ -65,4 +66,11 @@ public function submitConfigurationForm(array &$form, FormStateInterface $form_s $this->configuration['keywords'] = Tags::explode($form_state->getValue('keywords')); } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return $account->hasPermission('administer nodes'); + } + } diff --git a/core/modules/system/tests/modules/action_test/src/Plugin/Action/NoType.php b/core/modules/system/tests/modules/action_test/src/Plugin/Action/NoType.php index 7f18b57..e9c4b3c 100644 --- a/core/modules/system/tests/modules/action_test/src/Plugin/Action/NoType.php +++ b/core/modules/system/tests/modules/action_test/src/Plugin/Action/NoType.php @@ -8,6 +8,7 @@ namespace Drupal\action_test\Plugin\Action; use Drupal\Core\Action\ActionBase; +use Drupal\Core\Session\AccountInterface; /** * Provides an operation with no type specified. @@ -25,4 +26,11 @@ class NoType extends ActionBase { public function execute($entity = NULL) { } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return TRUE; + } + } diff --git a/core/modules/user/src/Plugin/Action/AddRoleUser.php b/core/modules/user/src/Plugin/Action/AddRoleUser.php index acf4dd9..cb8068d 100644 --- a/core/modules/user/src/Plugin/Action/AddRoleUser.php +++ b/core/modules/user/src/Plugin/Action/AddRoleUser.php @@ -7,6 +7,7 @@ namespace Drupal\user\Plugin\Action; +use Drupal\Core\Session\AccountInterface; use Drupal\user\Plugin\Action\ChangeUserRoleBase; /** @@ -35,4 +36,11 @@ public function execute($account = NULL) { } } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return $account->hasPermission('administer users'); + } + } diff --git a/core/modules/user/src/Plugin/Action/CancelUser.php b/core/modules/user/src/Plugin/Action/CancelUser.php index 6c0e392..b00f1a4 100644 --- a/core/modules/user/src/Plugin/Action/CancelUser.php +++ b/core/modules/user/src/Plugin/Action/CancelUser.php @@ -9,6 +9,7 @@ use Drupal\Core\Action\ActionBase; use Drupal\Core\Plugin\ContainerFactoryPluginInterface; +use Drupal\Core\Session\AccountInterface; use Drupal\user\TempStoreFactory; use Symfony\Component\DependencyInjection\ContainerInterface; @@ -70,4 +71,11 @@ public function execute($object = NULL) { $this->executeMultiple(array($object)); } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return $account->hasPermission('administer users'); + } + } diff --git a/core/modules/user/src/Plugin/Action/ChangeUserRoleBase.php b/core/modules/user/src/Plugin/Action/ChangeUserRoleBase.php index 62c4214..e09a119 100644 --- a/core/modules/user/src/Plugin/Action/ChangeUserRoleBase.php +++ b/core/modules/user/src/Plugin/Action/ChangeUserRoleBase.php @@ -12,6 +12,7 @@ use Drupal\Core\Entity\EntityTypeInterface; use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Plugin\ContainerFactoryPluginInterface; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\DependencyInjection\ContainerInterface; /** @@ -91,4 +92,11 @@ public function calculateDependencies() { return $this->dependencies; } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return $account->hasPermission('administer users'); + } + } diff --git a/core/modules/user/src/Plugin/Action/RemoveRoleUser.php b/core/modules/user/src/Plugin/Action/RemoveRoleUser.php index e63a70a..4f55a14 100644 --- a/core/modules/user/src/Plugin/Action/RemoveRoleUser.php +++ b/core/modules/user/src/Plugin/Action/RemoveRoleUser.php @@ -7,6 +7,7 @@ namespace Drupal\user\Plugin\Action; +use Drupal\Core\Session\AccountInterface; use Drupal\user\Plugin\Action\ChangeUserRoleBase; /** @@ -35,4 +36,11 @@ public function execute($account = NULL) { } } + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { + return $account->hasPermission('administer users'); + } + } diff --git a/core/modules/views/src/Plugin/views/access/AccessPluginBase.php b/core/modules/views/src/Plugin/views/access/AccessPluginBase.php index 45f1ab0..5af8b2c 100644 --- a/core/modules/views/src/Plugin/views/access/AccessPluginBase.php +++ b/core/modules/views/src/Plugin/views/access/AccessPluginBase.php @@ -7,7 +7,7 @@ namespace Drupal\views\Plugin\views\access; -use Drupal\Core\Session\AccountInterface; +use Drupal\Core\Plugin\AccessAwarePluginInterface; use Drupal\views\Plugin\views\PluginBase; use Symfony\Component\Routing\Route; @@ -30,7 +30,7 @@ /** * The base plugin to handle access control. */ -abstract class AccessPluginBase extends PluginBase { +abstract class AccessPluginBase extends PluginBase implements AccessAwarePluginInterface { /** * {@inheritdoc} @@ -40,17 +40,6 @@ public function summaryTitle() { } /** - * Determine if the current user has access or not. - * - * @param \Drupal\Core\Session\AccountInterface $account - * The user who wants to access this view. - * - * @return TRUE - * Returns whether the user has access to the view. - */ - abstract public function access(AccountInterface $account); - - /** * Allows access plugins to alter the route definition of a view. * * Likely the access plugin will add new requirements, so its custom access