Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Updated: Comment 0
Problem/Motivation
Views still calls user_access() all over the place even we could just inject the account if possible.
This adds a lot of unit testability aka. is kind of considered major for views.
Proposed resolution
Remaining tasks
User interface changes
API changes
Related Issues
Comment | File | Size | Author |
---|---|---|---|
#36 | interdiff-2109433-34-36.txt | 747 bytes | herom |
#36 | vdc-2109433-36.patch | 29.28 KB | herom |
#33 | interdiff-2109433-31-33.txt | 537 bytes | herom |
#31 | interdiff-2109433-29-31.txt | 598 bytes | herom |
#29 | interdiff-2109433-25-29.txt | 3.2 KB | herom |
Comments
Comment #1
dawehnerThere we go.
Comment #3
dawehnerWhat a destroying feature.
Comment #5
dawehnerHa.
Comment #7
dawehnerComment #9
dawehner#7: vdc-2109433-7.patch queued for re-testing.
Comment #11
damiankloip CreditAttribution: damiankloip commentedRerolled, plus don't believe all of those failures.
Comment #13
herom CreditAttribution: herom commentedreroll + small nitpicks.
also, I didn't see the errors locally too.
EDIT: tests also pass on simplytest.me (including this patch).
Comment #15
damiankloip CreditAttribution: damiankloip commentedI guess you are running this in the UI only? If you run this from the command line, you should see these failures (I think).
Comment #16
herom CreditAttribution: herom commentedreroll.
if this comes back with less fails, then I'd say this helped: #2073531: Use current user service instead of _account, remove _account from the request object (see #32, #37.1)
Comment #18
herom CreditAttribution: herom commented16: 2109433-16.patch queued for re-testing.
Comment #20
herom CreditAttribution: herom commentedwell, it has come down to this error:
and its stack trace in the drupal code is:
I hope this helps others to fix it.
Comment #21
dawehnerFixed the test failures and added some docs thingies.
Comment #22
damiankloip CreditAttribution: damiankloip commentedNice
We are calling this account when it's passed to access checks but user here. I think it should be called account everywhere? Just putting this out there. If there's a reason for this. Let me have it.
Comment #23
XanoAccess checks just need any account, but in most cases the account we pass on is the current user, which is more than just an account.
Comment #24
tim.plunkett$ grep -lr user_access * | grep "Plugin/views"
core/modules/node/lib/Drupal/node/Plugin/views/filter/Access.php
core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php
core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php
core/modules/user/lib/Drupal/user/Plugin/views/field/Language.php
core/modules/user/lib/Drupal/user/Plugin/views/field/User.php
Comment #25
herom CreditAttribution: herom commentedreplacing cases mentioned in #24.
Comment #27
herom CreditAttribution: herom commented25: vdc-2109433-25.patch queued for re-testing.
Comment #29
herom CreditAttribution: herom commentedthis should pass. the docblock on the
getUser()
function probably needs review though. I'm bad at writing :Djust a note (that might be unrelated here) that the previous failing test in
Drupal\user\Tests\Views\HandlerFilterUserNameTest
is a bit fragile.I became curious when the test was failing on 2 of 3 identical asserts in a loop. turned out the test is checking for simple numbers (2, 3, 4), which might be already present on the page, from the test header, etc.
the test might have passed just as well. and actually, it did pass locally for me, because I had error reporting on, and stack traces do contain a lot of numbers.
so, is this a separate issue? works as designed? should be fixed here? or else?
Comment #30
dawehnerMaybe just: views plugins can recieve the current user in order to not need dependency injection.
Comment #31
herom CreditAttribution: herom commentedadding #30.
Comment #32
herom CreditAttribution: herom commentedoops. patch was uploaded with wrong extension.
Comment #33
herom CreditAttribution: herom commentedanother case to use the injected
$user
inViewExecutable
.Comment #34
herom CreditAttribution: herom commentedreroll.
Comment #35
dawehnerThis looks really great!
I guess we should just use @inheritdoc here as well.
Comment #36
herom CreditAttribution: herom commentedincluding #35.
Comment #37
dawehnerThank you!
Comment #38
webchickCommitted and pushed to 8.x. Thanks!