diff --git a/core/lib/Drupal/Core/Entity/ContentEntityBase.php b/core/lib/Drupal/Core/Entity/ContentEntityBase.php index 4c0763b..4f1c4dc 100644 --- a/core/lib/Drupal/Core/Entity/ContentEntityBase.php +++ b/core/lib/Drupal/Core/Entity/ContentEntityBase.php @@ -593,7 +593,7 @@ public function access($operation, AccountInterface $account = NULL, $return_as_ } return $this->entityManager() ->getAccessControlHandler($this->entityTypeId) - ->access($this, $operation, $this->activeLangcode, $account, $return_as_object); + ->access($this, $operation, $account, $return_as_object); } /** diff --git a/core/lib/Drupal/Core/Entity/Entity.php b/core/lib/Drupal/Core/Entity/Entity.php index 01416ba..74ce4e7 100644 --- a/core/lib/Drupal/Core/Entity/Entity.php +++ b/core/lib/Drupal/Core/Entity/Entity.php @@ -313,7 +313,7 @@ public function access($operation, AccountInterface $account = NULL, $return_as_ } return $this->entityManager() ->getAccessControlHandler($this->entityTypeId) - ->access($this, $operation, LanguageInterface::LANGCODE_DEFAULT, $account, $return_as_object); + ->access($this, $operation, $account, $return_as_object); } /** diff --git a/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php b/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php index c34cffc..6d8d7fb 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessControlHandler.php @@ -53,8 +53,9 @@ public function __construct(EntityTypeInterface $entity_type) { /** * {@inheritdoc} */ - public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL, $return_as_object = FALSE) { + public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE) { $account = $this->prepareUser($account); + $langcode = $entity->language()->getId(); if (($return = $this->getCache($entity->uuid(), $operation, $langcode, $account)) !== NULL) { // Cache hit, no work necessary. @@ -71,8 +72,8 @@ public function access(EntityInterface $entity, $operation, $langcode = Language // - No modules say to deny access. // - At least one module says to grant access. $access = array_merge( - $this->moduleHandler()->invokeAll('entity_access', array($entity, $operation, $account, $langcode)), - $this->moduleHandler()->invokeAll($entity->getEntityTypeId() . '_access', array($entity, $operation, $account, $langcode)) + $this->moduleHandler()->invokeAll('entity_access', [$entity, $operation, $account]), + $this->moduleHandler()->invokeAll($entity->getEntityTypeId() . '_access', [$entity, $operation, $account]) ); $return = $this->processAccessHookResults($access); @@ -80,7 +81,7 @@ public function access(EntityInterface $entity, $operation, $langcode = Language // Also execute the default access check except when the access result is // already forbidden, as in that case, it can not be anything else. if (!$return->isForbidden()) { - $return = $return->orIf($this->checkAccess($entity, $operation, $langcode, $account)); + $return = $return->orIf($this->checkAccess($entity, $operation, $account)); } $result = $this->setCache($return, $entity->uuid(), $operation, $langcode, $account); return $return_as_object ? $result : $result->isAllowed(); @@ -124,15 +125,13 @@ protected function processAccessHookResults(array $access) { * The entity for which to check access. * @param string $operation * The entity operation. Usually one of 'view', 'update' or 'delete'. - * @param string $langcode - * The language code for which to check access. * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { if ($operation == 'delete' && $entity->isNew()) { return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } diff --git a/core/lib/Drupal/Core/Entity/EntityAccessControlHandlerInterface.php b/core/lib/Drupal/Core/Entity/EntityAccessControlHandlerInterface.php index 4a0a5b5..8d6a1d1 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessControlHandlerInterface.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessControlHandlerInterface.php @@ -29,9 +29,6 @@ * @param string $operation * The operation access should be checked for. * Usually one of "view", "update" or "delete". - * @param string $langcode - * (optional) The language code for which to check access. Defaults to - * LanguageInterface::LANGCODE_DEFAULT. * @param \Drupal\Core\Session\AccountInterface $account * (optional) The user session for which to check access, or NULL to check * access for the current user. Defaults to NULL. @@ -45,7 +42,7 @@ * returned, i.e. TRUE means access is explicitly allowed, FALSE means * access is either explicitly forbidden or "no opinion". */ - public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL, $return_as_object = FALSE); + public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE); /** * Checks access to create an entity. diff --git a/core/lib/Drupal/Core/Entity/entity.api.php b/core/lib/Drupal/Core/Entity/entity.api.php index 37fcdff..3a3d61c 100644 --- a/core/lib/Drupal/Core/Entity/entity.api.php +++ b/core/lib/Drupal/Core/Entity/entity.api.php @@ -522,8 +522,6 @@ * The operation that is to be performed on $entity. * @param \Drupal\Core\Session\AccountInterface $account * The account trying to access the entity. - * @param string $langcode - * The code of the language $entity is accessed in. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. The final result is calculated by using @@ -541,7 +539,7 @@ * * @ingroup entity_api */ -function hook_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operation, \Drupal\Core\Session\AccountInterface $account, $langcode) { +function hook_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operation, \Drupal\Core\Session\AccountInterface $account) { // No opinion. return AccessResult::neutral(); } @@ -555,8 +553,6 @@ function hook_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operat * The operation that is to be performed on $entity. * @param \Drupal\Core\Session\AccountInterface $account * The account trying to access the entity. - * @param string $langcode - * The code of the language $entity is accessed in. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. hook_entity_access() has detailed documentation. @@ -567,7 +563,7 @@ function hook_entity_access(\Drupal\Core\Entity\EntityInterface $entity, $operat * * @ingroup entity_api */ -function hook_ENTITY_TYPE_access(\Drupal\Core\Entity\EntityInterface $entity, $operation, \Drupal\Core\Session\AccountInterface $account, $langcode) { +function hook_ENTITY_TYPE_access(\Drupal\Core\Entity\EntityInterface $entity, $operation, \Drupal\Core\Session\AccountInterface $account) { // No opinion. return AccessResult::neutral(); } diff --git a/core/modules/aggregator/src/FeedAccessControlHandler.php b/core/modules/aggregator/src/FeedAccessControlHandler.php index f147c53..f746b23 100644 --- a/core/modules/aggregator/src/FeedAccessControlHandler.php +++ b/core/modules/aggregator/src/FeedAccessControlHandler.php @@ -22,7 +22,7 @@ class FeedAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { switch ($operation) { case 'view': return AccessResult::allowedIfHasPermission($account, 'access news feeds'); diff --git a/core/modules/block/block.api.php b/core/modules/block/block.api.php index a60f35e..078aac6 100644 --- a/core/modules/block/block.api.php +++ b/core/modules/block/block.api.php @@ -193,8 +193,6 @@ function hook_block_build_BASE_BLOCK_ID_alter(array &$build, \Drupal\Core\Block\ * The operation to be performed, e.g., 'view', 'create', 'delete', 'update'. * @param \Drupal\Core\Session\AccountInterface $account * The user object to perform the access check operation on. - * @param string $langcode - * The language code to perform the access check operation on. