diff --git a/core/lib/Drupal/Core/Access/AccessResult.php b/core/lib/Drupal/Core/Access/AccessResult.php index 93d804d..5dbad19 100644 --- a/core/lib/Drupal/Core/Access/AccessResult.php +++ b/core/lib/Drupal/Core/Access/AccessResult.php @@ -171,7 +171,7 @@ public static function allowedIfHasPermission(AccountInterface $account, $permis * * @return \Drupal\Core\Access\AccessResult */ - public static function allowedIfHasPermissions(AccountInterface $account, $permissions, $conjunction = 'AND') { + public static function allowedIfHasPermissions(AccountInterface $account, array $permissions, $conjunction = 'AND') { return static::create()->allowIfHasPermissions($account, $permissions, $conjunction); } @@ -438,10 +438,10 @@ public function allowIfHasPermission(AccountInterface $account, $permission) { * * @return $this */ - public function allowIfHasPermissions(AccountInterface $account, $permissions, $conjunction = 'AND') { + public function allowIfHasPermissions(AccountInterface $account, array $permissions, $conjunction = 'AND') { $access = FALSE; - if ($conjunction == 'AND' && $permissions) { + if ($conjunction == 'AND' && !empty($permissions)) { $access = TRUE; foreach ($permissions as $permission) { if (!$permission_access = $account->hasPermission($permission)) { diff --git a/core/modules/path/src/Plugin/Field/FieldType/PathFieldItemList.php b/core/modules/path/src/Plugin/Field/FieldType/PathFieldItemList.php index 20c3810..77f42e7 100644 --- a/core/modules/path/src/Plugin/Field/FieldType/PathFieldItemList.php +++ b/core/modules/path/src/Plugin/Field/FieldType/PathFieldItemList.php @@ -23,7 +23,7 @@ public function defaultAccess($operation = 'view', AccountInterface $account = N if ($operation == 'view') { return AccessResult::allowed(); } - return AccessResult::allowedIf($account->hasPermission('create url aliases') || $account->hasPermission('administer url aliases'))->cachePerRole(); + return AccessResult::allowedIfHasPermissions($account, ['create url aliases', 'administer url aliases'], 'OR')->cachePerRole(); } } diff --git a/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php b/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php index 4968f04..6a66b85 100644 --- a/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php +++ b/core/modules/shortcut/src/ShortcutSetAccessControlHandler.php @@ -11,6 +11,7 @@ use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Entity\EntityAccessControlHandler; use Drupal\Core\Session\AccountInterface; +use Drupal\node\Plugin\views\filter\Access; /** * Defines the access control handler for the shortcut set entity type. @@ -46,8 +47,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A * {@inheritdoc} */ protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) { - $condition = $account->hasPermission('administer shortcuts') || ($account->hasPermission('access shortcuts') && $account->hasPermission('customize shortcut links')); - return AccessResult::allowedIf($condition)->cachePerRole(); + return AccessResult::allowedIfHasPermission($account, 'administer shortcuts')->orIf(AccessResult::allowedIfHasPermissions($account, ['access shortcuts', 'customize shortcut links'], 'AND')); } } diff --git a/core/modules/taxonomy/src/TermAccessControlHandler.php b/core/modules/taxonomy/src/TermAccessControlHandler.php index 2ecd3a6..e55da59 100644 --- a/core/modules/taxonomy/src/TermAccessControlHandler.php +++ b/core/modules/taxonomy/src/TermAccessControlHandler.php @@ -29,11 +29,11 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A break; case 'update': - return AccessResult::allowedIf($account->hasPermission("edit terms in {$entity->bundle()}") || $account->hasPermission('administer taxonomy'))->cachePerRole(); + return AccessResult::allowedIfHasPermissions($account, ["edit terms in {$entity->bundle()}", 'administer taxonomy'], 'OR'); break; case 'delete': - return AccessResult::allowedIf($account->hasPermission("delete terms in {$entity->bundle()}") || $account->hasPermission('administer taxonomy'))->cachePerRole(); + return AccessResult::allowedIfHasPermissions($account, ["delete terms in {$entity->bundle()}", 'administer taxonomy'], 'OR'); break; default: