The access checker for /tracker/{user} is declared as a service, but will only ever be used once.
Now that #2107137: Fix the DX for declaring custom access checkers is in, it can be moved.

CommentFileSizeAuthor
#16 interdiff-2117251-11-16.txt740 bytesmarkdorison
#16 convert-2117251-16.patch3.18 KBmarkdorison
#11 interdiff.txt900 bytestim.plunkett
#11 2117251-tracker-11.patch3.22 KBtim.plunkett
#7 2117251-tracker-6.patch3.31 KBtim.plunkett
#7 interdiff.txt1.64 KBtim.plunkett
#5 convert-2117251-5.patch3.01 KBmarkdorison
tracker-access-check.patch3.25 KBtim.plunkett
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

dawehner’s picture

dawehner
Primary language German
CreditAttribution: dawehner commented
Status: Needs review » Needs work

Can't we rename that to: _access_own_user or something like that and make it usuable in other places?

At least for views I would love to have exactly that functionality on an access plugin.

Version: 8.0.x-dev » 8.1.x-dev

Drupal 8.0.6 was released on April 6 and is the final bugfix release for the Drupal 8.0.x series. Drupal 8.0.x will not receive any further development aside from security fixes. Drupal 8.1.0-rc1 is now available and sites should prepare to update to 8.1.0.

Bug reports should be targeted against the 8.1.x-dev branch from now on, and new development or disruptive changes should be targeted against the 8.2.x-dev branch. For more information see the Drupal 8 minor version schedule and the Allowed changes during the Drupal 8 release cycle.

markdorison’s picture

markdorison
he/him
CreditAttribution: markdorison at Chromatic commented
Version: 8.1.x-dev » 8.3.x-dev
Issue summary: View changes
Status: Needs work » Closed (outdated)

I believe this issue is outdated since the ViewOwnTrackerAccessCheck class no longer exists. Feel free to re-open if I am incorrect.

tim.plunkett’s picture

tim.plunkett
he/him
Primary language English
Location Philadelphia
CreditAttribution: tim.plunkett at Acquia commented
Status: Closed (outdated) » Needs work

It's at core/modules/tracker/src/Access/ViewOwnTrackerAccessCheck.php, the directory structure changed in May 2014

markdorison’s picture

markdorison
he/him
CreditAttribution: markdorison at Chromatic commented
Status: Needs work » Needs review
FileSize
convert-2117251-5.patch3.01 KB

Re-rolled patch.

dawehner’s picture

dawehner
Primary language German
CreditAttribution: dawehner at Chapter Three commented 
+++ b/core/modules/tracker/src/Controller/TrackerUserRecent.php
@@ -18,4 +19,14 @@ public function getContent(UserInterface $user) {
+    $account = \Drupal::currentUser();

You could probably use $this->currentUser()

tim.plunkett’s picture

tim.plunkett
he/him
Primary language English
Location Philadelphia
CreditAttribution: tim.plunkett at Acquia commented
FileSize
interdiff.txt1.64 KB
2117251-tracker-6.patch3.31 KB

Fixed the @todo and also the error (can't return a Boolean anymore)

tim.plunkett’s picture

tim.plunkett
he/him
Primary language English
Location Philadelphia
CreditAttribution: tim.plunkett at Acquia commented

\Drupal\Core\Access\AccessArgumentsResolverFactory::getArgumentsResolver() allows you to ask for the route, route match, or current account and will provide it to you.

The last submitted patch, 5: convert-2117251-5.patch, failed testing.

dawehner’s picture

dawehner
Primary language German
CreditAttribution: dawehner at Chapter Three commented 
+++ b/core/modules/tracker/src/Controller/TrackerUserRecent.php
@@ -18,4 +20,26 @@ public function getContent(UserInterface $user) {
+    if ($user && $account->isAuthenticated() && $user->id() == $account->id()) {
+      $result = AccessResult::allowed();
+    }
+    else {
+      $result = AccessResult::neutral();
+    }

What about using $result = AccessResult::allowedIf($user && ...); return $result->cachePermissions() ...

tim.plunkett’s picture

tim.plunkett
he/him
Primary language English
Location Philadelphia
CreditAttribution: tim.plunkett at Acquia commented
FileSize
2117251-tracker-11.patch3.22 KB
interdiff.txt900 bytes

Aha! Much better.

Status: Needs review » Needs work

The last submitted patch, 11: 2117251-tracker-11.patch, failed testing.

dawehner’s picture

dawehner
Primary language German
CreditAttribution: dawehner at Chapter Three commented

Sorry for another round of annoying questions.

  1. +++ b/core/modules/tracker/src/Controller/TrackerUserRecent.php
@@ -18,4 +20,21 @@ public function getContent(UserInterface $user) {
+    return AccessResult::allowedIf($user && $account->isAuthenticated() && $user->id() == $account->id())

    One question: how could $user be false, even if it is passed in as argument? Wouldn't the access resolver stop if the user wasn't passed in, in the first place? 

  2. +++ b/core/modules/tracker/src/Controller/TrackerUserRecent.php
@@ -18,4 +20,21 @@ public function getContent(UserInterface $user) {
+      ->cachePerPermissions()

    Do you know the reason why cachdPermissions() was there? At least for me its not obvious why this condition varies by permissions of users.

tim.plunkett’s picture

tim.plunkett
he/him
Primary language English
Location Philadelphia
CreditAttribution: tim.plunkett at Acquia commented

1) It's probably left over from the conversion from $GLOBALS['user']
2) I'm assuming it was to address the ->isAuthenticated() check. I guess ->cachePerUser() is enough?

dawehner’s picture

dawehner
Primary language German
CreditAttribution: dawehner at Chapter Three commented

1) It's probably left over from the conversion from $GLOBALS['user']

Do you think we can clean this up?

2) I'm assuming it was to address the ->isAuthenticated() check. I guess ->cachePerUser() is enough?

Yeah, the cachePerUser is sort of a superset of cache by permission.

markdorison’s picture

markdorison
he/him
CreditAttribution: markdorison at Chromatic commented
Status: Needs work » Needs review
FileSize
convert-2117251-16.patch3.18 KB
interdiff-2117251-11-16.txt740 bytes

Addressed issues identified in #13/#14/#15.

dawehner’s picture

dawehner
Primary language German
CreditAttribution: dawehner at Chapter Three commented
Status: Needs review » Reviewed & tested by the community

Thank you @markdorison

  • catch committed 07c1080 on 8.3.x 
    Issue #2117251 by tim.plunkett, markdorison, dawehner: Convert...
catch’s picture

catch
he/him
Primary language English
CreditAttribution: catch at Third and Grove commented
Status: Reviewed & tested by the community » Fixed

Committed/pushed to 8.3.x, thanks!

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.