diff --git a/core/lib/Drupal/Core/Entity/ContentEntityBase.php b/core/lib/Drupal/Core/Entity/ContentEntityBase.php index 4c0763b..1e5d778 100644 --- a/core/lib/Drupal/Core/Entity/ContentEntityBase.php +++ b/core/lib/Drupal/Core/Entity/ContentEntityBase.php @@ -593,7 +593,7 @@ public function access($operation, AccountInterface $account = NULL, $return_as_ } return $this->entityManager() ->getAccessControlHandler($this->entityTypeId) - ->access($this, $operation, $this->activeLangcode, $account, $return_as_object); + ->access($this, $operation, $account, $return_as_object, $this->activeLangcode); } /** diff --git a/core/lib/Drupal/Core/Entity/Entity.php b/core/lib/Drupal/Core/Entity/Entity.php index 01416ba..9328dfb 100644 --- a/core/lib/Drupal/Core/Entity/Entity.php +++ b/core/lib/Drupal/Core/Entity/Entity.php @@ -313,7 +313,7 @@ public function access($operation, AccountInterface $account = NULL, $return_as_ } return $this->entityManager() ->getAccessControlHandler($this->entityTypeId) - ->access($this, $operation, LanguageInterface::LANGCODE_DEFAULT, $account, $return_as_object); + ->access($this, $operation, $account, $return_as_object, LanguageInterface::LANGCODE_DEFAULT); } /** diff --git a/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php b/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php index c34cffc..6b548bb 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php @@ -53,9 +53,14 @@ public function __construct(EntityTypeInterface $entity_type) { /** * {@inheritdoc} */ - public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL, $return_as_object = FALSE) { + public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE, $langcode = NULL) { $account = $this->prepareUser($account); + // If no language is specified, default to the entity language. + if (!isset($langcode)) { + $langcode = $entity->language()->getId(); + } + if (($return = $this->getCache($entity->uuid(), $operation, $langcode, $account)) !== NULL) { // Cache hit, no work necessary. return $return_as_object ? $return : $return->isAllowed(); @@ -80,7 +85,7 @@ public function access(EntityInterface $entity, $operation, $langcode = Language // Also execute the default access check except when the access result is // already forbidden, as in that case, it can not be anything else. if (!$return->isForbidden()) { - $return = $return->orIf($this->checkAccess($entity, $operation, $langcode, $account)); + $return = $return->orIf($this->checkAccess($entity, $operation, $account, $langcode)); } $result = $this->setCache($return, $entity->uuid(), $operation, $langcode, $account); return $return_as_object ? $result : $result->isAllowed(); @@ -124,15 +129,18 @@ protected function processAccessHookResults(array $access) { * The entity for which to check access. * @param string $operation * The entity operation. Usually one of 'view', 'update' or 'delete'. - * @param string $langcode - * The language code for which to check access. * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. + * @param string $langcode + * The language code for which to check access. This argument was deprecated + * in Drupal 8.0.0-rc1 and will be removed before Drupal 8.0.0. Pass the + * entity translation corresponding to the language to check access for as + * first parameter, if dealing with a multilingual entity. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { if ($operation == 'delete' && $entity->isNew()) { return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } diff --git a/core/lib/Drupal/Core/Entity/EntityAccessControlHandlerInterface.php b/core/lib/Drupal/Core/Entity/EntityAccessControlHandlerInterface.php index 4a0a5b5..3bb0bb1 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessControlHandlerInterface.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessControlHandlerInterface.php @@ -29,14 +29,16 @@ * @param string $operation * The operation access should be checked for. * Usually one of "view", "update" or "delete". - * @param string $langcode - * (optional) The language code for which to check access. Defaults to - * LanguageInterface::LANGCODE_DEFAULT. * @param \Drupal\Core\Session\AccountInterface $account * (optional) The user session for which to check access, or NULL to check * access for the current user. Defaults to NULL. * @param bool $return_as_object * (optional) Defaults to FALSE. + * @param string $langcode + * (optional) The language code for which to check access. This argument was + * deprecated in Drupal 8.0.0-rc1 and will be removed before Drupal 8.0.0. + * Pass the entity translation corresponding to the language to check access + * for as first parameter, if dealing with a multilingual entity. * * @return bool|\Drupal\Core\Access\AccessResultInterface * The access result. Returns a boolean if $return_as_object is FALSE (this @@ -45,7 +47,7 @@ * returned, i.e. TRUE means access is explicitly allowed, FALSE means * access is either explicitly forbidden or "no opinion". */ - public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL, $return_as_object = FALSE); + public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE, $langcode = NULL); /** * Checks access to create an entity. diff --git a/core/lib/Drupal/Core/Entity/entity.api.php b/core/lib/Drupal/Core/Entity/entity.api.php index 37fcdff..14eb8f6 100644 --- a/core/lib/Drupal/Core/Entity/entity.api.php +++ b/core/lib/Drupal/Core/Entity/entity.api.php @@ -523,7 +523,9 @@ * @param \Drupal\Core\Session\AccountInterface $account * The account trying to access the entity. * @param string $langcode - * The code of the language $entity is accessed in. + * The language code for which to check access. This argument was deprecated + * in Drupal 8.0.0-rc1 and will be removed before Drupal 8.0.0. Use the entity + * language instead. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. The final result is calculated by using @@ -556,7 +558,9 @@ function hook_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operat * @param \Drupal\Core\Session\AccountInterface $account * The account trying to access the entity. * @param string $langcode - * The code of the language $entity is accessed in. + * The language code for which to check access. This argument was deprecated + * in Drupal 8.0.0-rc1 and will be removed before Drupal 8.0.0. Use the entity + * language instead. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. hook_entity_access() has detailed documentation. diff --git a/core/modules/aggregator/src/FeedAccessControlHandler.php b/core/modules/aggregator/src/FeedAccessControlHandler.php index f147c53..6238278 100644 --- a/core/modules/aggregator/src/FeedAccessControlHandler.php +++ b/core/modules/aggregator/src/FeedAccessControlHandler.php @@ -22,7 +22,7 @@ class FeedAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { switch ($operation) { case 'view': return AccessResult::allowedIfHasPermission($account, 'access news feeds'); diff --git a/core/modules/block/block.api.php b/core/modules/block/block.api.php index a60f35e..df4d795 100644 --- a/core/modules/block/block.api.php +++ b/core/modules/block/block.api.php @@ -194,7 +194,9 @@ function hook_block_build_BASE_BLOCK_ID_alter(array &$build, \Drupal\Core\Block\ * @param \Drupal\Core\Session\AccountInterface $account * The user object to perform the access check operation on. * @param string $langcode - * The language code to perform the access check operation on. + * The language code for which to check access. This argument was deprecated + * in Drupal 8.0.0-rc1 and will be removed before Drupal 8.0.0. Use the block + * language instead. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. If all implementations of this hook return diff --git a/core/modules/block/src/BlockAccessControlHandler.php b/core/modules/block/src/BlockAccessControlHandler.php index b7fea60..ef90698 100644 --- a/core/modules/block/src/BlockAccessControlHandler.php +++ b/core/modules/block/src/BlockAccessControlHandler.php @@ -88,10 +88,10 @@ public function __construct(EntityTypeInterface $entity_type, ExecutableManagerI /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { /** @var \Drupal\block\BlockInterface $entity */ if ($operation != 'view') { - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); } // Don't grant access to disabled blocks. diff --git a/core/modules/block_content/src/BlockContentAccessControlHandler.php b/core/modules/block_content/src/BlockContentAccessControlHandler.php index e886432..e6cdc41 100644 --- a/core/modules/block_content/src/BlockContentAccessControlHandler.php +++ b/core/modules/block_content/src/BlockContentAccessControlHandler.php @@ -22,11 +22,11 @@ class BlockContentAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { if ($operation === 'view') { return AccessResult::allowed(); } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); } } diff --git a/core/modules/comment/src/CommentAccessControlHandler.php b/core/modules/comment/src/CommentAccessControlHandler.php index fbd4ae7..88cd7dd 100644 --- a/core/modules/comment/src/CommentAccessControlHandler.php +++ b/core/modules/comment/src/CommentAccessControlHandler.php @@ -24,7 +24,7 @@ class CommentAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { /** @var \Drupal\comment\CommentInterface|\Drupal\user\EntityOwnerInterface $entity */ $comment_admin = $account->hasPermission('administer comments'); diff --git a/core/modules/config/tests/config_test/src/ConfigTestAccessControlHandler.php b/core/modules/config/tests/config_test/src/ConfigTestAccessControlHandler.php index 4508ce2..ab942c5 100644 --- a/core/modules/config/tests/config_test/src/ConfigTestAccessControlHandler.php +++ b/core/modules/config/tests/config_test/src/ConfigTestAccessControlHandler.php @@ -22,7 +22,7 @@ class ConfigTestAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + public function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { return AccessResult::allowed(); } diff --git a/core/modules/contact/src/ContactFormAccessControlHandler.php b/core/modules/contact/src/ContactFormAccessControlHandler.php index c964f6a..26447d8 100644 --- a/core/modules/contact/src/ContactFormAccessControlHandler.php +++ b/core/modules/contact/src/ContactFormAccessControlHandler.php @@ -22,7 +22,7 @@ class ContactFormAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { if ($operation == 'view') { // Do not allow access personal form via site-wide route. return AccessResult::allowedIf($account->hasPermission('access site-wide contact form') && $entity->id() !== 'personal')->cachePerPermissions(); @@ -33,7 +33,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return AccessResult::allowedIf($account->hasPermission('administer contact forms') && $entity->id() !== 'personal')->cachePerPermissions(); } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); } } diff --git a/core/modules/field/src/FieldConfigAccessControlHandler.php b/core/modules/field/src/FieldConfigAccessControlHandler.php index 1edcb0f..504d119 100644 --- a/core/modules/field/src/FieldConfigAccessControlHandler.php +++ b/core/modules/field/src/FieldConfigAccessControlHandler.php @@ -22,7 +22,7 @@ class FieldConfigAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { if ($operation == 'delete') { $field_storage_entity = $entity->getFieldStorageDefinition(); if ($field_storage_entity->isLocked()) { diff --git a/core/modules/file/src/FileAccessControlHandler.php b/core/modules/file/src/FileAccessControlHandler.php index f6f4a46..c0eee7c 100644 --- a/core/modules/file/src/FileAccessControlHandler.php +++ b/core/modules/file/src/FileAccessControlHandler.php @@ -21,7 +21,7 @@ class FileAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { /** @var \Drupal\file\FileInterface $entity */ if ($operation == 'download' || $operation == 'view') { if (\Drupal::service('file_system')->uriScheme($entity->getFileUri()) === 'public') { diff --git a/core/modules/file/tests/file_test/src/FileTestAccessControlHandler.php b/core/modules/file/tests/file_test/src/FileTestAccessControlHandler.php index 0b1edbd..6dba491 100644 --- a/core/modules/file/tests/file_test/src/FileTestAccessControlHandler.php +++ b/core/modules/file/tests/file_test/src/FileTestAccessControlHandler.php @@ -19,9 +19,9 @@ class FileTestAccessControlHandler extends FileAccessControlHandler implements F /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { \Drupal::state()->set('file_access_formatter_check', TRUE); - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); } } diff --git a/core/modules/filter/src/FilterFormatAccessControlHandler.php b/core/modules/filter/src/FilterFormatAccessControlHandler.php index 337dcf7..69f4ca8 100644 --- a/core/modules/filter/src/FilterFormatAccessControlHandler.php +++ b/core/modules/filter/src/FilterFormatAccessControlHandler.php @@ -22,7 +22,7 @@ class FilterFormatAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $filter_format, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $filter_format, $operation, AccountInterface $account, $langcode) { /** @var \Drupal\filter\FilterFormatInterface $filter_format */ // All users are allowed to use the fallback filter. @@ -47,7 +47,7 @@ protected function checkAccess(EntityInterface $filter_format, $operation, $lang } if (in_array($operation, array('disable', 'update'))) { - return parent::checkAccess($filter_format, $operation, $langcode, $account); + return parent::checkAccess($filter_format, $operation, $account, $langcode); } // No opinion. diff --git a/core/modules/language/src/LanguageAccessControlHandler.php b/core/modules/language/src/LanguageAccessControlHandler.php index 72770e0..4b54acc 100644 --- a/core/modules/language/src/LanguageAccessControlHandler.php +++ b/core/modules/language/src/LanguageAccessControlHandler.php @@ -22,18 +22,18 @@ class LanguageAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { switch ($operation) { case 'update': /* @var \Drupal\Core\Language\LanguageInterface $entity */ return AccessResult::allowedIf(!$entity->isLocked())->cacheUntilEntityChanges($entity) - ->andIf(parent::checkAccess($entity, $operation, $langcode, $account)); + ->andIf(parent::checkAccess($entity, $operation, $account, $langcode)); case 'delete': /* @var \Drupal\Core\Language\LanguageInterface $entity */ return AccessResult::allowedIf(!$entity->isLocked())->cacheUntilEntityChanges($entity) ->andIf(AccessResult::allowedIf(!$entity->isDefault())->cacheUntilEntityChanges($entity)) - ->andIf(parent::checkAccess($entity, $operation, $langcode, $account)); + ->andIf(parent::checkAccess($entity, $operation, $account, $langcode)); default: // No opinion. diff --git a/core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php b/core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php index 1947114..1801961 100644 --- a/core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php +++ b/core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php @@ -51,7 +51,7 @@ public static function createInstance(ContainerInterface $container, EntityTypeI /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { switch ($operation) { case 'view': // There is no direct viewing of a menu link, but still for purposes of diff --git a/core/modules/node/node.api.php b/core/modules/node/node.api.php index 55265d6..4218f4c 100644 --- a/core/modules/node/node.api.php +++ b/core/modules/node/node.api.php @@ -320,7 +320,9 @@ function hook_node_grants_alter(&$grants, \Drupal\Core\Session\AccountInterface * @param \Drupal\Core\Session\AccountInterface $account * The user object to perform the access check operation on. * @param string $langcode - * The language code to perform the access check operation on. + * The language code for which to check access. This argument was deprecated + * in Drupal 8.0.0-rc1 and will be removed before Drupal 8.0.0. Use the node + * language instead. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. diff --git a/core/modules/node/src/Access/NodeRevisionAccessCheck.php b/core/modules/node/src/Access/NodeRevisionAccessCheck.php index 568d811..23e5a2f 100644 --- a/core/modules/node/src/Access/NodeRevisionAccessCheck.php +++ b/core/modules/node/src/Access/NodeRevisionAccessCheck.php @@ -92,10 +92,11 @@ public function access(Route $route, AccountInterface $account, $node_revision = * performed. * @param string $op * (optional) The specific operation being checked. Defaults to 'view.' - * @param string|null $langcode - * (optional) Language code for the variant of the node. Different language - * variants might have different permissions associated. If NULL, the - * original langcode of the node is used. Defaults to NULL. + * @param string $langcode + * (optional) The language code for which to check access. This argument was + * deprecated in Drupal 8.0.0-rc1 and will be removed before Drupal 8.0.0. + * Pass the node translation corresponding to the language to check access + * for as first parameter instead. * * @return bool * TRUE if the operation may be performed, FALSE otherwise. @@ -149,7 +150,7 @@ public function checkAccess(NodeInterface $node, AccountInterface $account, $op else { // First check the access to the default revision and finally, if the // node passed in is not the default revision then access to