diff --git a/core/modules/node/lib/Drupal/node/NodeFormController.php b/core/modules/node/lib/Drupal/node/NodeFormController.php index f4cfb52..ead532d 100644 --- a/core/modules/node/lib/Drupal/node/NodeFormController.php +++ b/core/modules/node/lib/Drupal/node/NodeFormController.php @@ -53,8 +53,8 @@ public function __construct(EntityManagerInterface $entity_manager, AccountInter */ public static function create(ContainerInterface $container) { return new static( - $container->get('entity.manager'), - $container->get('current_user') + $container->get('entity.manager'), + $container->get('current_user') ); } diff --git a/core/modules/node/lib/Drupal/node/Plugin/entity_reference/selection/NodeSelection.php b/core/modules/node/lib/Drupal/node/Plugin/entity_reference/selection/NodeSelection.php index 625ddea..a846144 100644 --- a/core/modules/node/lib/Drupal/node/Plugin/entity_reference/selection/NodeSelection.php +++ b/core/modules/node/lib/Drupal/node/Plugin/entity_reference/selection/NodeSelection.php @@ -32,8 +32,8 @@ public function buildEntityQuery($match = NULL, $match_operator = 'CONTAINS') { // 'unpublished'. We need to do that as long as there are no access control // modules in use on the site. As long as one access control module is there, // it is supposed to handle this check. - if (!\Drupal::currentUser()->hasPermission('bypass node access') && - !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) { + if (!\Drupal::currentUser()->hasPermission('bypass node access') + && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) { $query->condition('status', NODE_PUBLISHED); } return $query; diff --git a/core/modules/node/node.api.php b/core/modules/node/node.api.php index 300df98..458dd19 100644 --- a/core/modules/node/node.api.php +++ b/core/modules/node/node.api.php @@ -166,7 +166,7 @@ * sure to restore your {node_access} record after node_access_rebuild() is * called. * - * @param $account + * @param \Drupal\Core\Session\AccountInterface $account * The user object whose grants are requested. * @param $op * The node operation to be performed, such as 'view', 'update', or 'delete'. @@ -181,7 +181,7 @@ * @see node_access_rebuild() * @ingroup node_access */ -function hook_node_grants($account, $op) { +function hook_node_grants(\Drupal\Core\Session\AccountInterface $account, $op) { if ($account->hasPermission('access private content')) { $grants['example'] = array(1); } @@ -555,7 +555,7 @@ function hook_node_load($nodes) { * - "delete" * - "update" * - "view" - * @param object $account + * @param \Drupal\Core\Session\AccountInterface $account * The user object to perform the access check operation on. * @param object $langcode * The language code to perform the access check operation on. @@ -567,7 +567,7 @@ function hook_node_load($nodes) { * * @ingroup node_access */ -function hook_node_access(\Drupal\node\NodeInterface $node, $op, $account, $langcode) { +function hook_node_access(\Drupal\node\NodeInterface $node, $op, \Drupal\Core\Session\AccountInterface $account, $langcode) { $type = is_string($node) ? $node : $node->getType(); $configured_types = node_permissions_get_configured_types(); @@ -577,15 +577,17 @@ function hook_node_access(\Drupal\node\NodeInterface $node, $op, $account, $lang } if ($op == 'update') { - if ($account->hasPermission('edit any ' . $type . ' content') || - ($account->hasPermission('edit own ' . $type . ' content') && ($account->id() == $node->getAuthorId()))) { + if ($account->hasPermission('edit any ' . $type . ' content') + || ($account->hasPermission('edit own ' . $type . ' content') + && ($account->id() == $node->getAuthorId()))) { return NODE_ACCESS_ALLOW; } } if ($op == 'delete') { - if ($account->hasPermission('delete any ' . $type . ' content') || - ($account->hasPermission('delete own ' . $type . ' content') && ($account->id() == $node->getAuthorId()))) { + if ($account->hasPermission('delete any ' . $type . ' content') + || ($account->hasPermission('delete