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. If all implementations of this hook return @@ -206,7 +204,7 @@ function hook_block_build_BASE_BLOCK_ID_alter(array &$build, \Drupal\Core\Block\ * @see \Drupal\block\BlockAccessControlHandler::checkAccess() * @ingroup block_api */ -function hook_block_access(\Drupal\block\Entity\Block $block, $operation, \Drupal\Core\Session\AccountInterface $account, $langcode) { +function hook_block_access(\Drupal\block\Entity\Block $block, $operation, \Drupal\Core\Session\AccountInterface $account) { // Example code that would prevent displaying the 'Powered by Drupal' block in // a region different than the footer. if ($operation == 'view' && $block->getPluginId() == 'system_powered_by_block') { diff --git a/core/modules/block/src/BlockAccessControlHandler.php b/core/modules/block/src/BlockAccessControlHandler.php index b7fea60..92b54a4 100644 --- a/core/modules/block/src/BlockAccessControlHandler.php +++ b/core/modules/block/src/BlockAccessControlHandler.php @@ -88,10 +88,10 @@ public function __construct(EntityTypeInterface $entity_type, ExecutableManagerI /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { /** @var \Drupal\block\BlockInterface $entity */ if ($operation != 'view') { - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); } // Don't grant access to disabled blocks. diff --git a/core/modules/block_content/src/BlockContentAccessControlHandler.php b/core/modules/block_content/src/BlockContentAccessControlHandler.php index e886432..a4ee384 100644 --- a/core/modules/block_content/src/BlockContentAccessControlHandler.php +++ b/core/modules/block_content/src/BlockContentAccessControlHandler.php @@ -22,11 +22,11 @@ class BlockContentAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { if ($operation === 'view') { return AccessResult::allowed(); } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); } } diff --git a/core/modules/comment/src/CommentAccessControlHandler.php b/core/modules/comment/src/CommentAccessControlHandler.php index fbd4ae7..6e4072d 100644 --- a/core/modules/comment/src/CommentAccessControlHandler.php +++ b/core/modules/comment/src/CommentAccessControlHandler.php @@ -24,7 +24,7 @@ class CommentAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { /** @var \Drupal\comment\CommentInterface|\Drupal\user\EntityOwnerInterface $entity */ $comment_admin = $account->hasPermission('administer comments'); diff --git a/core/modules/config/tests/config_test/src/ConfigTestAccessControlHandler.php b/core/modules/config/tests/config_test/src/ConfigTestAccessControlHandler.php index 4508ce2..45119d7 100644 --- a/core/modules/config/tests/config_test/src/ConfigTestAccessControlHandler.php +++ b/core/modules/config/tests/config_test/src/ConfigTestAccessControlHandler.php @@ -22,7 +22,7 @@ class ConfigTestAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + public function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { return AccessResult::allowed(); } diff --git a/core/modules/contact/src/ContactFormAccessControlHandler.php b/core/modules/contact/src/ContactFormAccessControlHandler.php index c964f6a..5ac13cd 100644 --- a/core/modules/contact/src/ContactFormAccessControlHandler.php +++ b/core/modules/contact/src/ContactFormAccessControlHandler.php @@ -22,7 +22,7 @@ class ContactFormAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { if ($operation == 'view') { // Do not allow access personal form via site-wide route. return AccessResult::allowedIf($account->hasPermission('access site-wide contact form') && $entity->id() !== 'personal')->cachePerPermissions(); @@ -33,7 +33,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return AccessResult::allowedIf($account->hasPermission('administer contact forms') && $entity->id() !== 'personal')->cachePerPermissions(); } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); } } diff --git a/core/modules/field/src/FieldConfigAccessControlHandler.php b/core/modules/field/src/FieldConfigAccessControlHandler.php index 1edcb0f..84afc84 100644 --- a/core/modules/field/src/FieldConfigAccessControlHandler.php +++ b/core/modules/field/src/FieldConfigAccessControlHandler.php @@ -22,7 +22,7 @@ class FieldConfigAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { if ($operation == 'delete') { $field_storage_entity = $entity->getFieldStorageDefinition(); if ($field_storage_entity->isLocked()) { diff --git a/core/modules/file/src/FileAccessControlHandler.php b/core/modules/file/src/FileAccessControlHandler.php index f6f4a46..f70879d 100644 --- a/core/modules/file/src/FileAccessControlHandler.php +++ b/core/modules/file/src/FileAccessControlHandler.php @@ -21,7 +21,7 @@ class FileAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { /** @var \Drupal\file\FileInterface $entity */ if ($operation == 'download' || $operation == 'view') { if (\Drupal::service('file_system')->uriScheme($entity->getFileUri()) === 'public') { diff --git a/core/modules/file/tests/file_test/src/FileTestAccessControlHandler.php b/core/modules/file/tests/file_test/src/FileTestAccessControlHandler.php index 0b1edbd..9cd8944 100644 --- a/core/modules/file/tests/file_test/src/FileTestAccessControlHandler.php +++ b/core/modules/file/tests/file_test/src/FileTestAccessControlHandler.php @@ -19,9 +19,9 @@ class FileTestAccessControlHandler extends FileAccessControlHandler implements F /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { \Drupal::state()->set('file_access_formatter_check', TRUE); - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); } } diff --git a/core/modules/filter/src/FilterFormatAccessControlHandler.php b/core/modules/filter/src/FilterFormatAccessControlHandler.php index 337dcf7..3c8b533 100644 --- a/core/modules/filter/src/FilterFormatAccessControlHandler.php +++ b/core/modules/filter/src/FilterFormatAccessControlHandler.php @@ -22,7 +22,7 @@ class FilterFormatAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $filter_format, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $filter_format, $operation, AccountInterface $account) { /** @var \Drupal\filter\FilterFormatInterface $filter_format */ // All users are allowed to use the fallback filter. @@ -47,7 +47,7 @@ protected function checkAccess(EntityInterface $filter_format, $operation, $lang } if (in_array($operation, array('disable', 'update'))) { - return parent::checkAccess($filter_format, $operation, $langcode, $account); + return parent::checkAccess($filter_format, $operation, $account); } // No opinion. diff --git a/core/modules/language/src/LanguageAccessControlHandler.php b/core/modules/language/src/LanguageAccessControlHandler.php index 72770e0..6d14471 100644 --- a/core/modules/language/src/LanguageAccessControlHandler.php +++ b/core/modules/language/src/LanguageAccessControlHandler.php @@ -22,18 +22,18 @@ class LanguageAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { switch ($operation) { case 'update': /* @var \Drupal\Core\Language\LanguageInterface $entity */ return AccessResult::allowedIf(!$entity->isLocked())->cacheUntilEntityChanges($entity) - ->andIf(parent::checkAccess($entity, $operation, $langcode, $account)); + ->andIf(parent::checkAccess($entity, $operation, $account)); case 'delete': /* @var \Drupal\Core\Language\LanguageInterface $entity */ return AccessResult::allowedIf(!$entity->isLocked())->cacheUntilEntityChanges($entity) ->andIf(AccessResult::allowedIf(!