diff --git a/core/authorize.php b/core/authorize.php index fd9e2f4..5d3b61a 100644 --- a/core/authorize.php +++ b/core/authorize.php @@ -56,9 +56,7 @@ function authorize_access_denied_page() { * TRUE if the current user can run authorize.php, and FALSE if not. */ function authorize_access_allowed() { - require_once DRUPAL_ROOT . '/' . settings()->get('session_inc', 'core/includes/session.inc'); - drupal_session_initialize(); - return settings()->get('allow_authorize_operations', TRUE) && user_access('administer software updates'); + return settings()->get('allow_authorize_operations', TRUE) && \Drupal::currentUser()->hasPermission('administer software updates'); } // *** Real work of the script begins here. *** @@ -73,6 +71,8 @@ function authorize_access_allowed() { drupal_bootstrap(DRUPAL_BOOTSTRAP_PAGE_CACHE); $request = \Drupal::request(); +\Drupal::service('authentication')->authenticate($request); + // We have to enable the user and system modules, even to check access and // display errors via the maintenance theme. $module_list['system'] = 'core/modules/system/system.module'; diff --git a/core/lib/Drupal/Core/Authentication/AuthenticationManager.php b/core/lib/Drupal/Core/Authentication/AuthenticationManager.php index 7f6821e..4c65159 100644 --- a/core/lib/Drupal/Core/Authentication/AuthenticationManager.php +++ b/core/lib/Drupal/Core/Authentication/AuthenticationManager.php @@ -118,13 +118,7 @@ public function authenticate(Request $request) { // for later access. $request->attributes->set('_authentication_provider', $this->triggeredProviderId); - $this->currentAccount = $account; - - // The global $user object is included for backward compatibility only and - // should be considered deprecated. - // @todo Remove this line once global $user is no longer used. - global $user; - $user = $account; + $this->setAccount($account); return $account; } @@ -163,6 +157,10 @@ public function getAccount() { */ public function setAccount(AccountInterface $account) { $this->currentAccount = $account; + // The global $user object is included for backward compatibility only and + // should be considered deprecated. + // @todo Remove this line once global $user is no longer used. + $GLOBALS['user'] = $account; } diff --git a/core/lib/Drupal/Core/Cron.php b/core/lib/Drupal/Core/Cron.php index b3eed83..5234a6e 100644 --- a/core/lib/Drupal/Core/Cron.php +++ b/core/lib/Drupal/Core/Cron.php @@ -90,9 +90,7 @@ public function run() { // Force the current user to anonymous to ensure consistent permissions on // cron runs. $original_user = $this->authManager->getAccount(); - $anonymous = new UserSession(); - $this->authManager->setAccount($anonymous); - $GLOBALS['user'] = $anonymous; + $this->authManager->setAccount(new UserSession()); // Try to allocate enough time to run all the hook_cron implementations. drupal_set_time_limit(240); @@ -158,7 +156,6 @@ public function run() { } // Restore the user. - $GLOBALS['user'] = $original_user; $this->authManager->setAccount($original_user); drupal_save_session($original_session_saving); diff --git a/core/modules/views/tests/Drupal/views/Tests/ViewsTest.php b/core/modules/views/tests/Drupal/views/Tests/ViewsTest.php index 9466c0b..b8f11b0 100644 --- a/core/modules/views/tests/Drupal/views/Tests/ViewsTest.php +++ b/core/modules/views/tests/Drupal/views/Tests/ViewsTest.php @@ -30,8 +30,13 @@ protected function setUp() { parent::setUp(); $container = new ContainerBuilder(); - $user = $this->getMock('Drupal\Core\Session\AccountInterface'); - $container->set('views.executable', new ViewExecutableFactory($user)); + + $auth_manager = $this->getMock('Drupal\Core\Authentication\AuthenticationManagerInterface'); + $auth_manager->expects($this->any()) + ->method('getAccount') + ->will($this->returnValue($this->getMock('Drupal\Core\Session\AccountInterface'))); + + $container->set('views.executable', new ViewExecutableFactory($auth_manager)); $this->view = new View(array('id' => 'test_view'), 'view'); diff --git a/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewListControllerTest.php b/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewListControllerTest.php index 534f824..819ac68 