own ' . $type . ' content') + && ($account->id() == $node->getAuthorId()))) { return NODE_ACCESS_ALLOW; } } diff --git a/core/modules/node/node.module b/core/modules/node/node.module index dc52a7d..7581f4c 100644 --- a/core/modules/node/node.module +++ b/core/modules/node/node.module @@ -21,7 +21,6 @@ use Drupal\Core\Template\Attribute; use Drupal\file\Entity\File; - /** * Denotes that the node is not published. */ @@ -1092,13 +1091,12 @@ function node_revision_list(EntityInterface $node) { function node_get_recent($number = 10) { $query = db_select('node_field_data', 'n'); - if (!\Drupal::currentUser()->hasPermission('bypass node access')) { + $account = \Drupal::currentUser(); + if (!$account->hasPermission('bypass node access')) { // If the user is able to view their own unpublished nodes, allow them // to see these in addition to published nodes. Check that they actually // have some unpublished nodes to view before adding the condition. - - - if (\Drupal::currentUser()->hasPermission('view own unpublished content') && $own_unpublished = db_query('SELECT DISTINCT nid FROM {node_field_data} WHERE uid = :uid AND status = :status', array(':uid' => \Drupal::currentUser()->id(), ':status' => NODE_NOT_PUBLISHED))->fetchCol()) { + if ($account->hasPermission('view own unpublished content') && $own_unpublished = db_query('SELECT DISTINCT nid FROM {node_field_data} WHERE uid = :uid AND status = :status', array(':uid' => \Drupal::currentUser()->id(), ':status' => NODE_NOT_PUBLISHED))->fetchCol()) { $query->condition(db_or() ->condition('n.status', NODE_PUBLISHED) ->condition('n.nid', $own_unpublished, 'IN') diff --git a/core/modules/node/node.pages.inc b/core/modules/node/node.pages.inc index a959916..bd0468a 100644 --- a/core/modules/node/node.pages.inc +++ b/core/modules/node/node.pages.inc @@ -134,11 +134,12 @@ function node_revision_overview($node) { $type = $node->getType(); $revert_permission = FALSE; - if ((\Drupal::currentUser()->hasPermission("revert $type revisions") || \Drupal::currentUser()->hasPermission('revert all revisions') || \Drupal::currentUser()->hasPermission('administer nodes')) && $node->access('update')) { + $account = \Drupal::currentUser(); + if (($account->hasPermission("revert $type revisions") || $account->hasPermission('revert all revisions') || $account->hasPermission('administer nodes')) && $node->access('update')) { $revert_permission = TRUE; } $delete_permission = FALSE; - if ((\Drupal::currentUser()->hasPermission("delete $type revisions") || \Drupal::currentUser()->hasPermission('delete all revisions') || \Drupal::currentUser()->hasPermission('administer nodes')) && $node->access('delete')) { + if (($account->hasPermission("delete $type revisions") || $account->hasPermission('delete all revisions') || $account->hasPermission('administer nodes')) && $node->access('delete')) { $delete_permission = TRUE; } foreach ($revisions as $revision) { diff --git a/core/modules/node/node.views_execution.inc b/core/modules/node/node.views_execution.inc index 02dd82e..f97b8ad 100644 --- a/core/modules/node/node.views_execution.inc +++ b/core/modules/node/node.views_execution.inc @@ -11,10 +11,11 @@ * Implements hook_views_query_substitutions(). */ function node_views_query_substitutions(ViewExecutable $view) { + $account = \Drupal::currentUser(); return array( - '***ADMINISTER_NODES***' => intval(\Drupal::currentUser()->hasPermission('administer nodes')), - '***VIEW_OWN_UNPUBLISHED_NODES***' => intval(\Drupal::currentUser()->hasPermission('view own unpublished content')), - '***BYPASS_NODE_ACCESS***' => intval(\Drupal::currentUser()->hasPermission('bypass node access')), + '***ADMINISTER_NODES***' => intval($account->hasPermission('administer nodes')), + '***VIEW_OWN_UNPUBLISHED_NODES***' => intval($account->hasPermission('view own unpublished content')), + '***BYPASS_NODE_ACCESS***' => intval($account->hasPermission('bypass node access')), ); }