that, too. - $this->access[$cid] = $this->nodeAccess->access($this->nodeStorage->load($node->id()), $op, $langcode, $account) && ($node->isDefaultRevision() || $this->nodeAccess->access($node, $op, $langcode, $account)); + $this->access[$cid] = $this->nodeAccess->access($this->nodeStorage->load($node->id()), $op, $account, FALSE, $langcode) && ($node->isDefaultRevision() || $this->nodeAccess->access($node, $op, $account, FALSE, $langcode)); } } diff --git a/core/modules/node/src/Entity/Node.php b/core/modules/node/src/Entity/Node.php index c30fe84..861a0d1 100644 --- a/core/modules/node/src/Entity/Node.php +++ b/core/modules/node/src/Entity/Node.php @@ -181,33 +181,12 @@ public function access($operation = 'view', AccountInterface $account = NULL, $r return \Drupal::entityManager() ->getAccessControlHandler($this->entityTypeId) - ->access($this, $operation, $this->prepareLangcode(), $account, $return_as_object); + ->access($this, $operation, $account, $return_as_object); } /** * {@inheritdoc} */ - public function prepareLangcode() { - $langcode = $this->language()->getId(); - // If the Language module is enabled, try to use the language from content - // negotiation. - if (\Drupal::moduleHandler()->moduleExists('language')) { - // Load languages the node exists in. - $node_translations = $this->getTranslationLanguages(); - // Load the language from content negotiation. - $content_negotiation_langcode = \Drupal::languageManager()->getCurrentLanguage(LanguageInterface::TYPE_CONTENT)->getId(); - // If there is a translation available, use it. - if (isset($node_translations[$content_negotiation_langcode])) { - $langcode = $content_negotiation_langcode; - } - } - return $langcode; - } - - - /** - * {@inheritdoc} - */ public function getTitle() { return $this->get('title')->value; } diff --git a/core/modules/node/src/NodeAccessControlHandler.php b/core/modules/node/src/NodeAccessControlHandler.php index 1d29b39..796bcf1 100644 --- a/core/modules/node/src/NodeAccessControlHandler.php +++ b/core/modules/node/src/NodeAccessControlHandler.php @@ -60,7 +60,7 @@ public static function createInstance(ContainerInterface $container, EntityTypeI /** * {@inheritdoc} */ - public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL, $return_as_object = FALSE) { + public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE, $langcode = NULL) { $account = $this->prepareUser($account); if ($account->hasPermission('bypass node access')) { @@ -71,7 +71,7 @@ public function access(EntityInterface $entity, $operation, $langcode = Language $result = AccessResult::forbidden()->cachePerPermissions(); return $return_as_object ? $result : $result->isAllowed(); } - $result = parent::access($entity, $operation, $langcode, $account, TRUE)->cachePerPermissions(); + $result = parent::access($entity, $operation, $account, TRUE, $langcode)->cachePerPermissions(); return $return_as_object ? $result : $result->isAllowed(); } @@ -97,7 +97,7 @@ public function createAccess($entity_bundle = NULL, AccountInterface $account = /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $node, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $node, $operation, AccountInterface $account, $langcode) { /** @var \Drupal\node\NodeInterface $node */ /** @var \Drupal\node\NodeInterface $translation */ $translation = $node->hasTranslation($langcode) ? $node->getTranslation($langcode) : $node; @@ -112,7 +112,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc } // Evaluate node grants. - return $this->grantStorage->access($node, $operation, $langcode, $account); + return $this->grantStorage->access($node, $operation, $account, $langcode); } /** diff --git a/core/modules/node/src/NodeGrantDatabaseStorage.php b/core/modules/node/src/NodeGrantDatabaseStorage.php index 1898971..0d8100b 100644 --- a/core/modules/node/src/NodeGrantDatabaseStorage.php +++ b/core/modules/node/src/NodeGrantDatabaseStorage.php @@ -67,7 +67,11 @@ public function __construct(Connection $database, ModuleHandlerInterface $module /** * {@inheritdoc} */ - public function access(NodeInterface $node, $operation, $langcode, AccountInterface $account) { + public function access(NodeInterface $node, $operation, AccountInterface $account, $langcode = NULL) { + if (!isset($langcode)) { + $langcode = $node->language()->getId(); + } + // If no module implements the hook or the node does not have an id there is // no point in querying the database for access grants. if (!$this->moduleHandler->getImplementations('node_grants') || !$node->id()) { diff --git a/core/modules/node/src/NodeGrantDatabaseStorageInterface.php b/core/modules/node/src/NodeGrantDatabaseStorageInterface.php index 505a63a..f1c83ac 100644 --- a/core/modules/node/src/NodeGrantDatabaseStorageInterface.php +++ b/core/modules/node/src/NodeGrantDatabaseStorageInterface.php @@ -102,10 +102,13 @@ public function writeDefault(); * @param string $operation * The entity operation. Usually one of 'view', 'edit', 'create' or * 'delete'. - * @param string $langcode - * The language code for which to check access. * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. + * @param string $langcode + * (optional) The language code for which to check access. This argument was + * deprecated in Drupal 8.0.0-rc1 and will be removed before Drupal 8.0.0. + * Pass the node translation corresponding to the language to check access + * for as first parameter. * * @return \Drupal\Core\Access\AccessResultInterface * The access result, either allowed or neutral. If there are no node @@ -115,7 +118,7 @@ public function writeDefault(); * @see hook_node_access_records() * @see \Drupal\node\NodeGrantDatabaseStorageInterface::writeDefault() */ - public function access(NodeInterface $node, $operation, $langcode, AccountInterface $account); + public function access(NodeInterface $node, $operation, AccountInterface $account, $langcode = NULL); /** * Counts available node grants. diff --git a/core/modules/node/src/NodeInterface.php b/core/modules/node/src/NodeInterface.php index 9610a99..839c3d2 100644 --- a/core/modules/node/src/NodeInterface.php +++ b/core/modules/node/src/NodeInterface.php @@ -160,12 +160,4 @@ public function getRevisionAuthor(); */ public function setRevisionAuthorId($uid); - /** - * Prepares the langcode for a node. - * - * @return string - * The langcode for this node. - */ - public function prepareLangcode(); - } diff --git a/core/modules/node/src/NodeTypeAccessControlHandler.php b/core/modules/node/src/NodeTypeAccessControlHandler.php index 84f3e0c..696aca5 100644 --- a/core/modules/node/src/NodeTypeAccessControlHandler.php +++ b/core/modules/node/src/NodeTypeAccessControlHandler.php @@ -22,7 +22,7 @@ class NodeTypeAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { switch ($operation) { case 'view': return AccessResult::allowedIfHasPermission($account, 'access content'); @@ -33,12 +33,12 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } else { - return parent::checkAccess($entity, $operation, $langcode, $account)->cacheUntilEntityChanges($entity); + return parent::checkAccess($entity, $operation, $account, $langcode)->cacheUntilEntityChanges($entity); } break; default: - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); break; } } diff --git a/core/modules/node/src/Tests/NodeAccessRebuildNodeGrantsTest.php b/core/modules/node/src/Tests/NodeAccessRebuildNodeGrantsTest.php index 7147975..3582964 100644 --- a/core/modules/node/src/Tests/NodeAccessRebuildNodeGrantsTest.php +++ b/core/modules/node/src/Tests/NodeAccessRebuildNodeGrantsTest.php @@ -46,7 +46,7 @@ public function testNodeAccessRebuildNodeGrants() { )); // Default realm access and node records are present. - $this->assertTrue(\Drupal::service('node.grant_storage')->access($node, 'view', 'en', $this->webUser), 'The expected node access records are present'); + $this->assertTrue(\Drupal::service('node.grant_storage')->access($node, 'view', $this->webUser, 'en'), 'The expected node access records are present'); $this->assertEqual(1, \Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is an all realm access record'); $this->assertTrue(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt'); @@ -57,7 +57,7 @@ public function testNodeAccessRebuildNodeGrants() { // Test if the rebuild has been successful. $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt'); - $this->assertTrue(\Drupal::service('node.grant_storage')->access($node, 'view', 'en', $this->webUser), 'The expected node access records are present'); + $this->assertTrue(\Drupal::service('node.grant_storage')->access($node, 'view', $this->webUser, 'en'), 'The expected node access records are present'); $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record'); } diff --git a/core/modules/node/src/Tests/NodeTestBase.php b/core/modules/node/src/Tests/NodeTestBase.php index 1f4dca0..763e14c 