From 686b47cd0bacd220545043195df9b05c13e00cf1 Mon Sep 17 00:00:00 2001
From: webchick <drupal@webchick.net>
Date: Fri, 11 Jul 2014 23:55:56 -0700
Subject: [PATCH] Issue #2061977 by InternetDevels, kim.pepper, ianthomas_uk,
herom, rhm50, naveenvalecha, andypost, mandar.harkare, sergeypavlenko,
sidharthap, SIz, tkuldeep17: Replace user_access() calls with
->hasPermission() in all core modules except user.
---
core/modules/comment/comment.module | 14 ++++++++------
.../comment/src/CommentAccessController.php | 10 +++++-----
.../selection/CommentSelection.php | 4 ++--
.../comment/src/Tests/CommentLinksTest.php | 2 +-
core/modules/contact/src/MessageForm.php | 2 +-
.../content_translation.admin.inc | 4 ++--
.../content_translation.module | 14 +++++++++-----
.../src/ContentTranslationHandler.php | 7 ++++---
core/modules/field_ui/field_ui.module | 7 ++++---
core/modules/filter/filter.module | 2 +-
.../filter/src/Tests/FilterFormatAccessTest.php | 4 ++--
core/modules/node/node.api.php | 12 ++++++------
core/modules/node/node.module | 10 +++++-----
core/modules/node/node.views_execution.inc | 7 ++++---
core/modules/node/src/NodeAccessController.php | 14 ++++++++------
core/modules/node/src/NodeForm.php | 15 ++++++++-------
.../entity_reference/selection/NodeSelection.php | 2 +-
.../src/Tests/NodeRevisionPermissionsTest.php | 4 ++--
.../node_access_test/node_access_test.module | 2 +-
core/modules/system/entity.api.php | 2 +-
core/modules/system/src/Form/ModulesListForm.php | 2 +-
core/modules/system/system.api.php | 6 +++---
core/modules/system/system.module | 2 +-
.../src/EntityTestAccessController.php | 8 ++++----
core/modules/system/theme.api.php | 2 +-
core/modules/toolbar/toolbar.module | 2 +-
core/modules/update/update.module | 2 +-
core/modules/views/views.api.php | 8 ++++++--
core/modules/views/views.module | 2 +-
29 files changed, 94 insertions(+), 78 deletions(-)
diff --git a/core/modules/comment/comment.module b/core/modules/comment/comment.module
index 401a3cf99b38..78426546494b 100644
--- a/core/modules/comment/comment.module
+++ b/core/modules/comment/comment.module
@@ -297,6 +297,7 @@ function comment_node_links_alter(array &$node_links, NodeInterface $node, array
}
$fields = \Drupal::service('comment.manager')->getFields('node');
+ $current_user = \Drupal::currentUser();
foreach ($fields as $field_name => $detail) {
// Skip fields that the node does not have.
if (!$node->hasField($field_name)) {
@@ -322,7 +323,7 @@ function comment_node_links_alter(array &$node_links, NodeInterface $node, array
// Teaser view: display the number of comments that have been posted,
// or a link to add new comments if the user has permission, the node
// is open to new comments, and there currently are none.
- if (user_access('access comments')) {
+ if ($current_user->hasPermission('access comments')) {
if (!empty($node->get($field_name)->comment_count)) {
$links['comment-comments'] = array(
'title' => format_plural($node->get($field_name)->comment_count, '1 comment', '@count comments'),
@@ -348,7 +349,7 @@ function comment_node_links_alter(array &$node_links, NodeInterface $node, array
// Provide a link to new comment form.
if ($commenting_status == CommentItemInterface::OPEN) {
$comment_form_location = $field_definition->getSetting('form_location');
- if (user_access('post comments')) {
+ if ($current_user->hasPermission('post comments')) {
$links['comment-add'] = array(
'title' => t('Add new comment'),
'language' => $node->language(),
@@ -380,10 +381,10 @@ function comment_node_links_alter(array &$node_links, NodeInterface $node, array
// allowed to post comments and if this node is allowing new comments.
if ($commenting_status == CommentItemInterface::OPEN) {
$comment_form_location = $field_definition->getSetting('form_location');
- if (user_access('post comments')) {
+ if ($current_user->hasPermission('post comments')) {
// Show the "post comment" link if the form is on another page, or
// if there are existing comments that the link will skip past.
- if ($comment_form_location == COMMENT_FORM_SEPARATE_PAGE || (!empty($node->get($field_name)->comment_count) && user_access('access comments'))) {
+ if ($comment_form_location == COMMENT_FORM_SEPARATE_PAGE || (!empty($node->get($field_name)->comment_count) && $current_user->hasPermission('access comments'))) {
$links['comment-add'] = array(
'title' => t('Add new comment'),
'attributes' => array('title' => t('Share your thoughts and opinions related to this posting.')),
@@ -546,7 +547,7 @@ function comment_get_thread(EntityInterface $entity, $field_name, $mode, $commen
->addMetaData('entity', $entity)
->addMetaData('field_name', $field_name);
- if (!user_access('administer comments')) {
+ if (!\Drupal::currentUser()->hasPermission('administer comments')) {
$query->condition('c.status', CommentInterface::PUBLISHED);
$count_query->condition('c.status', CommentInterface::PUBLISHED);
}
@@ -1250,7 +1251,8 @@ function comment_ranking() {
*/
function comment_file_download_access($field, EntityInterface $entity, FileInterface $file) {
if ($entity instanceof CommentInterface) {
- if (user_access('access comments') && $entity->isPublished() || user_access('administer comments')) {
+ $current_user = \Drupal::currentUser();
+ if ($current_user->hasPermission('access comments') && $entity->isPublished() || $current_user->hasPermission('administer comments')) {
$commented_entity = $entity->getCommentedEntity();
// Check access to parent entity.