$entity->isDefault())->cacheUntilEntityChanges($entity)) - ->andIf(parent::checkAccess($entity, $operation, $langcode, $account)); + ->andIf(parent::checkAccess($entity, $operation, $account)); default: // No opinion. diff --git a/core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php b/core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php index 1947114..d3c0998 100644 --- a/core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php +++ b/core/modules/menu_link_content/src/MenuLinkContentAccessControlHandler.php @@ -51,7 +51,7 @@ public static function createInstance(ContainerInterface $container, EntityTypeI /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { switch ($operation) { case 'view': // There is no direct viewing of a menu link, but still for purposes of diff --git a/core/modules/node/node.api.php b/core/modules/node/node.api.php index 55265d6..2479a29 100644 --- a/core/modules/node/node.api.php +++ b/core/modules/node/node.api.php @@ -319,15 +319,13 @@ function hook_node_grants_alter(&$grants, \Drupal\Core\Session\AccountInterface * - "view" * @param \Drupal\Core\Session\AccountInterface $account * The user object to perform the access check operation on. - * @param string $langcode - * The language code to perform the access check operation on. * * @return \Drupal\Core\Access\AccessResultInterface * The access result. * * @ingroup node_access */ -function hook_node_access(\Drupal\node\NodeInterface $node, $op, \Drupal\Core\Session\AccountInterface $account, $langcode) { +function hook_node_access(\Drupal\node\NodeInterface $node, $op, \Drupal\Core\Session\AccountInterface $account) { $type = $node->bundle(); switch ($op) { diff --git a/core/modules/node/src/Access/NodeRevisionAccessCheck.php b/core/modules/node/src/Access/NodeRevisionAccessCheck.php index 568d811..82c4954 100644 --- a/core/modules/node/src/Access/NodeRevisionAccessCheck.php +++ b/core/modules/node/src/Access/NodeRevisionAccessCheck.php @@ -92,15 +92,11 @@ public function access(Route $route, AccountInterface $account, $node_revision = * performed. * @param string $op * (optional) The specific operation being checked. Defaults to 'view.' - * @param string|null $langcode - * (optional) Language code for the variant of the node. Different language - * variants might have different permissions associated. If NULL, the - * original langcode of the node is used. Defaults to NULL. * * @return bool * TRUE if the operation may be performed, FALSE otherwise. */ - public function checkAccess(NodeInterface $node, AccountInterface $account, $op = 'view', $langcode = NULL) { + public function checkAccess(NodeInterface $node, AccountInterface $account, $op = 'view') { $map = array( 'view' => 'view all revisions', 'update' => 'revert all revisions', @@ -119,13 +115,9 @@ public function checkAccess(NodeInterface $node, AccountInterface $account, $op return FALSE; } - // If no language code was provided, default to the node revision's langcode. - if (empty($langcode)) { - $langcode = $node->language()->getId(); - } - // Statically cache access by revision ID, language code, user account ID, // and operation. + $langcode = $node->language()->getId(); $cid = $node->getRevisionId() . ':' . $langcode . ':' . $account->id() . ':' . $op; if (!isset($this->access[$cid])) { @@ -149,7 +141,7 @@ public function checkAccess(NodeInterface $node, AccountInterface $account, $op else { // First check the access to the default revision and finally, if the // node passed in is not the default revision then access to that, too. - $this->access[$cid] = $this->nodeAccess->access($this->nodeStorage->load($node->id()), $op, $langcode, $account) && ($node->isDefaultRevision() || $this->nodeAccess->access($node, $op, $langcode, $account)); + $this->access[$cid] = $this->nodeAccess->access($this->nodeStorage->load($node->id()), $op, $account) && ($node->isDefaultRevision() || $this->nodeAccess->access($node, $op, $account)); } } diff --git a/core/modules/node/src/Entity/Node.php b/core/modules/node/src/Entity/Node.php index c30fe84..861a0d1 100644 --- a/core/modules/node/src/Entity/Node.php +++ b/core/modules/node/src/Entity/Node.php @@ -181,33 +181,12 @@ public function access($operation = 'view', AccountInterface $account = NULL, $r return \Drupal::entityManager() ->getAccessControlHandler($this->entityTypeId) - ->access($this, $operation, $this->prepareLangcode(), $account, $return_as_object); + ->access($this, $operation, $account, $return_as_object); } /** * {@inheritdoc} */ - public function prepareLangcode() { - $langcode = $this->language()->getId(); - // If the Language module is enabled, try to use the language from content - // negotiation. - if (\Drupal::moduleHandler()->moduleExists('language')) { - // Load languages the node exists in. - $node_translations = $this->getTranslationLanguages(); - // Load the language from content negotiation. - $content_negotiation_langcode = \Drupal::languageManager()->getCurrentLanguage(LanguageInterface::TYPE_CONTENT)->getId(); - // If there is a translation available, use it. - if (isset($node_translations[$content_negotiation_langcode])) { - $langcode = $content_negotiation_langcode; - } - } - return $langcode; - } - - - /** - * {@inheritdoc} - */ public function getTitle() { return $this->get('title')->value; } diff --git a/core/modules/node/src/NodeAccessControlHandler.php b/core/modules/node/src/NodeAccessControlHandler.php index 1d29b39..b7c349a 100644 --- a/core/modules/node/src/NodeAccessControlHandler.php +++ b/core/modules/node/src/NodeAccessControlHandler.php @@ -60,7 +60,7 @@ public static function createInstance(ContainerInterface $container, EntityTypeI /** * {@inheritdoc} */ - public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL, $return_as_object = FALSE) { + public function access(EntityInterface $entity, $operation, AccountInterface $account = NULL, $return_as_object = FALSE) { $account = $this->prepareUser($account); if ($account->hasPermission('bypass node access')) { @@ -71,7 +71,7 @@ public function access(EntityInterface $entity, $operation, $langcode = Language $result = AccessResult::forbidden()->cachePerPermissions(); return $return_as_object ? $result : $result->isAllowed(); } - $result = parent::access($entity, $operation, $langcode, $account, TRUE)->cachePerPermissions(); + $result = parent::access($entity, $operation, $account, TRUE)->cachePerPermissions(); return $return_as_object ? $result : $result->isAllowed(); } @@ -97,14 +97,12 @@ public function createAccess($entity_bundle = NULL, AccountInterface $account = /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $node, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $node, $operation, AccountInterface $account) { /** @var \Drupal\node\NodeInterface $node */ - /** @var \Drupal\node\NodeInterface $translation */ - $translation = $node->hasTranslation($langcode) ? $node->getTranslation($langcode) : $node; // Fetch information from the node object if possible. - $status = $translation->isPublished(); - $uid = $translation->getOwnerId(); + $status = $node->isPublished(); + $uid = $node->getOwnerId(); // Check if authors can view their own unpublished nodes. if ($operation === 'view' && !$status && $account->hasPermission('view own unpublished content') && $account->isAuthenticated() && $account->id() == $uid) { @@ -112,7 +110,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc } // Evaluate node grants. - return $this->grantStorage->access($node, $operation, $langcode, $account); + return $this->grantStorage->access($node, $operation, $account); } /** diff --git a/core/modules/node/src/NodeGrantDatabaseStorage.php b/core/modules/node/src/NodeGrantDatabaseStorage.php index 1898971..f6c56db 100644 --- a/core/modules/node/src/NodeGrantDatabaseStorage.php +++ b/core/modules/node/src/NodeGrantDatabaseStorage.php @@ -67,14 +67,14 @@ public function __construct(Connection $database, ModuleHandlerInterface $module /** * {@inheritdoc} */ - public function access(NodeInterface $node, $operation, $langcode, AccountInterface $account) { + public function access(NodeInterface $node, $operation, AccountInterface $account) { // If no module implements the hook or the node does not have an id there is // no point in querying the database for access grants. if (!$this->moduleHandler->getImplementations('node_grants') || !