100644 --- a/core/modules/node/src/Tests/NodeTestBase.php +++ b/core/modules/node/src/Tests/NodeTestBase.php @@ -66,9 +66,9 @@ protected function setUp() { function assertNodeAccess(array $ops, $node, AccountInterface $account, $langcode = NULL) { foreach ($ops as $op => $result) { if (empty($langcode)) { - $langcode = $node->prepareLangcode(); + $langcode = $node->language()->getId(); } - $this->assertEqual($result, $this->accessHandler->access($node, $op, $langcode, $account), $this->nodeAccessAssertMessage($op, $result, $langcode)); + $this->assertEqual($result, $this->accessHandler->access($node, $op, $account, FALSE, $langcode), $this->nodeAccessAssertMessage($op, $result, $langcode)); } } diff --git a/core/modules/node/src/Tests/Views/BulkFormAccessTest.php b/core/modules/node/src/Tests/Views/BulkFormAccessTest.php index 480f931..fa8a527 100644 --- a/core/modules/node/src/Tests/Views/BulkFormAccessTest.php +++ b/core/modules/node/src/Tests/Views/BulkFormAccessTest.php @@ -85,7 +85,7 @@ public function testNodeEditAccess() { $this->assertTrue($node->isPublished(), 'Node is initially published.'); // Ensure that the node can not be edited. - $this->assertEqual(FALSE, $this->accessHandler->access($node, 'update', $node->prepareLangcode(), $account), 'The node may not be edited.'); + $this->assertEqual(FALSE, $this->accessHandler->access($node, 'update', $account), 'The node may not be edited.'); // Test editing the node using the bulk form. $edit = array( @@ -155,9 +155,9 @@ public function testNodeDeleteAccess() { $this->drupalLogin($account); // Ensure that the private node can not be deleted. - $this->assertEqual(FALSE, $this->accessHandler->access($private_node, 'delete', $private_node->prepareLangcode(), $account), 'The private node may not be deleted.'); + $this->assertEqual(FALSE, $this->accessHandler->access($private_node, 'delete', $account), 'The private node may not be deleted.'); // Ensure that the public node may be deleted. - $this->assertEqual(TRUE, $this->accessHandler->access($own_node, 'delete', $own_node->prepareLangcode(), $account), 'The own node may be deleted.'); + $this->assertEqual(TRUE, $this->accessHandler->access($own_node, 'delete', $account), 'The own node may be deleted.'); // Try to delete the node using the bulk form. $edit = array( diff --git a/core/modules/search/src/SearchPageAccessControlHandler.php b/core/modules/search/src/SearchPageAccessControlHandler.php index a0b9a97..217a4ed 100644 --- a/core/modules/search/src/SearchPageAccessControlHandler.php +++ b/core/modules/search/src/SearchPageAccessControlHandler.php @@ -23,14 +23,14 @@ class SearchPageAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { /** @var $entity \Drupal\search\SearchPageInterface */ if (in_array($operation, array('delete', 'disable'))) { if ($entity->isDefaultSearch()) { return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } else { - return parent::checkAccess($entity, $operation, $langcode, $account)->cacheUntilEntityChanges($entity); + return parent::checkAccess($entity, $operation, $account, $langcode)->cacheUntilEntityChanges($entity); } } if ($operation == 'view') { @@ -43,7 +43,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } return AccessResult::allowed()->cacheUntilEntityChanges($entity); } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); } } diff --git a/core/modules/shortcut/src/ShortcutAccessControlHandler.php b/core/modules/shortcut/src/ShortcutAccessControlHandler.php index fa52c60..cf85c48 100644 --- a/core/modules/shortcut/src/ShortcutAccessControlHandler.php +++ b/core/modules/shortcut/src/ShortcutAccessControlHandler.php @@ -55,7 +55,7 @@ public static function createInstance(ContainerInterface $container, EntityTypeI /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { if ($shortcut_set = $this->shortcutSetStorage->load($entity->bundle())) { return shortcut_set_edit_access($shortcut_set, $account); } diff --git a/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php b/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php index 493a736..8b99b5f 100644 --- a/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php +++ b/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php @@ -22,7 +22,7 @@ class ShortcutSetAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { switch ($operation) { case 'update': if ($account->hasPermission('administer shortcuts')) { diff --git a/core/modules/system/src/DateFormatAccessControlHandler.php b/core/modules/system/src/DateFormatAccessControlHandler.php index 83009fc..d706806 100644 --- a/core/modules/system/src/DateFormatAccessControlHandler.php +++ b/core/modules/system/src/DateFormatAccessControlHandler.php @@ -22,7 +22,7 @@ class DateFormatAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { // There are no restrictions on viewing a date format. if ($operation == 'view') { return AccessResult::allowed(); @@ -33,11 +33,11 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } else { - return parent::checkAccess($entity, $operation, $langcode, $account)->cacheUntilEntityChanges($entity); + return parent::checkAccess($entity, $operation, $account, $langcode)->cacheUntilEntityChanges($entity); } } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); } } diff --git a/core/modules/system/src/MenuAccessControlHandler.php b/core/modules/system/src/MenuAccessControlHandler.php index fba0183..e8e648f 100644 --- a/core/modules/system/src/MenuAccessControlHandler.php +++ b/core/modules/system/src/MenuAccessControlHandler.php @@ -22,7 +22,7 @@ class MenuAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { if ($operation === 'view') { return AccessResult::allowed(); } @@ -32,11 +32,11 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } else { - return parent::checkAccess($entity, $operation, $langcode, $account)->cacheUntilEntityChanges($entity); + return parent::checkAccess($entity, $operation, $account, $langcode)->cacheUntilEntityChanges($entity); } } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); } } diff --git a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php index be95080..f17838a 100644 --- a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php +++ b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php @@ -29,7 +29,7 @@ class EntityTestAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { // Always forbid access to entities with the label 'forbid_access', used for // \Drupal\system\Tests\Entity\EntityAccessHControlandlerTest::testDefaultEntityAccess(). if ($entity->label() == 'forbid_access') { diff --git a/core/modules/taxonomy/src/TermAccessControlHandler.php b/core/modules/taxonomy/src/TermAccessControlHandler.php index b4ccb53..0128aa8 100644 --- a/core/modules/taxonomy/src/TermAccessControlHandler.php +++ b/core/modules/taxonomy/src/TermAccessControlHandler.php @@ -22,7 +22,7 @@ class TermAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { switch ($operation) { case 'view': return AccessResult::allowedIfHasPermission($account, 'access content'); diff --git a/core/modules/user/src/RoleAccessControlHandler.php b/core/modules/user/src/RoleAccessControlHandler.php index e6f469d..47f36a6 100644 --- a/core/modules/user/src/RoleAccessControlHandler.php +++ b/core/modules/user/src/RoleAccessControlHandler.php @@ -22,7 +22,7 @@ class RoleAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { switch ($operation) { case 'delete': if ($entity->id() == RoleInterface::ANONYMOUS_ID || $entity->id() == RoleInterface::AUTHENTICATED_ID) { @@ -30,7 +30,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } default: - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); } } diff --git a/core/modules/user/src/UserAccessControlHandler.php b/core/modules/user/src/UserAccessControlHandler.php index 47bb7ce..6048b66 100644 --- a/core/modules/user/src/UserAccessControlHandler.php +++ b/core/modules/user/src/UserAccessControlHandler.php @@ -24,7 +24,7 @@ class UserAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { /** @var \Drupal\user\UserInterface $entity*/ // The anonymous user's profile can neither be viewed, updated nor deleted. diff --git a/core/modules/views/src/ViewAccessControlHandler.php b/core/modules/views/src/ViewAccessControlHandler.php index 96d130e..ad0a0b5 100644 --- a/core/modules/views/src/ViewAccessControlHandler.php +++ b/core/modules/views/src/ViewAccessControlHandler.php @@ -22,12 +22,12 @@ class ViewAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + public function checkAccess(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { if ($operation == 'view') { return AccessResult::allowed(); } else { - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account, $langcode); } }