diff --git a/core/lib/Drupal/Core/Entity/EntityAccessController.php b/core/lib/Drupal/Core/Entity/EntityAccessController.php index b092914..26ee177 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessController.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessController.php @@ -62,25 +62,24 @@ public function access(EntityInterface $entity, $operation, $langcode = Language return $access; } - // Invoke hook_entity_access() and hook_ENTITY_TYPE_access(). Hook results - // take precedence over overridden implementations of - // EntityAccessController::checkAccess(). Entities that have checks that - // need to be done before the hook is invoked should do so by overriding - // this method. - - // We grant access to the entity if both of these conditions are met: - // - No modules say to deny access. - // - At least one module says to grant access. + // Invoke hook_entity_access() and hook_ENTITY_TYPE_access() and combine it + // with the default implementation. $access = array_merge( $this->moduleHandler()->invokeAll('entity_access', array($entity, $operation, $account, $langcode)), - $this->moduleHandler()->invokeAll($entity->getEntityTypeId() . '_access', array($entity, $operation, $account, $langcode)) + $this->moduleHandler()->invokeAll($entity->getEntityTypeId() . '_access', array($entity, $operation, $account, $langcode)), + array(':default' => $this->defaultAccess($entity, $operation, $langcode, $account)) ); - if (($return = $this->processAccessHookResults($access)) === NULL) { - // No module had an opinion about the access, so let's the access - // controller check create access. - $return = (bool) $this->checkAccess($entity, $operation, $langcode, $account); - } + // Allow modules to alter access. + $context = array( + 'operation' => $operation, + 'langcode' => $langcode, + 'account' => $langcode, + ); + $this->moduleHandler()->alter(array('entity_access', $entity->getEntityTypeId() . '_access'), $entity, $context); + + // Check the result and return it. + $return = $this->processAccessHookResults($access); return $this->setCache($return, $entity->uuid(), $operation, $langcode, $account); } @@ -104,7 +103,7 @@ protected function processAccessHookResults(array $access) { return TRUE; } else { - return; + return FALSE; } } @@ -128,7 +127,7 @@ protected function processAccessHookResults(array $access) { * TRUE if access was granted, FALSE if access was denied and NULL if access * could not be determined. */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation == 'delete' && $entity->isNew()) { return FALSE; } @@ -212,25 +211,20 @@ public function createAccess($entity_bundle = NULL, AccountInterface $account = return $access; } - // Invoke hook_entity_create_access() and hook_ENTITY_TYPE_create_access(). - // Hook results take precedence over overridden implementations of - // EntityAccessController::checkAccess(). Entities that have checks that - // need to be done before the hook is invoked should do so by overriding - // this method. - - // We grant access to the entity if both of these conditions are met: - // - No modules say to deny access. - // - At least one module says to grant access. + // Invoke hook_entity_create_access() and hook_ENTITY_TYPE_create_access() + // and combine it with the default implementation. $access = array_merge( $this->moduleHandler()->invokeAll('entity_create_access', array($account, $context['langcode'])), - $this->moduleHandler()->invokeAll($this->entityTypeId . '_create_access', array($account, $context['langcode'])) + $this->moduleHandler()->invokeAll($this->entityTypeId . '_create_access', array($account, $context['langcode'])), + array(':default' => $this->defaultCreateAccess($account, $context, $entity_bundle)) ); - if (($return = $this->processAccessHookResults($access)) === NULL) { - // No module had an opinion about the access, so let's the access - // controller check create access. - $return = (bool) $this->checkCreateAccess($account, $context, $entity_bundle); - } + // Allow modules to alter access. + $context['entity_bundle'] = $entity_bundle; + $this->moduleHandler()->alter(array('entity_create_access', $this->entityTypeId . '_create_access'), $entity, $context); + + // Check the result and return it. + $return = $this->processAccessHookResults($access); return $this->setCache($return, $cid, 'create', $context['langcode'], $account); } @@ -252,7 +246,7 @@ public function createAccess($entity_bundle = NULL, AccountInterface $account = * TRUE if access was granted, FALSE if access was denied and NULL if access * could not be determined. */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { + protected function defaultCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { if ($admin_permission = $this->entityType->getAdminPermission()) { return $account->hasPermission($admin_permission); } diff --git a/core/modules/block/block.api.php b/core/modules/block/block.api.php index 9210f82..2519d4b 100644 --- a/core/modules/block/block.api.php +++ b/core/modules/block/block.api.php @@ -89,7 +89,7 @@ function hook_block_view_BASE_BLOCK_ID_alter(array &$build, \Drupal\block\BlockP * \Drupal\block\BlockAccessController::checkAccess() are used. * * @see \Drupal\Core\Entity\EntityAccessController::access() - * @see \Drupal\block\BlockAccessController::checkAccess() + * @see \Drupal\block\BlockAccessController::defaultAccess() */ function hook_block_access(\Drupal\block\Entity\Block $block, $operation, \Drupal\user\Entity\User $account, $langcode) { // Example code that would prevent displaying the 'Powered by Drupal' block in diff --git a/core/modules/block/custom_block/src/CustomBlockAccessController.php b/core/modules/block/custom_block/src/CustomBlockAccessController.php index c1d65be..aeb7b32 100644 --- a/core/modules/block/custom_block/src/CustomBlockAccessController.php +++ b/core/modules/block/custom_block/src/CustomBlockAccessController.php @@ -19,11 +19,11 @@ class CustomBlockAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation === 'view') { return TRUE; } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::defaultAccess($entity, $operation, $langcode, $account); } } diff --git a/core/modules/block/src/BlockAccessController.php b/core/modules/block/src/BlockAccessController.php index 3bd9fb3..5cbd543 100644 --- a/core/modules/block/src/BlockAccessController.php +++ b/core/modules/block/src/BlockAccessController.php @@ -54,9 +54,9 @@ public static function createInstance(ContainerInterface $container, EntityTypeI /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation != 'view') { - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::defaultAccess($entity, $operation, $langcode, $account); } // Deny access to disabled blocks. diff --git a/core/modules/comment/src/CommentAccessController.php b/core/modules/comment/src/CommentAccessController.php index fe03f3b..db63cc3 100644 --- a/core/modules/comment/src/CommentAccessController.php +++ b/core/modules/comment/src/CommentAccessController.php @@ -21,7 +21,7 @@ class CommentAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { /** @var \Drupal\Core\Entity\EntityInterface|\Drupal\user\EntityOwnerInterface $entity */ switch ($operation) { case 'view': @@ -45,7 +45,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A /** * {@inheritdoc} */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { + protected function defaultCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { return user_access('post comments', $account); } diff --git a/core/modules/config/tests/config_test/src/ConfigTestAccessController.php b/core/modules/config/tests/config_test/src/ConfigTestAccessController.php index cec5421..935c0c8 100644 --- a/core/modules/config/tests/config_test/src/ConfigTestAccessController.php +++ b/core/modules/config/tests/config_test/src/ConfigTestAccessController.php @@ -20,14 +20,14 @@ class ConfigTestAccessController extends EntityAccessController { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + public function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { return TRUE; } /** * {@inheritdoc} */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { + protected function defaultCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { return TRUE; } diff --git a/core/modules/contact/src/CategoryAccessController.php b/core/modules/contact/src/CategoryAccessController.php index f798d79..652c3f8 100644 --- a/core/modules/contact/src/CategoryAccessController.php +++ b/core/modules/contact/src/CategoryAccessController.php @@ -21,7 +21,7 @@ class CategoryAccessController extends EntityAccessController { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + public function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation == 'view') { // Do not allow access personal category via site-wide route. return $account->hasPermission('access site-wide contact form') && $entity->id() !== 'personal'; @@ -32,7 +32,7 @@ public function checkAccess(EntityInterface $entity, $operation, $langcode, Acco return $account->hasPermission('administer contact forms') && $entity->id() !