$node->id()) { // Return the equivalent of the default grant, defined by // self::writeDefault(). if ($operation === 'view') { - return AccessResult::allowedIf($node->getTranslation($langcode)->isPublished())->cacheUntilEntityChanges($node); + return AccessResult::allowedIf($node->isPublished())->cacheUntilEntityChanges($node); } else { return AccessResult::neutral(); @@ -89,7 +89,7 @@ public function access(NodeInterface $node, $operation, $langcode, AccountInterf // Check for grants for this node and the correct langcode. $nids = $query->andConditionGroup() ->condition('nid', $node->id()) - ->condition('langcode', $langcode); + ->condition('langcode', $node->language()->getId()); // If the node is published, also take the default grant into account. The // default is saved with a node ID of 0. $status = $node->isPublished(); diff --git a/core/modules/node/src/NodeGrantDatabaseStorageInterface.php b/core/modules/node/src/NodeGrantDatabaseStorageInterface.php index 505a63a..c59f941 100644 --- a/core/modules/node/src/NodeGrantDatabaseStorageInterface.php +++ b/core/modules/node/src/NodeGrantDatabaseStorageInterface.php @@ -102,8 +102,6 @@ public function writeDefault(); * @param string $operation * The entity operation. Usually one of 'view', 'edit', 'create' or * 'delete'. - * @param string $langcode - * The language code for which to check access. * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. * @@ -115,7 +113,7 @@ public function writeDefault(); * @see hook_node_access_records() * @see \Drupal\node\NodeGrantDatabaseStorageInterface::writeDefault() */ - public function access(NodeInterface $node, $operation, $langcode, AccountInterface $account); + public function access(NodeInterface $node, $operation, AccountInterface $account); /** * Counts available node grants. diff --git a/core/modules/node/src/NodeInterface.php b/core/modules/node/src/NodeInterface.php index 9610a99..839c3d2 100644 --- a/core/modules/node/src/NodeInterface.php +++ b/core/modules/node/src/NodeInterface.php @@ -160,12 +160,4 @@ public function getRevisionAuthor(); */ public function setRevisionAuthorId($uid); - /** - * Prepares the langcode for a node. - * - * @return string - * The langcode for this node. - */ - public function prepareLangcode(); - } diff --git a/core/modules/node/src/NodeTypeAccessControlHandler.php b/core/modules/node/src/NodeTypeAccessControlHandler.php index 84f3e0c..befaa0b 100644 --- a/core/modules/node/src/NodeTypeAccessControlHandler.php +++ b/core/modules/node/src/NodeTypeAccessControlHandler.php @@ -22,7 +22,7 @@ class NodeTypeAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { switch ($operation) { case 'view': return AccessResult::allowedIfHasPermission($account, 'access content'); @@ -33,12 +33,12 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } else { - return parent::checkAccess($entity, $operation, $langcode, $account)->cacheUntilEntityChanges($entity); + return parent::checkAccess($entity, $operation, $account)->cacheUntilEntityChanges($entity); } break; default: - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); break; } } diff --git a/core/modules/node/src/Tests/NodeAccessLanguageAwareCombinationTest.php b/core/modules/node/src/Tests/NodeAccessLanguageAwareCombinationTest.php index afa5368..3051af1 100644 --- a/core/modules/node/src/Tests/NodeAccessLanguageAwareCombinationTest.php +++ b/core/modules/node/src/Tests/NodeAccessLanguageAwareCombinationTest.php @@ -30,21 +30,21 @@ class NodeAccessLanguageAwareCombinationTest extends NodeTestBase { /** * A set of nodes to use in testing. * - * @var array + * @var \Drupal\node\NodeInterface[] */ protected $nodes = array(); /** * A normal authenticated user. * - * @var \Drupal\user\Entity\UserInterface. + * @var \Drupal\user\UserInterface. */ protected $webUser; /** * User 1. * - * @var \Drupal\user\Entity\UserInterface. + * @var \Drupal\user\UserInterface. */ protected $adminUser; @@ -200,78 +200,58 @@ function testNodeAccessLanguageAwareCombination() { $expected_node_access = array('view' => TRUE, 'update' => FALSE, 'delete' => FALSE); $expected_node_access_no_access = array('view' => FALSE, 'update' => FALSE, 'delete' => FALSE); - // When the node and both translations are public, access should only be - // denied when a translation that does not exist is requested. + // When the node and both translations are public, access should always be + // granted. $this->assertNodeAccess($expected_node_access, $this->nodes['public_both_public'], $this->webUser); - $this->assertNodeAccess($expected_node_access, $this->nodes['public_both_public'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access, $this->nodes['public_both_public'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_both_public'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access, $this->nodes['public_both_public']->getTranslation('hu'), $this->webUser); + $this->assertNodeAccess($expected_node_access, $this->nodes['public_both_public']->getTranslation('ca'), $this->webUser); // If the node is marked private but both existing translations are not, // access should still be granted, because the grants are additive. $this->assertNodeAccess($expected_node_access, $this->nodes['private_both_public'], $this->webUser); - $this->assertNodeAccess($expected_node_access, $this->nodes['private_both_public'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access, $this->nodes['private_both_public'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_both_public'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access, $this->nodes['private_both_public']->getTranslation('hu'), $this->webUser); + $this->assertNodeAccess($expected_node_access, $this->nodes['private_both_public']->getTranslation('ca'), $this->webUser); // If the node is marked private, but a existing translation is public, - // access should only be granted for the public translation. For a - // translation that does not exist yet (English translation), the access is - // denied. With the Hungarian translation marked as private, but the Catalan - // translation public, the access is granted. + // access should only be granted for the public translation. With the + // Hungarian translation marked as private, but the Catalan translation + // public, the access is granted. $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_hu_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_hu_private'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access, $this->nodes['public_hu_private'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_hu_private'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_hu_private']->getTranslation('hu'), $this->webUser); + $this->assertNodeAccess($expected_node_access, $this->nodes['public_hu_private']->getTranslation('ca'), $this->webUser); // With the Catalan translation marked as private, but the node public, // access is granted for the existing Hungarian translation, but not for the - // Catalan nor the English ones. + // Catalan. $this->assertNodeAccess($expected_node_access, $this->nodes['public_ca_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access, $this->nodes['public_ca_private'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_ca_private'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_ca_private'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access, $this->nodes['public_ca_private']->getTranslation('hu'), $this->webUser); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_ca_private']->getTranslation('ca'), $this->webUser); // With both translations marked as private, but the node public, access // should be denied in all cases. $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_both_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_both_private'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_both_private'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_both_private'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_both_private']->getTranslation('hu'), $this->webUser); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_both_private']->getTranslation('ca'), $this->webUser); // If