From 5085cb35c774e44ae39d58d5aeaaadcd6ab4d5c2 Mon Sep 17 00:00:00 2001
From: Alex Pott <alex.a.pott@googlemail.com>
Date: Wed, 16 Oct 2013 13:10:57 +0100
Subject: [PATCH] Issue #2095125 by Xano: Use access constants in every access
 control context.

---
 .../Drupal/Core/Access/AccessInterface.php    | 27 +++----------
 .../Core/Access/AccessibleInterface.php       | 31 +++++++++++++++
 .../Drupal/Core/Entity/EntityInterface.php    |  2 +-
 .../Entity/Field/FieldItemListInterface.php   |  2 +-
 .../Core/Routing/Access/AccessInterface.php   | 32 +++++++++++++++
 .../Core/TypedData/AccessibleInterface.php    | 39 -------------------
 .../Core/TypedData/Annotation/DataType.php    |  2 +-
 .../Drupal/node/Plugin/Search/NodeSearch.php  |  2 +-
 .../lib/Drupal/search/SearchPluginManager.php |  2 +-
 core/modules/system/entity.api.php            |  2 +-
 .../system/Tests/Entity/EntityAccessTest.php  |  2 +-
 .../Drupal/user/Plugin/Search/UserSearch.php  |  2 +-
 .../views_ui/lib/Drupal/views_ui/ViewUI.php   |  2 +-
 .../Tests/Core/Access/AccessManagerTest.php   |  2 +-
 14 files changed, 78 insertions(+), 71 deletions(-)
 create mode 100644 core/lib/Drupal/Core/Access/AccessibleInterface.php
 create mode 100644 core/lib/Drupal/Core/Routing/Access/AccessInterface.php
 delete mode 100644 core/lib/Drupal/Core/TypedData/AccessibleInterface.php

diff --git a/core/lib/Drupal/Core/Access/AccessInterface.php b/core/lib/Drupal/Core/Access/AccessInterface.php
index f555ecb8611c..d37a51f8e62d 100644
--- a/core/lib/Drupal/Core/Access/AccessInterface.php
+++ b/core/lib/Drupal/Core/Access/AccessInterface.php
@@ -11,23 +11,21 @@
 use Symfony\Component\Routing\Route;
 
 /**
- * An access check service determines access rules for particular routes.
+ * Provides access check results.
  */
 interface AccessInterface {
 
   /**
    * Grant access.
    *
-   * A checker should return this value to indicate that it grants access to a
-   * route.
+   * A checker should return this value to indicate that it grants access.
    */
   const ALLOW = TRUE;
 
   /**
    * Deny access.
    *
-   * A checker should return this value to indicate it does not grant access to
-   * a route.
+   * A checker should return this value to indicate it does not grant access.
    */
   const DENY = NULL;
 
@@ -35,24 +33,9 @@ interface AccessInterface {
    * Block access.
    *
    * A checker should return this value to indicate that it wants to completely
-   * block access to this route, regardless of any other access checkers. Most
-   * checkers should prefer DENY.
+   * block access, regardless of any other access checkers. Most checkers
+   * should prefer DENY.
    */
   const KILL = FALSE;
 
-  /**
-   * Checks for access to a route.
-   *
-   * @param \Symfony\Component\Routing\Route $route
-   *   The route to check against.
-   * @param \Symfony\Component\HttpFoundation\Request $request
-   *   The request object.
-   *
-   * @return mixed
-   *   TRUE if access is allowed.
-   *   FALSE if not.
-   *   NULL if no opinion.
-   */
-  public function access(Route $route, Request $request);
-
 }
diff --git a/core/lib/Drupal/Core/Access/AccessibleInterface.php b/core/lib/Drupal/Core/Access/AccessibleInterface.php
new file mode 100644
index 000000000000..faa5a6ffd7c2
--- /dev/null
+++ b/core/lib/Drupal/Core/Access/AccessibleInterface.php
@@ -0,0 +1,31 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\Core\Access\AccessibleInterface.
+ */
+
+namespace Drupal\Core\Access;
+
+use Drupal\Core\Session\AccountInterface;
+
+/**
+ * Interface for checking access.
+ */
+interface AccessibleInterface extends AccessInterface {
+
+  /**
+   * Checks data value access.
+   *
+   * @param string $operation
+   *   The operation to be performed.
+   * @param \Drupal\Core\Session\AccountInterface $account
+   *   (optional) The user for which to check access, or NULL to check access
+   *   for the current user. Defaults to NULL.
+   *
+   * @return bool|null
+   *   self::ALLOW, self::DENY, or self::KILL.
+   */
+  public function access($operation, AccountInterface $account = NULL);
+
+}
diff --git a/core/lib/Drupal/Core/Entity/EntityInterface.php b/core/lib/Drupal/Core/Entity/EntityInterface.php
index 06e412a718af..5f84ac90f105 100644
--- a/core/lib/Drupal/Core/Entity/EntityInterface.php
+++ b/core/lib/Drupal/Core/Entity/EntityInterface.php
@@ -7,7 +7,7 @@
 
 namespace Drupal\Core\Entity;
 