return $commented_entity->access('view');
diff --git a/core/modules/comment/src/CommentAccessController.php b/core/modules/comment/src/CommentAccessController.php
index fe03f3b94489..81b426ebfb76 100644
--- a/core/modules/comment/src/CommentAccessController.php
+++ b/core/modules/comment/src/CommentAccessController.php
@@ -25,19 +25,19 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
/** @var \Drupal\Core\Entity\EntityInterface|\Drupal\user\EntityOwnerInterface $entity */
switch ($operation) {
case 'view':
- return user_access('access comments', $account);
+ return $account->hasPermission('access comments');
break;
case 'update':
- return ($account->id() && $account->id() == $entity->getOwnerId() && $entity->status->value == CommentInterface::PUBLISHED && user_access('edit own comments', $account)) || user_access('administer comments', $account);
+ return ($account->id() && $account->id() == $entity->getOwnerId() && $entity->status->value == CommentInterface::PUBLISHED && $account->hasPermission('edit own comments')) || $account->hasPermission('administer comments');
break;
case 'delete':
- return user_access('administer comments', $account);
+ return $account->hasPermission('administer comments');
break;
case 'approve':
- return user_access('administer comments', $account);
+ return $account->hasPermission('administer comments');
break;
}
}
@@ -46,7 +46,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
- return user_access('post comments', $account);
+ return $account->hasPermission('post comments');
}
}
diff --git a/core/modules/comment/src/Plugin/entity_reference/selection/CommentSelection.php b/core/modules/comment/src/Plugin/entity_reference/selection/CommentSelection.php
index a1ebe2afafa2..b6f63a0bb185 100644
--- a/core/modules/comment/src/Plugin/entity_reference/selection/CommentSelection.php
+++ b/core/modules/comment/src/Plugin/entity_reference/selection/CommentSelection.php
@@ -33,7 +33,7 @@ public function buildEntityQuery($match = NULL, $match_operator = 'CONTAINS') {
// Adding the 'comment_access' tag is sadly insufficient for comments:
// core requires us to also know about the concept of 'published' and
// 'unpublished'.
- if (!user_access('administer comments')) {
+ if (!\Drupal::currentUser()->hasPermission('administer comments')) {
$query->condition('status', CommentInterface::PUBLISHED);
}
return $query;
@@ -61,7 +61,7 @@ public function entityQueryAlter(SelectInterface $query) {
// Passing the query to node_query_node_access_alter() is sadly
// insufficient for nodes.
// @see SelectionEntityTypeNode::entityQueryAlter()
- if (!user_access('bypass node access') && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
+ if (!\Drupal::currentUser()->hasPermission('bypass node access') && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
$query->condition($node_alias . '.status', 1);
}
}
diff --git a/core/modules/comment/src/Tests/CommentLinksTest.php b/core/modules/comment/src/Tests/CommentLinksTest.php
index 3b40bdd308a2..5b2debba2a01 100644
--- a/core/modules/comment/src/Tests/CommentLinksTest.php
+++ b/core/modules/comment/src/Tests/CommentLinksTest.php
@@ -258,7 +258,7 @@ function assertCommentLinks(array $info) {
// authenticated users are allowed to post comments.
// @see \Drupal\comment\CommentManagerInterface::forbiddenMessage()
if (!$this->loggedInUser) {
- if (user_access('post comments', $this->web_user)) {
+ if ($this->web_user->hasPermission('post comments')) {
// The note depends on whether users are actually able to register.
if ($info['user_register'] != USER_REGISTER_ADMINISTRATORS_ONLY) {
$this->assertText('Log in or register to post comments');
diff --git a/core/modules/contact/src/MessageForm.php b/core/modules/contact/src/MessageForm.php
index 5915fd0cf5d0..85dabd1afb94 100644
--- a/core/modules/contact/src/MessageForm.php
+++ b/core/modules/contact/src/MessageForm.php
@@ -248,7 +248,7 @@ public function save(array $form, array &$form_state) {
// To avoid false error messages caused by flood control, redirect away from
// the contact form; either to the contacted user account or the front page.
- if ($message->isPersonal() && user_access('access user profiles')) {
+ if ($message->isPersonal() && $user->hasPermission('access user profiles')) {
$form_state['redirect_route'] = $message->getPersonalRecipient()->urlInfo();
}
else {
diff --git a/core/modules/content_translation/content_translation.admin.inc b/core/modules/content_translation/content_translation.admin.inc
index 343a108e3516..7e7e790eeacb 100644
--- a/core/modules/content_translation/content_translation.admin.inc
+++ b/core/modules/content_translation/content_translation.admin.inc
@@ -63,7 +63,7 @@ function content_translation_field_sync_widget(FieldDefinitionInterface $field)
function _content_translation_form_language_content_settings_form_alter(array &$form, array &$form_state) {
// Inject into the content language settings the translation settings if the
// user has the required permission.
- if (!user_access('administer content translation')) {
+ if (!\Drupal::currentUser()->hasPermission('administer content translation')) {
return;
}
@@ -139,7 +139,7 @@ function _content_translation_form_language_content_settings_form_alter(array &$
function _content_translation_preprocess_language_content_settings_table(&$variables) {
// Alter the 'build' variable injecting the translation settings if the user
// has the required permission.
- if (!user_access('administer content translation')) {
+ if (!\Drupal::currentUser()->hasPermission('administer content translation')) {
return;
}
diff --git a/core/modules/content_translation/content_translation.module b/core/modules/content_translation/content_translation.module
index 0d22898397b5..858ffba4b014 100644
--- a/core/modules/content_translation/content_translation.module
+++ b/core/modules/content_translation/content_translation.module
@@ -249,8 +249,9 @@ function _content_translation_menu_strip_loaders($path) {
* The entity whose translation overview should be displayed.
*/
function content_translation_translate_access(EntityInterface $entity) {
+ $account = \Drupal::currentUser();
return $entity instanceof ContentEntityInterface && empty($entity->getUntranslated()->language()->locked) && \Drupal::languageManager()->isMultilingual() && $entity->isTranslatable() &&
- (user_access('create content translations') || user_access('update content translations') || user_access('delete content translations'));
+ ($account->hasPermission('create content translations') || $account->hasPermission('update content translations') || $account->hasPermission('delete content translations'));
}
/**
@@ -494,9 +495,12 @@ function content_translation_language_fallback_candidates_entity_view_alter(&$ca
$entity_type_id = $entity->getEntityTypeId();
$entity_type = $entity->getEntityType();
$permission = $entity_type->getPermissionGranularity() == 'bundle' ? $permission = "translate {$entity->bundle()} $entity_type_id" : "translate $entity_type_id";
- foreach ($entity->getTranslationLanguages() as $langcode => $language) {
- if (empty($entity->translation[$langcode]['status']) && !user_access('translate any entity') && !user_access($permission)) {
- unset($candidates[$langcode]);
+ $current_user = \Drupal::currentuser();
+ if (!$current_user->hasPermission('translate any entity') && !$current_user->hasPermission($permission)) {
+ foreach ($entity->getTranslationLanguages() as $langcode => $language) {
+ if (empty($entity->translation[$langcode]['status'])) {
+ unset($candidates[$langcode]);
+ }
}
}
}
@@ -742,7 +746,7 @@ function content_translation_enable_widget($entity_type, $bundle, array &$form,
* Processed language configuration element.
*/
function content_translation_language_configuration_element_process(array $element, array &$form_state, array &$form) {
- if (empty($element['#content_translation_skip_alter']) && user_access('administer content translation')) {
+ if (empty($element['#content_translation_skip_alter']) && \Drupal::currentUser()->hasPermission('administer content translation')) {
$form_state['content_translation']['key'] = $element['#name'];
$context = $form_state['language'][$element['#name']];
diff --git a/core/modules/content_translation/src/ContentTranslationHandler.php b/core/modules/content_translation/src/ContentTranslationHandler.php
index 500ae4978ef9..7510d2e07990 100644
--- a/core/modules/content_translation/src/ContentTranslationHandler.php
+++ b/core/modules/content_translation/src/ContentTranslationHandler.php
@@ -65,10 +65,11 @@ public function getTranslationAccess(EntityInterface $entity, $op) {
$translate_permission = TRUE;
// If no permission granularity is defined this entity type does not need an
// explicit translate permission.
- if (!user_access('translate any entity') && $permission_granularity = $entity_type->getPermissionGranularity()) {
- $translate_permission = user_access($permission_granularity == 'bundle' ? "translate {$entity->bundle()} {$entity->getEntityTypeId()}" : "translate {$entity->getEntityTypeId()}");
+ $current_user = \Drupal::currentUser();
+ if (!$current_user->hasPermission('translate any entity') && $permission_granularity = $entity_type->getPermissionGranularity()) {
+ $translate_permission = $current_user->hasPermission($permission_granularity == 'bundle' ? "translate {$entity->bundle()} {$entity->getEntityTypeId()}" : "translate {$entity->getEntityTypeId()}");
}
- return $translate_permission && user_access("$op content translations");
+ return $translate_permission && $current_user->hasPermission("$op content translations");
}
/**
diff --git a/core/modules/field_ui/field_ui.module b/core/modules/field_ui/field_ui.module
index 1dbee70c449c..4fe550ccd3a5 100644
--- a/core/modules/field_ui/field_ui.module
+++ b/core/modules/field_ui/field_ui.module
@@ -169,19 +169,20 @@ function field_ui_entity_operation(EntityInterface $entity) {
// Add manage fields and display links if this entity type is the bundle
// of another.