the node and both its existing translations are private, access should // be denied in all cases. $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_both_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_both_private'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_both_private'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_both_private'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_both_private']->getTranslation('hu'), $this->webUser); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_both_private']->getTranslation('ca'), $this->webUser); // No access for all languages as the language aware node access module // denies access. $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_no_language_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_no_language_private'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_no_language_private'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_no_language_private'], $this->webUser, 'en'); // Access only for request with no language defined. $this->assertNodeAccess($expected_node_access, $this->nodes['public_no_language_public'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_no_language_public'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_no_language_public'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['public_no_language_public'], $this->webUser, 'en'); // No access for all languages as both node access modules deny access. $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_no_language_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_no_language_private'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_no_language_private'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_no_language_private'], $this->webUser, 'en'); // No access for all languages as the non language aware node access module // denies access. $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_no_language_public'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_no_language_public'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_no_language_public'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['private_no_language_public'], $this->webUser, 'en'); - // Query the node table with the node access tag in several languages. diff --git a/core/modules/node/src/Tests/NodeAccessLanguageAwareTest.php b/core/modules/node/src/Tests/NodeAccessLanguageAwareTest.php index 1f5c1fb..5770746 100644 --- a/core/modules/node/src/Tests/NodeAccessLanguageAwareTest.php +++ b/core/modules/node/src/Tests/NodeAccessLanguageAwareTest.php @@ -29,7 +29,7 @@ class NodeAccessLanguageAwareTest extends NodeTestBase { /** * A set of nodes to use in testing. * - * @var array + * @var \Drupal\node\NodeInterface[] */ protected $nodes = array(); @@ -157,60 +157,42 @@ function testNodeAccessLanguageAware() { $expected_node_access_no_access = array('view' => FALSE, 'update' => FALSE, 'delete' => FALSE); // When both Hungarian and Catalan are marked as public, access to the - // Hungarian translation should be granted when no language is specified or + // Hungarian translation should be granted with the default entity object or // when the Hungarian translation is specified explicitly. $this->assertNodeAccess($expected_node_access, $this->nodes['both_public'], $this->webUser); - $this->assertNodeAccess($expected_node_access, $this->nodes['both_public'], $this->webUser, 'hu'); + $this->assertNodeAccess($expected_node_access, $this->nodes['both_public']->getTranslation('hu'), $this->webUser); // Access to the Catalan translation should also be granted. - $this->assertNodeAccess($expected_node_access, $this->nodes['both_public'], $this->webUser, 'ca'); - // There is no English translation, so a request to access the English - // translation is denied. - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['both_public'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access, $this->nodes['both_public']->getTranslation('ca'), $this->webUser); // When Hungarian is marked as private, access to the Hungarian translation - // should be denied when no language is specified or when the Hungarian + // should be denied with the default entity object or when the Hungarian // translation is specified explicitly. $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['hu_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['hu_private'], $this->webUser, 'hu'); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['hu_private']->getTranslation('hu'), $this->webUser); // Access to the Catalan translation should be granted. - $this->assertNodeAccess($expected_node_access, $this->nodes['hu_private'], $this->webUser, 'ca'); - // There is no English translation, so a request to access the English - // translation is denied. - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['hu_private'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access, $this->nodes['hu_private']->getTranslation('ca'), $this->webUser); // When Catalan is marked as private, access to the Hungarian translation - // should be granted when no language is specified or when the Hungarian + // should be granted with the default entity object or when the Hungarian // translation is specified explicitly. $this->assertNodeAccess($expected_node_access, $this->nodes['ca_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access, $this->nodes['ca_private'], $this->webUser, 'hu'); + $this->assertNodeAccess($expected_node_access, $this->nodes['ca_private']->getTranslation('hu'), $this->webUser); // Access to the Catalan translation should be granted. - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['ca_private'], $this->webUser, 'ca'); - // There is no English translation, so a request to access the English - // translation is denied. - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['ca_private'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['ca_private']->getTranslation('ca'), $this->webUser); // When both translations are marked as private, access should be denied - // regardless of the language specified. + // regardless of the entity object specified. $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['both_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['both_private'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['both_private'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['both_private'], $this->webUser, 'en'); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['both_private']->getTranslation('hu'), $this->webUser); + $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['both_private']->getTranslation('ca'), $this->webUser); - // When no language is specified for a private node, access to every - // language is denied. + // When no language is specified for a private node, access to every node + // translation is denied. $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['no_language_private'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['no_language_private'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['no_language_private'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['no_language_private'], $this->webUser, 'en'); - - // When no language is specified for a public node, access should be granted - // only for the existing language (not specified), so only the request with - // no language will give access, as this request will be made with the - // langcode of the node, which is "not specified". + + // When no language is specified for a public node, access should be + // granted. $this->assertNodeAccess($expected_node_access, $this->nodes['no_language_public'], $this->webUser); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['no_language_public'], $this->webUser, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['no_language_public'], $this->webUser, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $this->nodes['no_language_public'], $this->webUser, 