== 'personal'; } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::defaultAccess($entity, $operation, $langcode, $account); } } diff --git a/core/modules/field/src/FieldInstanceConfigAccessController.php b/core/modules/field/src/FieldInstanceConfigAccessController.php index b28fd8a..9fe5b07 100644 --- a/core/modules/field/src/FieldInstanceConfigAccessController.php +++ b/core/modules/field/src/FieldInstanceConfigAccessController.php @@ -19,7 +19,7 @@ class FieldInstanceConfigAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation == 'delete' && $entity->getField()->isLocked()) { return FALSE; } diff --git a/core/modules/filter/src/FilterFormatAccess.php b/core/modules/filter/src/FilterFormatAccess.php index b6f6f58..c6e3def 100644 --- a/core/modules/filter/src/FilterFormatAccess.php +++ b/core/modules/filter/src/FilterFormatAccess.php @@ -19,7 +19,7 @@ class FilterFormatAccess extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $filter_format, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $filter_format, $operation, $langcode, AccountInterface $account) { /** @var \Drupal\filter\FilterFormatInterface $filter_format */ // All users are allowed to use the fallback filter. @@ -39,7 +39,7 @@ protected function checkAccess(EntityInterface $filter_format, $operation, $lang } if (in_array($operation, array('disable', 'update'))) { - return parent::checkAccess($filter_format, $operation, $langcode, $account); + return parent::defaultAccess($filter_format, $operation, $langcode, $account); } } diff --git a/core/modules/language/src/LanguageAccessController.php b/core/modules/language/src/LanguageAccessController.php index 2cc17d0..189cf40 100644 --- a/core/modules/language/src/LanguageAccessController.php +++ b/core/modules/language/src/LanguageAccessController.php @@ -17,11 +17,11 @@ class LanguageAccessController extends EntityAccessController { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + public function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'update': case 'delete': - return !$entity->locked && parent::checkAccess($entity, $operation, $langcode, $account); + return !$entity->locked && parent::defaultAccess($entity, $operation, $langcode, $account); break; } return FALSE; diff --git a/core/modules/menu_link/src/MenuLinkAccessController.php b/core/modules/menu_link/src/MenuLinkAccessController.php index c6e6b91..6a263de 100644 --- a/core/modules/menu_link/src/MenuLinkAccessController.php +++ b/core/modules/menu_link/src/MenuLinkAccessController.php @@ -21,7 +21,7 @@ class MenuLinkAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { $access = $account->hasPermission('administer menu'); if ($access) { switch ($operation) { diff --git a/core/modules/node/src/NodeAccessController.php b/core/modules/node/src/NodeAccessController.php index 7b85600..c331b98 100644 --- a/core/modules/node/src/NodeAccessController.php +++ b/core/modules/node/src/NodeAccessController.php @@ -54,15 +54,15 @@ public static function createInstance(ContainerInterface $container, EntityTypeI ); } - /** * {@inheritdoc} */ public function access(EntityInterface $entity, $operation, $langcode = Language::LANGCODE_DEFAULT, AccountInterface $account = NULL) { - if (user_access('bypass node access', $account)) { + $account = $this->prepareUser($account); + if ($account->hasPermission('bypass node access')) { return TRUE; } - if (!user_access('access content', $account)) { + if (!$account->hasPermission('access content')) { return FALSE; } return parent::access($entity, $operation, $langcode, $account); @@ -73,21 +73,19 @@ public function access(EntityInterface $entity, $operation, $langcode = Language */ public function createAccess($entity_bundle = NULL, AccountInterface $account = NULL, array $context = array()) { $account = $this->prepareUser($account); - - if (user_access('bypass node access', $account)) { + if ($account->hasPermission('bypass node access')) { return TRUE; } - if (!user_access('access content', $account)) { + if (!$account->hasPermission('access content')) { return FALSE; } - return parent::createAccess($entity_bundle, $account, $context); } /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $node, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $node, $operation, $langcode, AccountInterface $account) { /** @var \Drupal\node\NodeInterface $node */ /** @var \Drupal\node\NodeInterface $translation */ $translation = $node->getTranslation($langcode); @@ -96,7 +94,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc $uid = $translation->getOwnerId(); // Check if authors can view their own unpublished nodes. - if ($operation === 'view' && !$status && user_access('view own unpublished content', $account)) { + if ($operation === 'view' && !