Port SA-CONTRIB-2015-039 to D8 (views)

We originally filled the default permissions issue based upon a public issue in the core issue queue, sadly I can't find it, primarily because
it got unpublished in the meantime.

But yeah for core it would be nice to have a really simple test, note we already have dedicated tests for each default view IMHO.

Tagging. We wouldn't want to recommend early adopters start building D8 sites without this being fixed.

Sorry, one more.

Added default permission to aggregator_rss_feed.

+++ b/core/modules/node/src/Plugin/views/wizard/Node.php
@@ -77,6 +77,7 @@ protected function defaultDisplayOptions() {
+    $display_options['access']['perm'] = 'access content';

missing ['options']

adapted the title to find the issue :P

+++ b/core/modules/node/src/Plugin/views/wizard/Node.php
@@ -77,6 +77,7 @@ protected function defaultDisplayOptions() {
+    $display_options['access']['options']['type'] = 'access content';

+++ b/core/modules/taxonomy/src/Plugin/views/wizard/TaxonomyTerm.php
@@ -28,6 +28,7 @@ protected function defaultDisplayOptions() {
+    $display_options['access']['options']['type'] = 'access content';

It should be $display_options['access']['options']['perm'] instead.

Just ensured and indeed the other part of the SA is fixed in HEAD:

  /**
   * {@inheritdoc}
   */
  public function submitForm(array &$form, FormStateInterface $form_state) {
    $this->tempStore->delete($this->entity->id());
    $form_state->setRedirectUrl($this->entity->urlInfo('edit-form'));
    drupal_set_message($this->t('The lock has been broken and you may now edit this view.'));
  }

thank you!

Perfect. Thank you!

I'd really like to remove archive, glossary and other random default views from core, could we open a follow-up for this?

Note I asked for this in the original VDC issue #1805996-26: [META] Views in Drupal Core then xjm's reply said it made sense for them to be in contrib #1805996-29: [META] Views in Drupal Core but for some reason that never happened.

I'd really like to remove archive, glossary and other random default views from core, could we open a follow-up for this?

I think they are useful, given that those examples, especially glossary, are really hard to configure for your own.
They are disabled by default anyway.

In case we really want to remove them, they should be just moved to test only views, given that they allow us to have quite some good test coverage than just the simple views like frontpage.

From #2

But yeah for core it would be nice to have a really simple test, note we already have dedicated tests for each default view IMHO.

I'll work on some tests

Added tests for the paths:

• /aggregator/rss
• /archive
• /glossary
• /taxonomy/term/%
• /taxonomy/term/%/feed

The patch and tests look good to me. There's just one thing that stands out a bit:

+++ b/core/modules/views_ui/src/Tests/DefaultViewsTest.php
@@ -108,7 +110,18 @@ function testDefaultViews() {
+    // Clear permissions for anonymous users to check access for default views.
+    $this->config('user.role.' . DRUPAL_ANONYMOUS_RID)->set('permissions', array())->save();

We usually update the config entity instead working with the underlying config system, but it works so I'll let committers decide if it's ok to do this or not.. it's just a test after all :)

re #24 This makes the test unnecessarily dependent on the underlying config structure. Let's fix that.

Ok, that's a very easy fix and shouldn't hold up this patch any longer.

Oops, missed one :/

Nice work!

I think #28 was a crosspost with #26 and the new files were accidentally deleted. Trying a re-upload of #27 for the testbot.

This issue addresses a critical bug and is allowed per https://www.drupal.org/core/beta-changes. Committed 7f6245a and pushed to 8.0.x. Thanks!

Here is the follow up requested by @catch : #2428335: Discuss what to do with the disabled default views: archive, glossary