if ($bundle_of = $info->getBundleOf()) {
- if (user_access('administer '. $bundle_of . ' fields')) {
+ $account = \Drupal::currentUser();
+ if ($account->hasPermission('administer '. $bundle_of . ' fields')) {
$operations['manage-fields'] = array(
'title' => t('Manage fields'),
'weight' => 15,
) + $entity->urlInfo('field_ui-fields')->toArray();
}
- if (user_access('administer '. $bundle_of . ' form display')) {
+ if ($account->hasPermission('administer '. $bundle_of . ' form display')) {
$operations['manage-form-display'] = array(
'title' => t('Manage form display'),
'weight' => 20,
) + $entity->urlInfo('field_ui-form-display')->toArray();
}
- if (user_access('administer '. $bundle_of . ' display')) {
+ if ($account->hasPermission('administer '. $bundle_of . ' display')) {
$operations['manage-display'] = array(
'title' => t('Manage display'),
'weight' => 25,
diff --git a/core/modules/filter/filter.module b/core/modules/filter/filter.module
index 9d38bba05145..68b445e8d96c 100644
--- a/core/modules/filter/filter.module
+++ b/core/modules/filter/filter.module
@@ -622,7 +622,7 @@ function filter_process_format($element) {
$format_exists = isset($all_formats[$element['#format']]);
$format_allowed = !isset($element['#allowed_formats']) || in_array($element['#format'], $element['#allowed_formats']);
$user_has_access = isset($formats[$element['#format']]);
- $user_is_admin = user_access('administer filters');
+ $user_is_admin = \Drupal::currentUser()->hasPermission('administer filters');
// If the stored format does not exist or if it is not among the allowed
// formats for this textarea, administrators have to assign a new format.
diff --git a/core/modules/filter/src/Tests/FilterFormatAccessTest.php b/core/modules/filter/src/Tests/FilterFormatAccessTest.php
index 8689305ea488..9f4234f6a58f 100644
--- a/core/modules/filter/src/Tests/FilterFormatAccessTest.php
+++ b/core/modules/filter/src/Tests/FilterFormatAccessTest.php
@@ -132,8 +132,8 @@ function testFormatPermissions() {
// Make sure that a regular user only has permission to use the format
// they were granted access to.
- $this->assertTrue(user_access($this->allowed_format->getPermissionName(), $this->web_user), 'A regular user has permission to use the allowed text format.');
- $this->assertFalse(user_access($this->disallowed_format->getPermissionName(), $this->web_user), 'A regular user does not have permission to use the disallowed text format.');
+ $this->assertTrue($this->web_user->hasPermission($this->allowed_format->getPermissionName()), 'A regular user has permission to use the allowed text format.');
+ $this->assertFalse($this->web_user->hasPermission($this->disallowed_format->getPermissionName()), 'A regular user does not have permission to use the disallowed text format.');
// Make sure that the allowed format appears on the node form and that
// the disallowed format does not.
diff --git a/core/modules/node/node.api.php b/core/modules/node/node.api.php
index 247c239ca4ec..dd47b47c7ce7 100644
--- a/core/modules/node/node.api.php
+++ b/core/modules/node/node.api.php
@@ -79,7 +79,7 @@
* @ingroup node_access
*/
function hook_node_grants(\Drupal\Core\Session\AccountInterface $account, $op) {
- if (user_access('access private content', $account)) {
+ if ($account->hasPermission('access private content')) {
$grants['example'] = array(1);
}
$grants['example_owner'] = array($account->id());
@@ -311,7 +311,7 @@ function hook_node_grants_alter(&$grants, \Drupal\Core\Session\AccountInterface
* - "delete"
* - "update"
* - "view"
- * @param object $account
+ * @param \Drupal\Core\Session\AccountInterface $account
* The user object to perform the access check operation on.
* @param object $langcode
* The language code to perform the access check operation on.
@@ -323,23 +323,23 @@ function hook_node_grants_alter(&$grants, \Drupal\Core\Session\AccountInterface
*
* @ingroup node_access
*/
-function hook_node_access(\Drupal\node\NodeInterface $node, $op, $account, $langcode) {
+function hook_node_access(\Drupal\node\NodeInterface $node, $op, \Drupal\Core\Session\AccountInterface $account, $langcode) {
$type = is_string($node) ? $node : $node->getType();
$configured_types = node_permissions_get_configured_types();
if (isset($configured_types[$type])) {
- if ($op == 'create' && user_access('create ' . $type . ' content', $account)) {
+ if ($op == 'create' && $account->hasPermission('create ' . $type . ' content')) {
return NODE_ACCESS_ALLOW;
}
if ($op == 'update') {
- if (user_access('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
+ if ($account->hasPermission('edit any ' . $type . ' content', $account) || ($account->hasPermission('edit own ' . $type . ' content') && ($account->id() == $node->getOwnerId()))) {
return NODE_ACCESS_ALLOW;
}
}
if ($op == 'delete') {
- if (user_access('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
+ if ($account->hasPermission('delete any ' . $type . ' content', $account) || ($account->hasPermission('delete own ' . $type . ' content') && ($account->id() == $node->getOwnerId()))) {
return NODE_ACCESS_ALLOW;
}
}
diff --git a/core/modules/node/node.module b/core/modules/node/node.module
index a34ca8225c08..f23559e533bc 100644
--- a/core/modules/node/node.module
+++ b/core/modules/node/node.module
@@ -93,7 +93,7 @@ function node_help($route_name, RouteMatchInterface $route_match) {
// for rebuild. We don't need to issue the message on the confirm form, or
// while the rebuild is being processed.