$status && $account->hasPermission('view own unpublished content')) { if ($account->id() != 0 && $account->id() == $uid) { return TRUE; @@ -119,10 +117,10 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc /** * {@inheritdoc} */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { + protected function defaultCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { $configured_types = node_permissions_get_configured_types(); if (isset($configured_types[$entity_bundle])) { - return user_access('create ' . $entity_bundle . ' content', $account); + return $account->hasPermission('create ' . $entity_bundle . ' content'); } } diff --git a/core/modules/node/src/NodeGrantDatabaseStorage.php b/core/modules/node/src/NodeGrantDatabaseStorage.php index 9503713..f79cf8c 100644 --- a/core/modules/node/src/NodeGrantDatabaseStorage.php +++ b/core/modules/node/src/NodeGrantDatabaseStorage.php @@ -86,7 +86,10 @@ public function access(NodeInterface $node, $operation, $langcode, AccountInterf $query->condition($grants); } - return $query->execute()->fetchField(); + // Ensure that a boolean value is returned if there are any query results. + if ($result = $query->execute()) { + return (bool) $result->fetchField(); + } } /** diff --git a/core/modules/node/src/NodeTypeAccessController.php b/core/modules/node/src/NodeTypeAccessController.php index 23ec80f..fd53f90 100644 --- a/core/modules/node/src/NodeTypeAccessController.php +++ b/core/modules/node/src/NodeTypeAccessController.php @@ -21,11 +21,11 @@ class NodeTypeAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation == 'delete' && $entity->isLocked()) { return FALSE; } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::defaultAccess($entity, $operation, $langcode, $account); } } diff --git a/core/modules/search/src/SearchPageAccessController.php b/core/modules/search/src/SearchPageAccessController.php index cd51278..f3d4ab1 100644 --- a/core/modules/search/src/SearchPageAccessController.php +++ b/core/modules/search/src/SearchPageAccessController.php @@ -20,7 +20,7 @@ class SearchPageAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { /** @var $entity \Drupal\search\SearchPageInterface */ if (in_array($operation, array('delete', 'disable')) && $entity->isDefaultSearch()) { return FALSE; @@ -35,7 +35,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } return TRUE; } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::defaultAccess($entity, $operation, $langcode, $account); } } diff --git a/core/modules/shortcut/src/ShortcutAccessController.php b/core/modules/shortcut/src/ShortcutAccessController.php index b76d48b..9f28683 100644 --- a/core/modules/shortcut/src/ShortcutAccessController.php +++ b/core/modules/shortcut/src/ShortcutAccessController.php @@ -52,7 +52,7 @@ public static function createInstance(ContainerInterface $container, EntityTypeI /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($shortcut_set = $this->shortcutSetStorage->load($entity->bundle())) { return shortcut_set_edit_access($shortcut_set, $account); } @@ -61,7 +61,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A /** * {@inheritdoc} */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { + protected function defaultCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { if ($shortcut_set = $this->shortcutSetStorage->load($entity_bundle)) { return shortcut_set_edit_access($shortcut_set, $account); } diff --git a/core/modules/shortcut/src/ShortcutSetAccessController.php b/core/modules/shortcut/src/ShortcutSetAccessController.php index fd8d1b9..ebdd1d5 100644 --- a/core/modules/shortcut/src/ShortcutSetAccessController.php +++ b/core/modules/shortcut/src/ShortcutSetAccessController.php @@ -19,7 +19,7 @@ class ShortcutSetAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'update': if ($account->hasPermission('administer shortcuts')) { @@ -43,7 +43,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A /** * {@inheritdoc} */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { + protected function defaultCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { return $account->hasPermission('administer shortcuts') || $account->hasPermission('customize shortcut links'); } diff --git a/core/modules/system/src/DateFormatAccessController.php b/core/modules/system/src/DateFormatAccessController.php index a5483b6..35eb9c0 100644 --- a/core/modules/system/src/DateFormatAccessController.php +++ b/core/modules/system/src/DateFormatAccessController.php @@ -19,7 +19,7 @@ class DateFormatAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { // There are no restrictions on viewing a date format. if ($operation == 'view') { return TRUE; @@ -29,7 +29,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return FALSE; } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::defaultAccess($entity, $operation, $langcode, $account); } } diff --git a/core/modules/system/src/MenuAccessController.php b/core/modules/system/src/MenuAccessController.php