100644 --- a/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewListControllerTest.php +++ b/core/modules/views_ui/tests/Drupal/views_ui/Tests/ViewListControllerTest.php @@ -115,8 +115,11 @@ public function testBuildRowEntityList() { ))); $container = new ContainerBuilder(); - $user = $this->getMock('Drupal\Core\Session\AccountInterface'); - $executable_factory = new ViewExecutableFactory($user); + $auth_manager = $this->getMock('Drupal\Core\Authentication\AuthenticationManagerInterface'); + $auth_manager->expects($this->any()) + ->method('getAccount') + ->will($this->returnValue($this->getMock('Drupal\Core\Session\AccountInterface'))); + $executable_factory = new ViewExecutableFactory($auth_manager); $container->set('views.executable', $executable_factory); $container->set('plugin.manager.views.display', $display_manager); \Drupal::setContainer($container); diff --git a/core/tests/Drupal/Tests/Core/Access/CsrfTokenGeneratorTest.php b/core/tests/Drupal/Tests/Core/Access/CsrfTokenGeneratorTest.php index 3a6d75c..c4b3cfb 100644 --- a/core/tests/Drupal/Tests/Core/Access/CsrfTokenGeneratorTest.php +++ b/core/tests/Drupal/Tests/Core/Access/CsrfTokenGeneratorTest.php @@ -24,6 +24,13 @@ class CsrfTokenGeneratorTest extends UnitTestCase { */ protected $generator; + /** + * The mocked authentication manager. + * + * @var \Drupal\Core\Authentication\AuthenticationManagerInterface|\PHPUnit_Framework_MockObject_MockObject + */ + protected $authManager; + public static function getInfo() { return array( 'name' => 'CsrfTokenGenerator test', @@ -48,7 +55,9 @@ function setUp() { ->method('get') ->will($this->returnValue($this->key)); - $this->generator = new CsrfTokenGenerator($private_key); + $this->authManager = $this->getMock('Drupal\Core\Authentication\AuthenticationManagerInterface'); + + $this->generator = new CsrfTokenGenerator($private_key, $this->authManager); } /** @@ -74,19 +83,21 @@ public function testValidate() { // Check the skip_anonymous option with both a anonymous user and a real // user. - $account = $this->getMock('Drupal\Core\Session\AccountInterface'); - $account->expects($this->once()) + $anonymous_account = $this->getMock('Drupal\Core\Session\AccountInterface'); + $anonymous_account->expects($this->once()) ->method('isAnonymous') ->will($this->returnValue(TRUE)); - $this->generator->setCurrentUser($account); - $this->assertTrue($this->generator->validate($token, 'foo', TRUE)); $account = $this->getMock('Drupal\Core\Session\AccountInterface'); $account->expects($this->once()) ->method('isAnonymous') ->will($this->returnValue(FALSE)); - $this->generator->setCurrentUser($account); + $this->authManager->expects($this->exactly(2)) + ->method('getAccount') + ->will($this->onConsecutiveCalls($anonymous_account, $account)); + + $this->assertTrue($this->generator->validate($token, 'foo', TRUE)); $this->assertFalse($this->generator->validate($token, 'foo', TRUE)); } diff --git a/core/tests/Drupal/Tests/Core/EventSubscriber/AccessSubscriberTest.php b/core/tests/Drupal/Tests/Core/EventSubscriber/AccessSubscriberTest.php index c473129..30ecc2f 100644 --- a/core/tests/Drupal/Tests/Core/EventSubscriber/AccessSubscriberTest.php +++ b/core/tests/Drupal/Tests/Core/EventSubscriber/AccessSubscriberTest.php @@ -55,9 +55,9 @@ class AccessSubscriberTest extends UnitTestCase { protected $accessManager; /** - * @var Drupal\Core\Session\AccountInterface|PHPUnit_Framework_MockObject_MockObject + * @var \Drupal\Core\Authentication\AuthenticationManagerInterface|\PHPUnit_Framework_MockObject_MockObject */ - protected $currentUser; + protected $authManager; /** * {@inheritdoc} @@ -100,9 +100,10 @@ public function setUp() { ->disableOriginalConstructor() ->getMock(); - $this->currentUser = $this->getMockBuilder('Drupal\Core\Session\AccountInterface') - ->disableOriginalConstructor() - ->getMock(); + $this->authManager = $this->getMock('Drupal\Core\Authentication\AuthenticationManagerInterface'); + $this->authManager->expects($this->any()) + ->method('getAccount') + ->will($this->returnValue($this->getMock('Drupal\Core\Session\AccountInterface'))); } /** @@ -127,7 +128,7 @@ public function