-use Drupal\Core\TypedData\AccessibleInterface;
+use Drupal\Core\Access\AccessibleInterface;
 
 /**
  * Defines a common interface for all entity objects.
diff --git a/core/lib/Drupal/Core/Entity/Field/FieldItemListInterface.php b/core/lib/Drupal/Core/Entity/Field/FieldItemListInterface.php
index 300de8fe3c54..856c3fc855a5 100644
--- a/core/lib/Drupal/Core/Entity/Field/FieldItemListInterface.php
+++ b/core/lib/Drupal/Core/Entity/Field/FieldItemListInterface.php
@@ -8,7 +8,7 @@
 namespace Drupal\Core\Entity\Field;
 
 use Drupal\Core\Session\AccountInterface;
-use Drupal\Core\TypedData\AccessibleInterface;
+use Drupal\Core\Access\AccessibleInterface;
 use Drupal\Core\TypedData\ListInterface;
 
 /**
diff --git a/core/lib/Drupal/Core/Routing/Access/AccessInterface.php b/core/lib/Drupal/Core/Routing/Access/AccessInterface.php
new file mode 100644
index 000000000000..3d93eea73195
--- /dev/null
+++ b/core/lib/Drupal/Core/Routing/Access/AccessInterface.php
@@ -0,0 +1,32 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\Core\Routing\Access\AccessInterface.
+ */
+
+namespace Drupal\Core\Routing\Access;
+
+use Drupal\Core\Access\AccessInterface as GenericAccessInterface;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\Routing\Route;
+
+/**
+ * An access check service determines access rules for particular routes.
+ */
+interface AccessInterface extends GenericAccessInterface {
+
+  /**
+   * Checks for access to a route.
+   *
+   * @param \Symfony\Component\Routing\Route $route
+   *   The route to check against.
+   * @param \Symfony\Component\HttpFoundation\Request $request
+   *   The request object.
+   *
+   * @return bool|null
+   *   self::ALLOW, self::DENY, or self::KILL.
+   */
+  public function access(Route $route, Request $request);
+
+}
diff --git a/core/lib/Drupal/Core/TypedData/AccessibleInterface.php b/core/lib/Drupal/Core/TypedData/AccessibleInterface.php
deleted file mode 100644
index 30e373de167f..000000000000
--- a/core/lib/Drupal/Core/TypedData/AccessibleInterface.php
+++ /dev/null
@@ -1,39 +0,0 @@
-<?php
-
-/**
- * @file
- * Contains \Drupal\Core\TypedData\AccessibleInterface.
- */
-
-namespace Drupal\Core\TypedData;
-
-use Drupal\Core\Session\AccountInterface;
-
-/**
- * Interface for checking access.
- */
-interface AccessibleInterface {
-
-  /**
-   * Checks data value access.
-   *
-   * @param string $operation
-   *   (optional) The operation to be performed. Supported values are:
-   *   - view
-   *   - create
-   *   - update
-   *   - delete
-   *   Defaults to 'view'.
-   * @param \Drupal\Core\Session\AccountInterface $account
-   *   (optional) The user for which to check access, or NULL to check access
-   *   for the current user. Defaults to NULL.
-   *
-   * @return bool
-   *   TRUE if the given user has access for the given operation, FALSE
-   *   otherwise.
-   *
-   * @todo Don't depend on module level code.
-   */
-  public function access($operation = 'view', AccountInterface $account = NULL);
-
-}
diff --git a/core/lib/Drupal/Core/TypedData/Annotation/DataType.php b/core/lib/Drupal/Core/TypedData/Annotation/DataType.php
index ec9ef6dfcb51..da2d300dae41 100644
--- a/core/lib/Drupal/Core/TypedData/Annotation/DataType.php
+++ b/core/lib/Drupal/Core/TypedData/Annotation/DataType.php
@@ -20,7 +20,7 @@
  * or more data properties. Typed data objects for complex data types have to
  * implement the \Drupal\Core\TypedData\ComplexDataInterface. Further interface
  * that may be implemented are:
- *  - \Drupal\Core\TypedData\AccessibleInterface
+ *  - \Drupal\Core\Access\AccessibleInterface
  *  - \Drupal\Core\TypedData\TranslatableInterface
  *
  * Furthermore, lists of data items are represented by objects implementing the
diff --git a/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php b/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
index cdc399f2f5f7..8e90efb164da 100644
--- a/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
+++ b/core/modules/node/lib/Drupal/node/Plugin/Search/NodeSearch.php
@@ -18,7 +18,7 @@
 use Drupal\Core\Language\Language;
 use Drupal\Core\Plugin\PluginFormInterface;
 use Drupal\Core\Session\AccountInterface;
-use Drupal\Core\TypedData\AccessibleInterface;
+use Drupal\Core\Access\AccessibleInterface;
 use Drupal\Core\Database\Query\Condition;
 use Drupal\search\Annotation\SearchPlugin;
 use Drupal\search\Plugin\SearchPluginBase;
diff --git a/core/modules/search/lib/Drupal/search/SearchPluginManager.php b/core/modules/search/lib/Drupal/search/SearchPluginManager.php
index 612db99e3eee..dac919b3f277 100644
--- a/core/modules/search/lib/Drupal/search/SearchPluginManager.php
+++ b/core/modules/search/lib/Drupal/search/SearchPluginManager.php
@@ -114,7 +114,7 @@ public function pluginAccess($plugin_id, AccountInterface $account) {
       return FALSE;
     }
     // Plugins that implement AccessibleInterface can deny access.
-    if (is_subclass_of($definition['class'], '\Drupal\Core\TypedData\AccessibleInterface')) {
+    if (is_subclass_of($definition['class'], '\Drupal\Core\Access\AccessibleInterface')) {
       return $this->createInstance($plugin_id)->access('view', $account);
     }
     return TRUE;
diff --git a/core/modules/system/entity.api.php b/core/modules/system/entity.api.php
index 00684271df33..a9123a11a57a 100644
--- a/core/modules/system/entity.api.php
+++ b/core/modules/system/entity.api.php
@@ -710,7 +710,7 @@ function hook_entity_operation_alter(array &$operations, \Drupal\Core\Entity\Ent
  *
  * @param string $operation
  *   The operation to be performed. See
- *   \Drupal\Core\TypedData\AccessibleInterface::access() for possible values.
+ *   \Drupal\Core\Access\AccessibleInterface::access() for possible values.
  * @param \Drupal\Core\Entity\Field\FieldDefinitionInterface $field_definition
  *   The field definition.
  * @param \Drupal\Core\Session\AccountInterface $account
diff --git a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php
index 33b2c1a7eb9d..373c90be95a6 100644
--- a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php
+++ b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php
@@ -9,7 +9,7 @@
 
 use Drupal\Core\Language\Language;
 use Drupal\Core\Session\AccountInterface;
-use Drupal\Core\TypedData\AccessibleInterface;
+use Drupal\Core\Access\AccessibleInterface;
 use Drupal\Core\Entity\EntityAccessController;
 
 /**
diff --git a/core/modules/user/lib/Drupal/user/Plugin/Search/UserSearch.php b/core/modules/user/lib/Drupal/user/Plugin/Search/UserSearch.php
index 52ed50b07a39..e4827b6cc2a2 100644
--- a/core/modules/user/lib/Drupal/user/Plugin/Search/UserSearch.php
+++ b/core/modules/user/lib/Drupal/user/Plugin/Search/UserSearch.php
@@ -12,7 +12,7 @@
 use Drupal\Core\Entity\EntityManager;
 use Drupal\Core\Extension\ModuleHandlerInterface;
 use Drupal\Core\Session\AccountInterface;
-use Drupal\Core\TypedData\AccessibleInterface;
+use Drupal\Core\Access\AccessibleInterface;
 use Drupal\search\Annotation\SearchPlugin;
 use Drupal\search\Plugin\SearchPluginBase;
 use Symfony\Component\DependencyInjection\ContainerInterface;
diff --git a/core/modules/views_ui/lib/Drupal/views_ui/ViewUI.php b/core/modules/views_ui/lib/Drupal/views_ui/ViewUI.php
index 6fccced099d5..f126edede890 100644
--- a/core/modules/views_ui/lib/Drupal/views_ui/ViewUI.php
+++ b/core/modules/views_ui/lib/Drupal/views_ui/ViewUI.php
@@ -892,7 +892,7 @@ public function language() {
   }
 
   /**
-   * Implements \Drupal\Core\TypedData\AccessibleInterface::access().
+   * {@inheritdoc}
    */
   public function access($operation = 'view', AccountInterface $account = NULL) {
     return $this->storage->access($operation, $account);
diff --git a/core/tests/Drupal/Tests/Core/Access/AccessManagerTest.php b/core/tests/Drupal/Tests/Core/Access/AccessManagerTest.php
index d12f5c041ad8..a545cc80f1e2 100644
--- a/core/tests/Drupal/Tests/Core/Access/AccessManagerTest.php
+++ b/core/tests/Drupal/Tests/Core/Access/AccessManagerTest.php
@@ -8,7 +8,7 @@
 namespace Drupal\Tests\Core\Access;
 
 use Drupal\Core\Access\AccessCheckInterface;
-use Drupal\Core\Access\AccessInterface;
+use Drupal\Core\Routing\Access\AccessInterface;
 use Drupal\Core\Access\AccessManager;
 use Drupal\Core\Access\DefaultAccessCheck;
 use Drupal\system\Tests\Routing\MockRouteProvider;
-- 
GitLab