if ($route_name != 'node.configure_rebuild_confirm' && $route_name != 'system.batch_page.normal' && $route_name != 'help.page.node' && $route_name != 'help.main'
- && user_access('access administration pages') && node_access_needs_rebuild()) {
+ && \Drupal::currentUser()->hasPermission('access administration pages') && node_access_needs_rebuild()) {
if ($route_name == 'system.status') {
$message = t('The content access permissions need to be rebuilt.');
}
@@ -1159,18 +1159,18 @@ function node_node_access(NodeInterface $node, $op, $account) {
$configured_types = node_permissions_get_configured_types();
if (isset($configured_types[$type])) {
- if ($op == 'create' && user_access('create ' . $type . ' content', $account)) {
+ if ($op == 'create' && $account->hasPermission('create ' . $type . ' content', $account)) {
return NODE_ACCESS_ALLOW;
}
if ($op == 'update') {
- if (user_access('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
+ if ($account->hasPermission('edit any ' . $type . ' content', $account) || ($account->hasPermission('edit own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
return NODE_ACCESS_ALLOW;
}
}
if ($op == 'delete') {
- if (user_access('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
+ if ($account->hasPermission('delete any ' . $type . ' content', $account) || ($account->hasPermission('delete own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
return NODE_ACCESS_ALLOW;
}
}
@@ -1349,7 +1349,7 @@ function node_query_node_access_alter(AlterableInterface $query) {
// If $account can bypass node access, or there are no node access modules,
// or the operation is 'view' and the $account has a global view grant
// (such as a view grant for node ID 0), we don't need to alter the query.
- if (user_access('bypass node access', $account)) {
+ if ($account->hasPermission('bypass node access')) {
return;
}
if (!count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
diff --git a/core/modules/node/node.views_execution.inc b/core/modules/node/node.views_execution.inc
index daedc338810c..f97b8adeccb5 100644
--- a/core/modules/node/node.views_execution.inc
+++ b/core/modules/node/node.views_execution.inc
@@ -11,10 +11,11 @@
* Implements hook_views_query_substitutions().
*/
function node_views_query_substitutions(ViewExecutable $view) {
+ $account = \Drupal::currentUser();
return array(
- '***ADMINISTER_NODES***' => intval(user_access('administer nodes')),
- '***VIEW_OWN_UNPUBLISHED_NODES***' => intval(user_access('view own unpublished content')),
- '***BYPASS_NODE_ACCESS***' => intval(user_access('bypass node access')),
+ '***ADMINISTER_NODES***' => intval($account->hasPermission('administer nodes')),
+ '***VIEW_OWN_UNPUBLISHED_NODES***' => intval($account->hasPermission('view own unpublished content')),
+ '***BYPASS_NODE_ACCESS***' => intval($account->hasPermission('bypass node access')),
);
}
diff --git a/core/modules/node/src/NodeAccessController.php b/core/modules/node/src/NodeAccessController.php
index 6c058ad7b213..ab38a266c171 100644
--- a/core/modules/node/src/NodeAccessController.php
+++ b/core/modules/node/src/NodeAccessController.php
@@ -59,10 +59,12 @@ public static function createInstance(ContainerInterface $container, EntityTypeI
* {@inheritdoc}
*/
public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL) {
- if (user_access('bypass node access', $account)) {
+ $account = $this->prepareUser($account);
+
+ if ($account->hasPermission('bypass node access')) {
return TRUE;
}
- if (!user_access('access content', $account)) {
+ if (!$account->hasPermission('access content')) {
return FALSE;
}
return parent::access($entity, $operation, $langcode, $account);
@@ -74,10 +76,10 @@ public function access(EntityInterface $entity, $operation, $langcode = Language
public function createAccess($entity_bundle = NULL, AccountInterface $account = NULL, array $context = array()) {
$account = $this->prepareUser($account);
- if (user_access('bypass node access', $account)) {
+ if ($account->hasPermission('bypass node access')) {
return TRUE;
}
- if (!user_access('access content', $account)) {
+ if (!$account->hasPermission('access content')) {
return FALSE;
}
@@ -96,7 +98,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc
$uid = $translation->getOwnerId();
// Check if authors can view their own unpublished nodes.
