From 723e5ea563b940f684b48a2f16f2f2c6d66d8440 Mon Sep 17 00:00:00 2001
From: Alex Pott <alex.a.pott@googlemail.com>
Date: Sat, 25 Jan 2014 20:38:13 +0100
Subject: [PATCH] Issue #2172973 by tim.plunkett: Ensure ConfigEntities
providing a list controller use admin_permission.
---
.../Drupal/block/BlockAccessController.php | 2 +-
.../block/lib/Drupal/block/Entity/Block.php | 1 +
.../contact/CategoryAccessController.php | 5 ++---
.../lib/Drupal/contact/Entity/Category.php | 1 +
.../lib/Drupal/filter/Entity/FilterFormat.php | 1 +
.../filter/FilterFormatAccessController.php | 9 +--------
.../system/DateFormatAccessController.php | 5 +++--
.../lib/Drupal/system/Entity/DateFormat.php | 1 +
.../system/lib/Drupal/system/Entity/Menu.php | 1 +
.../Drupal/system/MenuAccessController.php | 19 ++++---------------
10 files changed, 16 insertions(+), 29 deletions(-)
diff --git a/core/modules/block/lib/Drupal/block/BlockAccessController.php b/core/modules/block/lib/Drupal/block/BlockAccessController.php
index 315e4f6ec97f..6e2c1a512d55 100644
--- a/core/modules/block/lib/Drupal/block/BlockAccessController.php
+++ b/core/modules/block/lib/Drupal/block/BlockAccessController.php
@@ -56,7 +56,7 @@ public static function createInstance(ContainerInterface $container, EntityTypeI
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
if ($operation != 'view') {
- return $account->hasPermission('administer blocks');
+ return parent::checkAccess($entity, $operation, $langcode, $account);
}
// Deny access to disabled blocks.
diff --git a/core/modules/block/lib/Drupal/block/Entity/Block.php b/core/modules/block/lib/Drupal/block/Entity/Block.php
index 926ef07bc92d..fe82d446d378 100644
--- a/core/modules/block/lib/Drupal/block/Entity/Block.php
+++ b/core/modules/block/lib/Drupal/block/Entity/Block.php
@@ -29,6 +29,7 @@
* }
* },
* config_prefix = "block.block",
+ * admin_permission = "administer blocks",
* fieldable = FALSE,
* entity_keys = {
* "id" = "id",
diff --git a/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php b/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php
index 59ee2c7f0cbe..f798d7980f3d 100644
--- a/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php
+++ b/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php
@@ -31,9 +31,8 @@ public function checkAccess(EntityInterface $entity, $operation, $langcode, Acco
// the personal contact form.
return $account->hasPermission('administer contact forms') && $entity->id() !== 'personal';
}
- else {
- return $account->hasPermission('administer contact forms');
- }
+
+ return parent::checkAccess($entity, $operation, $langcode, $account);
}
}
diff --git a/core/modules/contact/lib/Drupal/contact/Entity/Category.php b/core/modules/contact/lib/Drupal/contact/Entity/Category.php
index 2c2166acab59..86fa0f1fb3e7 100644
--- a/core/modules/contact/lib/Drupal/contact/Entity/Category.php
+++ b/core/modules/contact/lib/Drupal/contact/Entity/Category.php
@@ -28,6 +28,7 @@
* }
* },
* config_prefix = "contact.category",
+ * admin_permission = "administer contact forms",
* bundle_of = "contact_message",
* entity_keys = {
* "id" = "id",
diff --git a/core/modules/filter/lib/Drupal/filter/Entity/FilterFormat.php b/core/modules/filter/lib/Drupal/filter/Entity/FilterFormat.php
index fa0d2cc67091..0bb5dec875e1 100644
--- a/core/modules/filter/lib/Drupal/filter/Entity/FilterFormat.php
+++ b/core/modules/filter/lib/Drupal/filter/Entity/FilterFormat.php
@@ -30,6 +30,7 @@
* "storage" = "Drupal\Core\Config\Entity\ConfigStorageController"
* },
* config_prefix = "filter.format",
+ * admin_permission = "administer filters",
* entity_keys = {
* "id" = "format",
* "label" = "name",