'en'); // Query the node table with the node access tag in several languages. diff --git a/core/modules/node/src/Tests/NodeAccessLanguageTest.php b/core/modules/node/src/Tests/NodeAccessLanguageTest.php index 7718c08..f576886 100644 --- a/core/modules/node/src/Tests/NodeAccessLanguageTest.php +++ b/core/modules/node/src/Tests/NodeAccessLanguageTest.php @@ -62,13 +62,7 @@ function testNodeAccess() { $this->assertNodeAccess($expected_node_access, $node_public_hu, $web_user); // Tests that Hungarian provided specifically results in the same. - $this->assertNodeAccess($expected_node_access, $node_public_hu, $web_user, 'hu'); - - // There is no specific Catalan version of this node and Croatian is not - // even set up on the system in this scenario, so the user will not get - // access to these nodes. - $this->assertNodeAccess($expected_node_access_no_access, $node_public_hu, $web_user, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $node_public_hu, $web_user, 'hr'); + $this->assertNodeAccess($expected_node_access, $node_public_hu->getTranslation('hu'), $web_user); // Creating a public node with no special langcode, like when no language // module enabled. @@ -81,15 +75,6 @@ function testNodeAccess() { // Tests that access is granted if requested with no language. $this->assertNodeAccess($expected_node_access, $node_public_no_language, $web_user); - // Tests that access is not granted if requested with Hungarian language. - $this->assertNodeAccess($expected_node_access_no_access, $node_public_no_language, $web_user, 'hu'); - - // There is no specific Catalan version of this node and Croatian is not - // even set up on the system in this scenario, so the user will not get - // access to these nodes. - $this->assertNodeAccess($expected_node_access_no_access, $node_public_no_language, $web_user, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $node_public_no_language, $web_user, 'hr'); - // Reset the node access cache and turn on our test node access code. \Drupal::entityManager()->getAccessControlHandler('node')->resetCache(); \Drupal::state()->set('node_access_test_secret_catalan', 1); @@ -100,23 +85,20 @@ function testNodeAccess() { $this->assertNodeAccess($expected_node_access, $node_public_no_language, $web_user); $this->assertNodeAccess($expected_node_access_no_access, $node_public_ca, $web_user); - // Tests that Hungarian is still not accessible. - $this->assertNodeAccess($expected_node_access_no_access, $node_public_no_language, $web_user, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $node_public_ca, $web_user, 'hu'); - // Tests that Hungarian node is still accessible. - $this->assertNodeAccess($expected_node_access, $node_public_hu, $web_user, 'hu'); + $this->assertNodeAccess($expected_node_access, $node_public_hu, $web_user); + $this->assertNodeAccess($expected_node_access, $node_public_hu->getTranslation('hu'), $web_user); // Tests that Catalan is still not accessible. - $this->assertNodeAccess($expected_node_access_no_access, $node_public_no_language, $web_user, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $node_public_ca, $web_user, 'ca'); + $this->assertNodeAccess($expected_node_access_no_access, $node_public_ca->getTranslation('ca'), $web_user); // Make Catalan accessible. \Drupal::state()->set('node_access_test_secret_catalan', 0); // Tests that Catalan is accessible on a node with a Catalan version as the // static cache has not been reset. - $this->assertNodeAccess($expected_node_access_no_access, $node_public_ca, $web_user, 'ca'); + $this->assertNodeAccess($expected_node_access_no_access, $node_public_ca, $web_user); + $this->assertNodeAccess($expected_node_access_no_access, $node_public_ca->getTranslation('ca'), $web_user); \Drupal::entityManager()->getAccessControlHandler('node')->resetCache(); @@ -124,18 +106,12 @@ function testNodeAccess() { $this->assertNodeAccess($expected_node_access, $node_public_no_language, $web_user); $this->assertNodeAccess($expected_node_access, $node_public_ca, $web_user); - // Tests that Hungarian is still not accessible. - $this->assertNodeAccess($expected_node_access_no_access, $node_public_no_language, $web_user, 'hu'); - $this->assertNodeAccess($expected_node_access_no_access, $node_public_ca, $web_user, 'hu'); - // Tests that Hungarian node is still accessible. - $this->assertNodeAccess($expected_node_access, $node_public_hu, $web_user, 'hu'); - - // Tests that Catalan is still not accessible on a node without a language. - $this->assertNodeAccess($expected_node_access_no_access, $node_public_no_language, $web_user, 'ca'); + $this->assertNodeAccess($expected_node_access, $node_public_hu, $web_user); + $this->assertNodeAccess($expected_node_access, $node_public_hu->getTranslation('hu'), $web_user); // Tests that Catalan is accessible on a node with a Catalan version. - $this->assertNodeAccess($expected_node_access, $node_public_ca, $web_user, 'ca'); + $this->assertNodeAccess($expected_node_access, $node_public_ca->getTranslation('ca'), $web_user); } /** @@ -155,13 +131,7 @@ function testNodeAccessPrivate() { $this->assertNodeAccess($expected_node_access_no_access, $node_private_hu, $web_user); // Tests that Hungarian provided specifically results in the same. - $this->assertNodeAccess($expected_node_access_no_access, $node_private_hu, $web_user, 'hu'); - - // There is no specific Catalan version of this node and Croatian is not - // even set up on the system in this scenario, so the user will not get - // access to these nodes. - $this->assertNodeAccess($expected_node_access_no_access, $node_private_hu, $web_user, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $node_private_hu, $web_user, 'hr'); + $this->assertNodeAccess($expected_node_access_no_access, $node_private_hu->getTranslation('hu'), $web_user); // Creating a private node with no special langcode, like when no language // module enabled. @@ -174,15 +144,6 @@ function testNodeAccessPrivate() { // Tests that access is not granted if requested with no language. $this->assertNodeAccess($expected_node_access_no_access, $node_private_no_language, $web_user); - // Tests that access is not granted if requested with Hungarian language. - $this->assertNodeAccess($expected_node_access_no_access, $node_private_no_language, $web_user, 'hu'); - - // There is no specific Catalan version of this node and Croatian is not - // even set up on the system in this scenario, so the user will not get - // access to these nodes. - $this->assertNodeAccess($expected_node_access_no_access, $node_private_no_language, $web_user, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $node_private_no_language, $web_user, 'hr'); - // Reset the node access cache and turn on our test node access code. \Drupal::entityManager()->getAccessControlHandler('node')->resetCache(); \Drupal::state()->set('node_access_test_secret_catalan', 1); @@ -190,12 +151,6 @@ function testNodeAccessPrivate() { // Tests that access is not granted if requested with no language. $this->assertNodeAccess($expected_node_access_no_access, $node_private_no_language, $web_user); - // Tests that Hungarian is still not accessible. - $this->assertNodeAccess($expected_node_access_no_access, $node_private_no_language, $web_user, 'hu'); - - // Tests that Catalan is still not accessible. - $this->assertNodeAccess($expected_node_access_no_access, $node_private_no_language, $web_user, 'ca'); - // Creating a private node with langcode Catalan to test that the // node_access_test_secret_catalan flag works. $private_ca_user = $this->drupalCreateUser(array('access content', 'node test view')); @@ -203,19 +158,23 @@ function testNodeAccessPrivate() { $this->assertTrue($node_private_ca->language()->getId() == 