- if ($operation === 'view' && !$status && user_access('view own unpublished content', $account)) {
+ if ($operation === 'view' && !$status && $account->hasPermission('view own unpublished content')) {
if ($account->id() != 0 && $account->id() == $uid) {
return TRUE;
@@ -122,7 +124,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
$configured_types = node_permissions_get_configured_types();
if (isset($configured_types[$entity_bundle])) {
- return user_access('create ' . $entity_bundle . ' content', $account);
+ return $account->hasPermission('create ' . $entity_bundle . ' content');
}
}
diff --git a/core/modules/node/src/NodeForm.php b/core/modules/node/src/NodeForm.php
index 9e3dafc9dc12..69d91a5d7766 100644
--- a/core/modules/node/src/NodeForm.php
+++ b/core/modules/node/src/NodeForm.php
@@ -53,6 +53,7 @@ public function form(array $form, array &$form_state) {
$form['#title'] = $this->t('<em>Edit @type</em> @title', array('@type' => node_get_type_label($node), '@title' => $node->label()));
}
+ $current_user = \Drupal::currentUser();
$user_config = \Drupal::config('user.settings');
// Some special stuff when previewing a node.
if (isset($form_state['node_preview'])) {
@@ -112,7 +113,7 @@ public function form(array $form, array &$form_state) {
'#type' => 'checkbox',
'#title' => t('Create new revision'),
'#default_value' => !empty($this->settings['options']['revision']),
- '#access' => $node->isNewRevision() || user_access('administer nodes'),
+ '#access' => $node->isNewRevision() || $current_user->hasPermission('administer nodes'),
'#group' => 'revision_information',
);
@@ -128,7 +129,7 @@ public function form(array $form, array &$form_state) {
),
),
'#group' => 'revision_information',
- '#access' => $node->isNewRevision() || user_access('administer nodes'),
+ '#access' => $node->isNewRevision() || $current_user->hasPermission('administer nodes'),
);
// Node author information for administrators.
@@ -161,7 +162,7 @@ public function form(array $form, array &$form_state) {
'#weight' => -1,
'#description' => t('Leave blank for %anonymous.', array('%anonymous' => $user_config->get('anonymous'))),
'#group' => 'author',
- '#access' => user_access('administer nodes'),
+ '#access' => $current_user->hasPermission('administer nodes'),
);
$form['created'] = array(
'#type' => 'textfield',
@@ -170,7 +171,7 @@ public function form(array $form, array &$form_state) {
'#description' => t('Format: %time. The date format is YYYY-MM-DD and %timezone is the time zone offset from UTC. Leave blank to use the time of form submission.', array('%time' => !empty($node->date) ? date_format(date_create($node->date), 'Y-m-d H:i:s O') : format_date($node->getCreatedTime(), 'custom', 'Y-m-d H:i:s O'), '%timezone' => !empty($node->date) ? date_format(date_create($node->date), 'O') : format_date($node->getCreatedTime(), 'custom', 'O'))),
'#default_value' => !empty($node->date) ? $node->date : '',
'#group' => 'author',
- '#access' => user_access('administer nodes'),
+ '#access' => $current_user->hasPermission('administer nodes'),
);
// Node options for administrators.
@@ -193,7 +194,7 @@ public function form(array $form, array &$form_state) {
'#title' => t('Promoted to front page'),
'#default_value' => $node->isPromoted(),
'#group' => 'options',
- '#access' => user_access('administer nodes'),
+ '#access' => $current_user->hasPermission('administer nodes'),
);
$form['sticky'] = array(
@@ -201,7 +202,7 @@ public function form(array $form, array &$form_state) {
'#title' => t('Sticky at top of lists'),
'#default_value' => $node->isSticky(),
'#group' => 'options',
- '#access' => user_access('administer nodes'),
+ '#access' => $current_user->hasPermission('administer nodes'),
);
return parent::form($form, $form_state, $node);
@@ -223,7 +224,7 @@ protected function actions(array $form, array &$form_state) {
// modules to integrate with "the Save operation" of this form. Modules
// need a way to plug themselves into 1) the ::submit() step, and
// 2) the ::save() step, both decoupled from the pressed form button.
- if ($element['submit']['#access'] && user_access('administer nodes')) {
+ if ($element['submit']['#access'] && \Drupal::currentUser()->hasPermission('administer nodes')) {
// isNew | prev status » default & publish label & unpublish label
// 1 | 1 » publish & Save and publish & Save as unpublished
// 1 | 0 » unpublish & Save and publish & Save as unpublished
diff --git a/core/modules/node/src/Plugin/entity_reference/selection/NodeSelection.php b/core/modules/node/src/Plugin/entity_reference/selection/NodeSelection.php
index dbbda10e2341..f850270cd8db 100644
--- a/core/modules/node/src/Plugin/entity_reference/selection/NodeSelection.php
+++ b/core/modules/node/src/Plugin/entity_reference/selection/NodeSelection.php
@@ -32,7 +32,7 @@ public function buildEntityQuery($match = NULL, $match_operator = 'CONTAINS') {
// 'unpublished'. We need to do that as long as there are no access control
// modules in use on the site. As long as one access control module is there,
// it is supposed to handle this check.