index fe84368..41c27de 100644 --- a/core/modules/system/src/MenuAccessController.php +++ b/core/modules/system/src/MenuAccessController.php @@ -19,7 +19,7 @@ class MenuAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation === 'view') { return TRUE; } @@ -28,7 +28,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return FALSE; } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::defaultAccess($entity, $operation, $langcode, $account); } } diff --git a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php index 034caa3..da06082 100644 --- a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php +++ b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php @@ -20,7 +20,7 @@ class EntityTestAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation === 'view') { if ($langcode != Language::LANGCODE_DEFAULT) { return user_access('view test entity translations', $account); @@ -35,7 +35,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A /** * {@inheritdoc} */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { + protected function defaultCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { return user_access('administer entity_test content', $account); } diff --git a/core/modules/taxonomy/src/TermAccessController.php b/core/modules/taxonomy/src/TermAccessController.php index ca98dbb..563d17b 100644 --- a/core/modules/taxonomy/src/TermAccessController.php +++ b/core/modules/taxonomy/src/TermAccessController.php @@ -21,7 +21,7 @@ class TermAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'view': return $account->hasPermission('access content'); @@ -40,7 +40,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A /** * {@inheritdoc} */ - protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { + protected function defaultCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { return $account->hasPermission('administer taxonomy'); } diff --git a/core/modules/user/src/RoleAccessController.php b/core/modules/user/src/RoleAccessController.php index 0ab9ad8..9cfd063 100644 --- a/core/modules/user/src/RoleAccessController.php +++ b/core/modules/user/src/RoleAccessController.php @@ -19,7 +19,7 @@ class RoleAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'delete': if ($entity->id() == DRUPAL_ANONYMOUS_RID || $entity->id() == DRUPAL_AUTHENTICATED_RID) { @@ -27,7 +27,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } default: - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::defaultAccess($entity, $operation, $langcode, $account); } } diff --git a/core/modules/user/src/UserAccessController.php b/core/modules/user/src/UserAccessController.php index 9aed19e..396d80d 100644 --- a/core/modules/user/src/UserAccessController.php +++ b/core/modules/user/src/UserAccessController.php @@ -19,7 +19,7 @@ class UserAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'view': return $this->viewAccess($entity, $langcode, $account); @@ -54,7 +54,7 @@ protected function viewAccess(EntityInterface $entity, $langcode, AccountInterfa } elseif ($account->hasPermission('access user profiles')) { // Only allow view access if the account is active. - return $entity->status->value; + return $entity->isActive(); } } return FALSE; diff --git a/core/modules/views/src/Tests/Handler/AreaEntityTest.php b/core/modules/views/src/Tests/Handler/AreaEntityTest.php index 5751042..3aa097a 100644 --- a/core/modules/views/src/Tests/Handler/AreaEntityTest.php +++ b/core/modules/views/src/Tests/Handler/AreaEntityTest.php @@ -8,7 +8,7 @@ namespace Drupal\views\Tests\Handler; use Drupal\Core\Entity\EntityTypeInterface; -use Drupal\Core\Language\Language; +use Drupal\user\Entity\Role; use Drupal\views\Tests\ViewTestBase; use Drupal\views\Views; @@ -80,6 +80,11 @@ public function testEntityAreaData() { */ public function testEntityArea() { + // Grant anonymous users access to viewing entity_test entities. + Role::load('anonymous') + ->grantPermission('view test entity') + ->save(); + $entities = array(); for ($i = 0; $i < 3; $i++) { $random_label = $this->randomName(); diff --git a/core/modules/views/src/ViewAccessController.php b/core/modules/views/src/ViewAccessController.php index e761af2..2d16ccc 100644 --- a/core/modules/views/src/ViewAccessController.php +++ b/core/modules/views/src/ViewAccessController.php @@ -20,8 +20,8 @@ class ViewAccessController extends EntityAccessController { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { - return $operation == 'view' || parent::checkAccess($entity, $operation, $langcode, $account); + public function defaultAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + return $operation == 'view' || parent::defaultAccess($entity, $operation, $langcode, $account); } }