testAccessSubscriberThrowsAccessDeniedException() { ->with($this->anything()) ->will($this->returnValue(FALSE)); - $subscriber = new AccessSubscriber($this->accessManager, $this->currentUser); + $subscriber = new AccessSubscriber($this->accessManager, $this->authManager); $subscriber->onKernelRequestAccessCheck($this->event); } @@ -142,7 +143,7 @@ public function testAccessSubscriberOnlyChecksForRequestsWithRouteObject() { $this->accessManager->expects($this->never())->method('check'); - $subscriber = new AccessSubscriber($this->accessManager, $this->currentUser); + $subscriber = new AccessSubscriber($this->accessManager, $this->authManager); $subscriber->onKernelRequestAccessCheck($this->event); } @@ -165,7 +166,7 @@ public function testAccessSubscriberDoesNotAlterRequestIfAccessManagerGrantsAcce ->with($this->anything()) ->will($this->returnValue(TRUE)); - $subscriber = new AccessSubscriber($this->accessManager, $this->currentUser); + $subscriber = new AccessSubscriber($this->accessManager, $this->authManager); $subscriber->onKernelRequestAccessCheck($this->event); } diff --git a/core/tests/Drupal/Tests/Core/Menu/ContextualLinkManagerTest.php b/core/tests/Drupal/Tests/Core/Menu/ContextualLinkManagerTest.php index 0e52b9f..07e95af 100644 --- a/core/tests/Drupal/Tests/Core/Menu/ContextualLinkManagerTest.php +++ b/core/tests/Drupal/Tests/Core/Menu/ContextualLinkManagerTest.php @@ -69,6 +69,13 @@ class ContextualLinkManagerTest extends UnitTestCase { */ protected $accessManager; + /** + * The mocked authentication manager. + * + * @var \Drupal\Core\Authentication\AuthenticationManagerInterface|\PHPUnit_Framework_MockObject_MockObject + */ + protected $authManager; + public static function getInfo() { return array( 'name' => 'Contextual links manager.', @@ -92,6 +99,10 @@ protected function setUp() { ->disableOriginalConstructor() ->getMock(); $this->account = $this->getMock('Drupal\Core\Session\AccountInterface'); + $this->authManager = $this->getMock('Drupal\Core\Authentication\AuthenticationManagerInterface'); + $this->authManager->expects($this->any()) + ->method('getAccount') + ->will($this->returnValue($this->account)); $property = new \ReflectionProperty('Drupal\Core\Menu\ContextualLinkManager', 'controllerResolver'); $property->setAccessible(TRUE); @@ -105,9 +116,9 @@ protected function setUp() { $property->setAccessible(TRUE); $property->setValue($this->contextualLinkManager, $this->factory); - $property = new \ReflectionProperty('Drupal\Core\Menu\ContextualLinkManager', 'account'); + $property = new \ReflectionProperty('Drupal\Core\Menu\ContextualLinkManager', 'authManager'); $property->setAccessible(TRUE); - $property->setValue($this->contextualLinkManager, $this->account); + $property->setValue($this->contextualLinkManager, $this->authManager); $property = new \ReflectionProperty('Drupal\Core\Menu\ContextualLinkManager', 'accessManager'); $property->setAccessible(TRUE); diff --git a/core/update.php b/core/update.php index db6b9d2..536c13b 100644 --- a/core/update.php +++ b/core/update.php @@ -70,7 +70,7 @@ function update_helpful_links() { 'title' => t('Front page'), 'href' => '', ); - if (user_access('access administration pages')) { + if (\Drupal::currentUser()->hasPermission('access administration pages')) { $links['admin-pages'] = array( 'title' => t('Administration pages'), 'href' => 'admin', @@ -256,7 +256,7 @@ function update_access_allowed() { $module_handler->setModuleList($module_filenames); $module_handler->reload(); \Drupal::service('kernel')->updateModules($module_filenames, $module_filenames); - return user_access('administer software updates'); + return $user->hasPermission('administer software updates'); } catch (\Exception $e) { return ($user->id() == 1); @@ -350,8 +350,7 @@ function update_check_requirements($skip_warnings = FALSE) { drupal_bootstrap(DRUPAL_BOOTSTRAP_PAGE_CACHE); $request = \Drupal::request(); -require_once DRUPAL_ROOT . '/' . settings()->get('session_inc', 'core/includes/session.inc'); -drupal_session_initialize(); +\Drupal::service('authentication')->authenticate($request); // Ensure that URLs generated for the home and admin pages don't have 'update.php' // in them.