- if (!user_access('bypass node access') && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
+ if (!\Drupal::currentUser()->hasPermission('bypass node access') && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
$query->condition('status', NODE_PUBLISHED);
}
return $query;
diff --git a/core/modules/node/src/Tests/NodeRevisionPermissionsTest.php b/core/modules/node/src/Tests/NodeRevisionPermissionsTest.php
index bba2587c0464..57c32c37c0ff 100644
--- a/core/modules/node/src/Tests/NodeRevisionPermissionsTest.php
+++ b/core/modules/node/src/Tests/NodeRevisionPermissionsTest.php
@@ -94,7 +94,7 @@ function testNodeRevisionAccessAnyType() {
foreach ($permutations as $case) {
// Skip this test if there are no revisions for the node.
if (!($revision->isDefaultRevision() && (db_query('SELECT COUNT(vid) FROM {node_field_revision} WHERE nid = :nid', array(':nid' => $revision->id()))->fetchField() == 1 || $case['op'] == 'update' || $case['op'] == 'delete'))) {
- if (!empty($case['account']->is_admin) || user_access($this->map[$case['op']], $case['account'])) {
+ if (!empty($case['account']->is_admin) || $case['account']->hasPermission($this->map[$case['op']])) {
$this->assertTrue($node_revision_access->checkAccess($revision, $case['account'], $case['op']), "{$this->map[$case['op']]} granted.");
}
else {
@@ -141,7 +141,7 @@ function testNodeRevisionAccessPerType() {
foreach ($permutations as $case) {
// Skip this test if there are no revisions for the node.
if (!($revision->isDefaultRevision() && (db_query('SELECT COUNT(vid) FROM {node_field_revision} WHERE nid = :nid', array(':nid' => $revision->id()))->fetchField() == 1 || $case['op'] == 'update' || $case['op'] == 'delete'))) {
- if (!empty($case['account']->is_admin) || user_access($this->type_map[$case['op']], $case['account'])) {
+ if (!empty($case['account']->is_admin) || $case['account']->hasPermission($this->type_map[$case['op']], $case['account'])) {
$this->assertTrue($node_revision_access->checkAccess($revision, $case['account'], $case['op']), "{$this->type_map[$case['op']]} granted.");
}
else {
diff --git a/core/modules/node/tests/modules/node_access_test/node_access_test.module b/core/modules/node/tests/modules/node_access_test/node_access_test.module
index 696f29ef9bbf..64c7476d4b39 100644
--- a/core/modules/node/tests/modules/node_access_test/node_access_test.module
+++ b/core/modules/node/tests/modules/node_access_test/node_access_test.module
@@ -49,7 +49,7 @@
function node_access_test_node_grants($account, $op) {
$grants = array();
$grants['node_access_test_author'] = array($account->id());
- if ($op == 'view' && user_access('node test view', $account)) {
+ if ($op == 'view' && $account->hasPermission('node test view', $account)) {
$grants['node_access_test'] = array(8888, 8889);
}
diff --git a/core/modules/system/entity.api.php b/core/modules/system/entity.api.php
index 1bab346dd20c..5388dab3cf2a 100644
--- a/core/modules/system/entity.api.php
+++ b/core/modules/system/entity.api.php
@@ -1521,7 +1521,7 @@ function hook_entity_operation_alter(array &$operations, \Drupal\Core\Entity\Ent
*/
function hook_entity_field_access($operation, \Drupal\Core\Field\FieldDefinitionInterface $field_definition, \Drupal\Core\Session\AccountInterface $account, \Drupal\Core\Field\FieldItemListInterface $items = NULL) {
if ($field_definition->getName() == 'field_of_interest' && $operation == 'edit') {
- return user_access('update field of interest', $account);
+ return $account->hasPermission('update field of interest');
}
}
diff --git a/core/modules/system/src/Form/ModulesListForm.php b/core/modules/system/src/Form/ModulesListForm.php
index f825071da6a1..da1ecd05bbc7 100644
--- a/core/modules/system/src/Form/ModulesListForm.php
+++ b/core/modules/system/src/Form/ModulesListForm.php
@@ -235,7 +235,7 @@ protected function buildRow(array $modules, Extension $module, $distribution) {
// Generate link for module's permission, if the user has access to it.
$row['links']['permissions'] = array();
- if ($module->status && user_access('administer permissions') && in_array($module->getName(), $this->moduleHandler->getImplementations('permission'))) {
+ if ($module->status && \Drupal::currentUser()->hasPermission('administer permissions') && in_array($module->getName(), $this->moduleHandler->getImplementations('permission'))) {
$row['links']['permissions'] = array(
'#type' => 'link',
'#title' => $this->t('Permissions'),
diff --git a/core/modules/system/system.api.php b/core/modules/system/system.api.php
index c975257a4c36..857145b1ca0a 100644
--- a/core/modules/system/system.api.php
+++ b/core/modules/system/system.api.php
@@ -946,7 +946,7 @@ function hook_system_info_alter(array &$info, \Drupal\Core\Extension\Extension $
* can be selected on the user permissions page and used to grant or restrict
* access to actions the module performs.
*
- * Permissions are checked using user_access().
+ * Permissions are checked using \Drupal::currentUser()->hasPermission().
*
* For a detailed usage example, see page_example.module.
*
@@ -1232,7 +1232,7 @@ function hook_theme_registry_alter(&$theme_registry) {
* @see _template_preprocess_default_variables()
*/
function hook_template_preprocess_default_variables_alter(&$variables) {
- $variables['is_admin'] = user_access('access administration pages');
+ $variables['is_admin'] = \Drupal::currentUser()->hasPermission('access administration pages');
}
/**
@@ -1834,7 +1834,7 @@ function hook_query_TAG_alter(Drupal\Core\Database\Query\AlterableInterface $que
$op = 'view';
}
// Skip the extra joins and conditions for node admins.
