diff --git a/core/lib/Drupal/Core/Session/UserSession.php b/core/lib/Drupal/Core/Session/UserSession.php index da4f26d..912d755 100644 --- a/core/lib/Drupal/Core/Session/UserSession.php +++ b/core/lib/Drupal/Core/Session/UserSession.php @@ -141,15 +141,7 @@ public function hasPermission($permission) { return TRUE; } - $roles = \Drupal::entityManager()->getStorage('user_role')->loadMultiple($this->getRoles()); - - foreach ($roles as $role) { - if ($role->hasPermission($permission)) { - return TRUE; - } - } - - return FALSE; + return $this->getRoleStorage()->isPermissionInRoles($permission, $this->getRoles()); } /** @@ -250,4 +242,14 @@ public function getHostname() { return $this->hostname; } + /** + * Returns the role storage object. + * + * @return \Drupal\user\RoleStorageInterface + * The role storage object. + */ + protected function getRoleStorage() { + return \Drupal::entityManager()->getStorage('user_role'); + } + } diff --git a/core/modules/user/src/Entity/User.php b/core/modules/user/src/Entity/User.php index ec8ac32..307cfc2 100644 --- a/core/modules/user/src/Entity/User.php +++ b/core/modules/user/src/Entity/User.php @@ -242,15 +242,7 @@ public function hasPermission($permission) { return TRUE; } - $roles = \Drupal::entityManager()->getStorage('user_role')->loadMultiple($this->getRoles()); - - foreach ($roles as $role) { - if ($role->hasPermission($permission)) { - return TRUE; - } - } - - return FALSE; + return $this->getRoleStorage()->isPermissionInRoles($permission, $this->getRoles()); } /** @@ -534,4 +526,14 @@ public static function baseFieldDefinitions(EntityTypeInterface $entity_type) { return $fields; } + /** + * Returns the role storage object. + * + * @return \Drupal\user\RoleStorageInterface + * The role storage object. + */ + protected function getRoleStorage() { + return \Drupal::entityManager()->getStorage('user_role'); + } + } diff --git a/core/modules/user/src/RoleStorage.php b/core/modules/user/src/RoleStorage.php index c875c93..2afd00e 100644 --- a/core/modules/user/src/RoleStorage.php +++ b/core/modules/user/src/RoleStorage.php @@ -17,6 +17,21 @@ class RoleStorage extends ConfigEntityStorage implements RoleStorageInterface { /** * {@inheritdoc} */ + public function isPermissionInRoles($permission, array $rids) { + $has_permission = FALSE; + foreach ($this->loadMultiple($rids) as $role) { + if ($role->hasPermission($permission)) { + $has_permission = TRUE; + break; + } + } + + return $has_permission; + } + + /** + * {@inheritdoc} + */ public function deleteRoleReferences(array $rids) { // Remove the role from all users. db_delete('users_roles') diff --git a/core/modules/user/src/RoleStorageInterface.php b/core/modules/user/src/RoleStorageInterface.php index d094d5e..84cf99c 100644 --- a/core/modules/user/src/RoleStorageInterface.php +++ b/core/modules/user/src/RoleStorageInterface.php @@ -15,6 +15,19 @@ interface RoleStorageInterface extends ConfigEntityStorageInterface { /** + * Returns whether a permission is in one of the passed in roles. + * + * @param string $permission + * The permission. + * @param array $rids + * The list of role IDs to check. + * + * @return bool + * TRUE is the permission is in at least one of the roles. FALSE otherwise. + */ + public function isPermissionInRoles($permission, array $rids); + + /** * Delete role references. * * @param array $rids