'ca', 'Node created as Catalan.'); // Tests that Catalan is still not accessible to either user. - $this->assertNodeAccess($expected_node_access_no_access, $node_private_ca, $web_user, 'ca'); - $this->assertNodeAccess($expected_node_access_no_access, $node_private_ca, $private_ca_user, 'ca'); + $this->assertNodeAccess($expected_node_access_no_access, $node_private_ca, $web_user); + $this->assertNodeAccess($expected_node_access_no_access, $node_private_ca->getTranslation('ca'), $web_user); + $this->assertNodeAccess($expected_node_access_no_access, $node_private_ca, $private_ca_user); + $this->assertNodeAccess($expected_node_access_no_access, $node_private_ca->getTranslation('ca'), $private_ca_user); \Drupal::entityManager()->getAccessControlHandler('node')->resetCache(); \Drupal::state()->set('node_access_test_secret_catalan', 0); // Tests that Catalan is still not accessible for a user with no access to // private nodes. - $this->assertNodeAccess($expected_node_access_no_access, $node_private_ca, $web_user, 'ca'); + $this->assertNodeAccess($expected_node_access_no_access, $node_private_ca, $web_user); + $this->assertNodeAccess($expected_node_access_no_access, $node_private_ca->getTranslation('ca'), $web_user); // Tests that Catalan is accessible by a user with the permission to see // private nodes. - $this->assertNodeAccess($expected_node_access, $node_private_ca, $private_ca_user, 'ca'); + $this->assertNodeAccess($expected_node_access, $node_private_ca, $private_ca_user); + $this->assertNodeAccess($expected_node_access, $node_private_ca->getTranslation('ca'), $private_ca_user); } /** diff --git a/core/modules/node/src/Tests/NodeAccessRebuildNodeGrantsTest.php b/core/modules/node/src/Tests/NodeAccessRebuildNodeGrantsTest.php index 7147975..3938ef2 100644 --- a/core/modules/node/src/Tests/NodeAccessRebuildNodeGrantsTest.php +++ b/core/modules/node/src/Tests/NodeAccessRebuildNodeGrantsTest.php @@ -46,7 +46,7 @@ public function testNodeAccessRebuildNodeGrants() { )); // Default realm access and node records are present. - $this->assertTrue(\Drupal::service('node.grant_storage')->access($node, 'view', 'en', $this->webUser), 'The expected node access records are present'); + $this->assertTrue(\Drupal::service('node.grant_storage')->access($node, 'view', $this->webUser), 'The expected node access records are present'); $this->assertEqual(1, \Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is an all realm access record'); $this->assertTrue(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions need to be rebuilt'); @@ -57,7 +57,7 @@ public function testNodeAccessRebuildNodeGrants() { // Test if the rebuild has been successful. $this->assertNull(\Drupal::state()->get('node.node_access_needs_rebuild'), 'Node access permissions have been rebuilt'); - $this->assertTrue(\Drupal::service('node.grant_storage')->access($node, 'view', 'en', $this->webUser), 'The expected node access records are present'); + $this->assertTrue(\Drupal::service('node.grant_storage')->access($node, 'view', $this->webUser), 'The expected node access records are present'); $this->assertFalse(\Drupal::service('node.grant_storage')->checkAll($this->webUser), 'There is no all realm access record'); } diff --git a/core/modules/node/src/Tests/NodeTestBase.php b/core/modules/node/src/Tests/NodeTestBase.php index 1f4dca0..1640a79 100644 --- a/core/modules/node/src/Tests/NodeTestBase.php +++ b/core/modules/node/src/Tests/NodeTestBase.php @@ -8,6 +8,7 @@ namespace Drupal\node\Tests; use Drupal\Core\Session\AccountInterface; +use Drupal\node\NodeInterface; use Drupal\simpletest\WebTestBase; /** @@ -55,20 +56,14 @@ protected function setUp() { * and account, with each key as the name of an operation (e.g. 'view', * 'delete') and each value a Boolean indicating whether access to that * operation should be granted. - * @param \Drupal\node\Entity\Node $node + * @param \Drupal\node\NodeInterface $node * The node object to check. * @param \Drupal\Core\Session\AccountInterface $account * The user account for which to check access. - * @param string|null $langcode - * (optional) The language code indicating which translation of the node - * to check. If NULL, the untranslated (fallback) access is checked. */ - function assertNodeAccess(array $ops, $node, AccountInterface $account, $langcode = NULL) { + function assertNodeAccess(array $ops, NodeInterface $node, AccountInterface $account) { foreach ($ops as $op => $result) { - if (empty($langcode)) { - $langcode = $node->prepareLangcode(); - } - $this->assertEqual($result, $this->accessHandler->access($node, $op, $langcode, $account), $this->nodeAccessAssertMessage($op, $result, $langcode)); + $this->assertEqual($result, $this->accessHandler->access($node, $op, $account), $this->nodeAccessAssertMessage($op, $result, $node->language()->getId())); } } diff --git a/core/modules/node/src/Tests/Views/BulkFormAccessTest.php b/core/modules/node/src/Tests/Views/BulkFormAccessTest.php index 480f931..fa8a527 100644 --- a/core/modules/node/src/Tests/Views/BulkFormAccessTest.php +++ b/core/modules/node/src/Tests/Views/BulkFormAccessTest.php @@ -85,7 +85,7 @@ public function testNodeEditAccess() { $this->assertTrue($node->isPublished(), 'Node is initially published.'); // Ensure that the node can not be edited. - $this->assertEqual(FALSE, $this->accessHandler->access($node, 'update', $node->prepareLangcode(), $account), 'The node may not be edited.'); + $this->assertEqual(FALSE, $this->accessHandler->access($node, 'update', $account), 'The node may not be edited.'); // Test editing the node using the bulk form. $edit = array( @@ -155,9 +155,9 @@ public function testNodeDeleteAccess() { $this->drupalLogin($account); // Ensure that the private node can not be deleted. - $this->assertEqual(FALSE, $this->accessHandler->access($private_node, 'delete', $private_node->prepareLangcode(), $account), 'The private node may not be deleted.'); + $this->assertEqual(FALSE, $this->accessHandler->access($private_node, 'delete', $account), 'The private node may not be deleted.'); // Ensure that the public node may be deleted. - $this->assertEqual(TRUE, $this->accessHandler->access($own_node, 'delete', $own_node->prepareLangcode(), $account), 'The own node may be deleted.'); + $this->assertEqual(TRUE, $this->accessHandler->access($own_node, 'delete', $account), 'The own node may be deleted.'); // Try to delete the node using the bulk form. $edit = array( diff --git a/core/modules/node/tests/modules/node_access_test/node_access_test.module b/core/modules/node/tests/modules/node_access_test/node_access_test.module index 3cd0b32..e195ea8 100644 --- a/core/modules/node/tests/modules/node_access_test/node_access_test.module +++ b/core/modules/node/tests/modules/node_access_test/node_access_test.module @@ -144,10 +144,10 @@ function node_access_test_add_field(NodeTypeInterface $type) { /** * Implements hook_node_access(). */ -function node_access_test_node_access(\Drupal\node\NodeInterface $node, $op, \Drupal\Core\Session\AccountInterface $account, $langcode) { +function node_access_test_node_access(\Drupal\node\NodeInterface $node, $op, \Drupal\Core\Session\AccountInterface $account) { $secret_catalan = \Drupal::state() ->get('node_access_test_secret_catalan') ?: 0; - if ($secret_catalan && $langcode == 'ca') { + if ($secret_catalan && $node->language()->getId() == 'ca') { // Make all Catalan content secret. return AccessResult::forbidden()->setCacheMaxAge(0); } diff --git a/core/modules/search/src/SearchPageAccessControlHandler.php b/core/modules/search/src/SearchPageAccessControlHandler.php index a0b9a97..3bd2a6e 100644 --- a/core/modules/search/src/SearchPageAccessControlHandler.php +++ b/core/modules/search/src/SearchPageAccessControlHandler.php @@ -23,14 +23,14 @@ class SearchPageAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { /** @var $entity \Drupal\search\SearchPageInterface */ if (in_array($operation, array('delete', 'disable'))) { if ($entity->isDefaultSearch()) { return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } else { - return parent::checkAccess($entity, $operation, $langcode, $account)->cacheUntilEntityChanges($entity); + return parent::checkAccess($entity, $operation, $account)->cacheUntilEntityChanges($entity); } } if ($operation == 'view') { @@ -43,7 +43,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } return AccessResult::allowed()->cacheUntilEntityChanges($entity); } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); } } diff --git a/core/modules/shortcut/src/ShortcutAccessControlHandler.php b/core/modules/shortcut/src/ShortcutAccessControlHandler.php index fa52c60..f760937 100644 --- a/core/modules/shortcut/src/ShortcutAccessControlHandler.php +++ b/core/modules/shortcut/src/ShortcutAccessControlHandler.php @@ -55,7 +55,7 @@ public static function createInstance(ContainerInterface $container, EntityTypeI /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { if ($shortcut_set = $this->shortcutSetStorage->load($entity->bundle())) { return shortcut_set_edit_access($shortcut_set, $account); } diff --git a/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php b/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php index 493a736..3e9edc7 100644 --- a/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php +++ b/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php @@ -22,7 +22,7 @@ class ShortcutSetAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { switch ($operation) { case 'update': if ($account->hasPermission('administer shortcuts')) { diff --git a/core/modules/system/src/DateFormatAccessControlHandler.php b/core/modules/system/src/DateFormatAccessControlHandler.php index 83009fc..e817f70 100644 --- a/core/modules/system/src/DateFormatAccessControlHandler.php +++ b/core/modules/system/src/DateFormatAccessControlHandler.php @@ -22,7 +22,7 @@ class DateFormatAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { // There are no restrictions on viewing a date format. if ($operation == 'view') { return AccessResult::allowed(); @@ -33,11 +33,11 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } else { - return parent::checkAccess($entity, $operation, $langcode, $account)->cacheUntilEntityChanges($entity); + return parent::checkAccess($entity, $operation, $account)->cacheUntilEntityChanges($entity); } } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); } } diff --git a/core/modules/system/src/MenuAccessControlHandler.php b/core/modules/system/src/MenuAccessControlHandler.php index fba0183..789577b 100644 --- a/core/modules/system/src/MenuAccessControlHandler.php +++ b/core/modules/system/src/MenuAccessControlHandler.php @@ -22,7 +22,7 @@ class MenuAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { if ($operation === 'view') { return AccessResult::allowed(); } @@ -32,11 +32,11 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A return AccessResult::forbidden()->cacheUntilEntityChanges($entity); } else { - return parent::checkAccess($entity, $operation, $langcode, $account)->cacheUntilEntityChanges($entity); + return parent::checkAccess($entity, $operation, $account)->cacheUntilEntityChanges($entity); } } - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); } } diff --git a/core/modules/system/tests/modules/entity_test/entity_test.module b/core/modules/system/tests/modules/entity_test/entity_test.module index f850bf1..e172576 100644 --- a/core/modules/system/tests/modules/entity_test/entity_test.module +++ b/core/modules/system/tests/modules/entity_test/entity_test.module @@ -621,7 +621,7 @@ function entity_test_entity_prepare_view($entity_type, array $entities, array $d /** * Implements hook_entity_access(). */ -function entity_test_entity_access(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { +function entity_test_entity_access(EntityInterface $entity, $operation, AccountInterface $account) { // Only apply to the 'entity_test' entities. if ($entity->getEntityType()->getProvider() != 'entity_test') { return AccessResult::neutral(); @@ -644,7 +644,7 @@ function entity_test_entity_access(EntityInterface $entity, $operation, AccountI /** * Implements hook_ENTITY_TYPE_access() for 'entity_test'. */ -function entity_test_entity_test_access(EntityInterface $entity, $operation, AccountInterface $account, $langcode) { +function entity_test_entity_test_access(EntityInterface $entity, $operation, AccountInterface $account) { \Drupal::state()->set('entity_test_entity_test_access', TRUE); // No opinion. diff --git a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php index be95080..fb0e418 100644 --- a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php +++ b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessControlHandler.php @@ -29,7 +29,9 @@ class EntityTestAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { + /** @var \Drupal\entity_test\Entity\EntityTest $entity */ + // Always forbid access to entities with the label 'forbid_access', used for // \Drupal\system\Tests\Entity\EntityAccessHControlandlerTest::testDefaultEntityAccess(). if ($entity->label() == 'forbid_access') { @@ -37,7 +39,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } if ($operation === 'view') { - if ($langcode != LanguageInterface::LANGCODE_DEFAULT) { + if (!$entity->isDefaultTranslation()) { return AccessResult::allowedIfHasPermission($account, 'view test entity translations'); } return AccessResult::allowedIfHasPermission($account, 'view test entity'); diff --git a/core/modules/taxonomy/src/TermAccessControlHandler.php b/core/modules/taxonomy/src/TermAccessControlHandler.php index b4ccb53..7f12e02 100644 --- a/core/modules/taxonomy/src/TermAccessControlHandler.php +++ b/core/modules/taxonomy/src/TermAccessControlHandler.php @@ -22,7 +22,7 @@ class TermAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { switch ($operation) { case 'view': return AccessResult::allowedIfHasPermission($account, 'access content'); diff --git a/core/modules/user/src/RoleAccessControlHandler.php b/core/modules/user/src/RoleAccessControlHandler.php index e6f469d..e950e46 100644 --- a/core/modules/user/src/RoleAccessControlHandler.php +++ b/core/modules/user/src/RoleAccessControlHandler.php @@ -22,7 +22,7 @@ class RoleAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { switch ($operation) { case 'delete': if ($entity->id() == RoleInterface::ANONYMOUS_ID || $entity->id() == RoleInterface::AUTHENTICATED_ID) { @@ -30,7 +30,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A } default: - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); } } diff --git a/core/modules/user/src/UserAccessControlHandler.php b/core/modules/user/src/UserAccessControlHandler.php index 47bb7ce..605f7c7 100644 --- a/core/modules/user/src/UserAccessControlHandler.php +++ b/core/modules/user/src/UserAccessControlHandler.php @@ -24,7 +24,7 @@ class UserAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { /** @var \Drupal\user\UserInterface $entity*/ // The anonymous user's profile can neither be viewed, updated nor deleted. diff --git a/core/modules/views/src/ViewAccessControlHandler.php b/core/modules/views/src/ViewAccessControlHandler.php index 96d130e..c287b9f 100644 --- a/core/modules/views/src/ViewAccessControlHandler.php +++ b/core/modules/views/src/ViewAccessControlHandler.php @@ -22,12 +22,12 @@ class ViewAccessControlHandler extends EntityAccessControlHandler { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { + public function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) { if ($operation == 'view') { return AccessResult::allowed(); } else { - return parent::checkAccess($entity, $operation, $langcode, $account); + return parent::checkAccess($entity, $operation, $account); } }