- if (!user_access('bypass node access')) {
+ if (!\Drupal::currentUser()->hasPermission('bypass node access')) {
// The node_access table has the access grants for any given node.
$access_alias = $query->join('node_access', 'na', '%alias.nid = n.nid');
$or = db_or();
diff --git a/core/modules/system/system.module b/core/modules/system/system.module
index 4a57520bdbcc..74fc69b008f1 100644
--- a/core/modules/system/system.module
+++ b/core/modules/system/system.module
@@ -754,7 +754,7 @@ function system_stream_wrappers() {
* Menu item access callback - only enabled themes can be accessed.
*/
function _system_themes_access($theme) {
- return user_access('administer themes') && drupal_theme_access($theme);
+ return \Drupal::currentUser()->hasPermission('administer themes') && drupal_theme_access($theme);
}
/**
diff --git a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php
index 5f2348738fbc..9f5fd46d8489 100644
--- a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php
+++ b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php
@@ -23,12 +23,12 @@ class EntityTestAccessController extends EntityAccessController {
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
if ($operation === 'view') {
if ($langcode != LanguageInterface::LANGCODE_DEFAULT) {
- return user_access('view test entity translations', $account);
+ return $account->hasPermission('view test entity translations');
}
- return user_access('view test entity', $account);
+ return $account->hasPermission('view test entity');
}
elseif (in_array($operation, array('update', 'delete'))) {
- return user_access('administer entity_test content', $account);
+ return $account->hasPermission('administer entity_test content');
}
}
@@ -36,7 +36,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
- return user_access('administer entity_test content', $account);
+ return $account->hasPermission('administer entity_test content');
}
}
diff --git a/core/modules/system/theme.api.php b/core/modules/system/theme.api.php
index 08c9cf0df592..ecfa22906110 100644
--- a/core/modules/system/theme.api.php
+++ b/core/modules/system/theme.api.php
@@ -199,7 +199,7 @@ function hook_preprocess(&$variables, $hook) {
// Add contextual links to the variables, if the user has permission.
- if (!user_access('access contextual links')) {
+ if (!\Drupal::currentUser()->hasPermission('access contextual links')) {
return;
}
diff --git a/core/modules/toolbar/toolbar.module b/core/modules/toolbar/toolbar.module
index 83917807c614..c80387238cf2 100644
--- a/core/modules/toolbar/toolbar.module
+++ b/core/modules/toolbar/toolbar.module
@@ -151,7 +151,7 @@ function _toolbar_initialize_page_cache() {
function toolbar_page_build(&$page) {
$page['page_top']['toolbar'] = array(
'#type' => 'toolbar',
- '#access' => user_access('access toolbar'),
+ '#access' => \Drupal::currentUser()->hasPermission('access toolbar'),
);
}
diff --git a/core/modules/update/update.module b/core/modules/update/update.module
index 243eae9ace09..1dbfcf972e66 100644
--- a/core/modules/update/update.module
+++ b/core/modules/update/update.module
@@ -164,7 +164,7 @@ function update_page_build() {
* @see update_menu()
*/
function update_manager_access() {
- return Settings::get('allow_authorize_operations', TRUE) && user_access('administer software updates');
+ return Settings::get('allow_authorize_operations', TRUE) && \Drupal::currentUser()->hasPermission('administer software updates');
}
/**
diff --git a/core/modules/views/views.api.php b/core/modules/views/views.api.php
index 578e376d7d35..836f4bea3cb2 100644
--- a/core/modules/views/views.api.php
+++ b/core/modules/views/views.api.php
@@ -480,7 +480,9 @@ function hook_views_form_substitutions() {
function hook_views_pre_view(ViewExecutable $view, $display_id, array &$args) {
// Modify contextual filters for my_special_view if user has 'my special permission'.
- if ($view->name == 'my_special_view' && user_access('my special permission')) {
+ $account = \Drupal::currentUser();
+
+ if ($view->name == 'my_special_view' && $account->hasPermission('my special permission') && $display_id == 'public_display') {
$args[0] = 'custom value';
}
}
@@ -547,7 +549,9 @@ function hook_views_pre_execute(ViewExecutable $view) {
// view administrators that the query might be heavy.
// (This action could be performed later in the execution process, but not
// earlier.)
- if (count($view->query->tables) > 2 && user_access('administer views')) {
+ $account = \Drupal::currentUser();
+
+ if (count($view->query->tables) > 2 && $account->hasPermission('administer views')) {
drupal_set_message(t('The view %view may be heavy to execute.', array('%view' => $view->name)), 'warning');
}
}
diff --git a/core/modules/views/views.module b/core/modules/views/views.module
index 886a599410d1..f92f39e1ee0e 100644
--- a/core/modules/views/views.module
+++ b/core/modules/views/views.module
@@ -338,7 +338,7 @@ function views_page_alter(&$page) {
*/
function views_preprocess_page(&$variables) {
// Early-return to prevent adding unnecessary JavaScript.
- if (!user_access('access contextual links')) {
+ if (!\Drupal::currentUser()->hasPermission('access contextual links')) {
return;
}
--
GitLab