diff --git a/core/modules/filter/lib/Drupal/filter/FilterFormatAccessController.php b/core/modules/filter/lib/Drupal/filter/FilterFormatAccessController.php
index a1edbd963e2d..9d3207d0a3f8 100644
--- a/core/modules/filter/lib/Drupal/filter/FilterFormatAccessController.php
+++ b/core/modules/filter/lib/Drupal/filter/FilterFormatAccessController.php
@@ -31,7 +31,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
return FALSE;
}
- if ($operation != 'view' && $account->hasPermission('administer filters')) {
+ if ($operation != 'view' && parent::checkAccess($entity, $operation, $langcode, $account)) {
return TRUE;
}
@@ -41,11 +41,4 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
return !empty($permission) && $account->hasPermission($permission);
}
- /**
- * {@inheritdoc}
- */
- protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
- return $account->hasPermission('administer filters');
- }
-
}
diff --git a/core/modules/system/lib/Drupal/system/DateFormatAccessController.php b/core/modules/system/lib/Drupal/system/DateFormatAccessController.php
index 9608271fc838..a5483b627df8 100644
--- a/core/modules/system/lib/Drupal/system/DateFormatAccessController.php
+++ b/core/modules/system/lib/Drupal/system/DateFormatAccessController.php
@@ -25,10 +25,11 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
return TRUE;
}
// Locked date formats cannot be updated or deleted.
- if (in_array($operation, array('update', 'delete')) && $entity->isLocked()) {
+ elseif (in_array($operation, array('update', 'delete')) && $entity->isLocked()) {
return FALSE;
}
- return user_access('administer site configuration', $account);
+
+ return parent::checkAccess($entity, $operation, $langcode, $account);
}
}
diff --git a/core/modules/system/lib/Drupal/system/Entity/DateFormat.php b/core/modules/system/lib/Drupal/system/Entity/DateFormat.php
index 5b052523c63d..35ad4ab72303 100644
--- a/core/modules/system/lib/Drupal/system/Entity/DateFormat.php
+++ b/core/modules/system/lib/Drupal/system/Entity/DateFormat.php
@@ -34,6 +34,7 @@
* "label" = "label",
* "uuid" = "uuid"
* },
+ * admin_permission = "administer site configuration",
* links = {
* "edit-form" = "system.date_format_edit"
* }
diff --git a/core/modules/system/lib/Drupal/system/Entity/Menu.php b/core/modules/system/lib/Drupal/system/Entity/Menu.php
index fa5d7fda54d7..fb09c0464e4b 100644
--- a/core/modules/system/lib/Drupal/system/Entity/Menu.php
+++ b/core/modules/system/lib/Drupal/system/Entity/Menu.php
@@ -21,6 +21,7 @@
* "access" = "Drupal\system\MenuAccessController"
* },
* config_prefix = "system.menu",
+ * admin_permission = "administer menu",
* entity_keys = {
* "id" = "id",
* "label" = "label",
diff --git a/core/modules/system/lib/Drupal/system/MenuAccessController.php b/core/modules/system/lib/Drupal/system/MenuAccessController.php
index b6e7f7adc549..fe8436878c38 100644
--- a/core/modules/system/lib/Drupal/system/MenuAccessController.php
+++ b/core/modules/system/lib/Drupal/system/MenuAccessController.php
@@ -23,23 +23,12 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
if ($operation === 'view') {
return TRUE;
}
- elseif ($operation == 'delete') {
- // Locked menus could not be deleted.
- if ($entity->isLocked()) {
- return FALSE;
- }
+ // Locked menus could not be deleted.
+ elseif ($operation == 'delete' && $entity->isLocked()) {
+ return FALSE;
}
- if (in_array($operation, array('update', 'delete'))) {
- return $account->hasPermission('administer menu');
- }
- }
-
- /**
- * {@inheritdoc}
- */
- protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
- return $account->hasPermission('administer menu');
+ return parent::checkAccess($entity, $operation, $langcode, $account);
}
}
--
GitLab