diff --git a/core/modules/comment/comment.module b/core/modules/comment/comment.module
index 78426546494bfc6a1221b5d95f14b94ef8516b80..401a3cf99b38f813f5242ae6b45e885df04160d0 100644
--- a/core/modules/comment/comment.module
+++ b/core/modules/comment/comment.module
@@ -297,7 +297,6 @@ function comment_node_links_alter(array &$node_links, NodeInterface $node, array
}
$fields = \Drupal::service('comment.manager')->getFields('node');
- $current_user = \Drupal::currentUser();
foreach ($fields as $field_name => $detail) {
// Skip fields that the node does not have.
if (!$node->hasField($field_name)) {
@@ -323,7 +322,7 @@ function comment_node_links_alter(array &$node_links, NodeInterface $node, array
// Teaser view: display the number of comments that have been posted,
// or a link to add new comments if the user has permission, the node
// is open to new comments, and there currently are none.
- if ($current_user->hasPermission('access comments')) {
+ if (user_access('access comments')) {
if (!empty($node->get($field_name)->comment_count)) {
$links['comment-comments'] = array(
'title' => format_plural($node->get($field_name)->comment_count, '1 comment', '@count comments'),
@@ -349,7 +348,7 @@ function comment_node_links_alter(array &$node_links, NodeInterface $node, array
// Provide a link to new comment form.
if ($commenting_status == CommentItemInterface::OPEN) {
$comment_form_location = $field_definition->getSetting('form_location');
- if ($current_user->hasPermission('post comments')) {
+ if (user_access('post comments')) {
$links['comment-add'] = array(
'title' => t('Add new comment'),
'language' => $node->language(),
@@ -381,10 +380,10 @@ function comment_node_links_alter(array &$node_links, NodeInterface $node, array
// allowed to post comments and if this node is allowing new comments.
if ($commenting_status == CommentItemInterface::OPEN) {
$comment_form_location = $field_definition->getSetting('form_location');
- if ($current_user->hasPermission('post comments')) {
+ if (user_access('post comments')) {
// Show the "post comment" link if the form is on another page, or
// if there are existing comments that the link will skip past.
- if ($comment_form_location == COMMENT_FORM_SEPARATE_PAGE || (!empty($node->get($field_name)->comment_count) && $current_user->hasPermission('access comments'))) {
+ if ($comment_form_location == COMMENT_FORM_SEPARATE_PAGE || (!empty($node->get($field_name)->comment_count) && user_access('access comments'))) {
$links['comment-add'] = array(
'title' => t('Add new comment'),
'attributes' => array('title' => t('Share your thoughts and opinions related to this posting.')),
@@ -547,7 +546,7 @@ function comment_get_thread(EntityInterface $entity, $field_name, $mode, $commen
->addMetaData('entity', $entity)
->addMetaData('field_name', $field_name);
- if (!\Drupal::currentUser()->hasPermission('administer comments')) {
+ if (!user_access('administer comments')) {
$query->condition('c.status', CommentInterface::PUBLISHED);
$count_query->condition('c.status', CommentInterface::PUBLISHED);
}
@@ -1251,8 +1250,7 @@ function comment_ranking() {
*/
function comment_file_download_access($field, EntityInterface $entity, FileInterface $file) {
if ($entity instanceof CommentInterface) {
- $current_user = \Drupal::currentUser();
- if ($current_user->hasPermission('access comments') && $entity->isPublished() || $current_user->hasPermission('administer comments')) {
+ if (user_access('access comments') && $entity->isPublished() || user_access('administer comments')) {
$commented_entity = $entity->getCommentedEntity();
// Check access to parent entity.
return $commented_entity->access('view');
diff --git a/core/modules/comment/src/CommentAccessController.php b/core/modules/comment/src/CommentAccessController.php
index 81b426ebfb76f764bb917208944795de3662a6a3..fe03f3b9448913cd6ac59b7b169dfbc82e7c3bed 100644
--- a/core/modules/comment/src/CommentAccessController.php
+++ b/core/modules/comment/src/CommentAccessController.php
@@ -25,19 +25,19 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
/** @var \Drupal\Core\Entity\EntityInterface|\Drupal\user\EntityOwnerInterface $entity */
switch ($operation) {
case 'view':
- return $account->hasPermission('access comments');
+ return user_access('access comments', $account);
break;
case 'update':
- return ($account->id() && $account->id() == $entity->getOwnerId() && $entity->status->value == CommentInterface::PUBLISHED && $account->hasPermission('edit own comments')) || $account->hasPermission('administer comments');
+ return ($account->id() && $account->id() == $entity->getOwnerId() && $entity->status->value == CommentInterface::PUBLISHED && user_access('edit own comments', $account)) || user_access('administer comments', $account);
break;
case 'delete':
- return $account->hasPermission('administer comments');
+ return user_access('administer comments', $account);
break;
case 'approve':
- return $account->hasPermission('administer comments');
+ return user_access('administer comments', $account);
break;
}
}
@@ -46,7 +46,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
- return $account->hasPermission('post comments');
+ return user_access('post comments', $account);
}
}
diff --git a/core/modules/comment/src/Plugin/entity_reference/selection/CommentSelection.php b/core/modules/comment/src/Plugin/entity_reference/selection/CommentSelection.php
index b6f63a0bb185a7252a9fed73ee05a4fa486a5767..a1ebe2afafa2b77071cf5f1e2199f7b1444201bd 100644
--- a/core/modules/comment/src/Plugin/entity_reference/selection/CommentSelection.php
+++ b/core/modules/comment/src/Plugin/entity_reference/selection/CommentSelection.php
@@ -33,7 +33,7 @@ public function buildEntityQuery($match = NULL, $match_operator = 'CONTAINS') {
// Adding the 'comment_access' tag is sadly insufficient for comments:
// core requires us to also know about the concept of 'published' and
// 'unpublished'.
- if (!\Drupal::currentUser()->hasPermission('administer comments')) {
+ if (!user_access('administer comments')) {
$query->condition('status', CommentInterface::PUBLISHED);
}
return $query;
@@ -61,7 +61,7 @@ public function entityQueryAlter(SelectInterface $query) {
// Passing the query to node_query_node_access_alter() is sadly
// insufficient for nodes.
// @see SelectionEntityTypeNode::entityQueryAlter()
- if (!\Drupal::currentUser()->hasPermission('bypass node access') && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
+ if (!user_access('bypass node access') && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
$query->condition($node_alias . '.status', 1);
}
}
diff --git a/core/modules/comment/src/Tests/CommentLinksTest.php b/core/modules/comment/src/Tests/CommentLinksTest.php
index 5b2debba2a0192081a5988379b592830f8b0c065..3b40bdd308a275b221d3e681750652e7b65d4494 100644
--- a/core/modules/comment/src/Tests/CommentLinksTest.php
+++ b/core/modules/comment/src/Tests/CommentLinksTest.php
@@ -258,7 +258,7 @@ function assertCommentLinks(array $info) {
// authenticated users are allowed to post comments.
// @see \Drupal\comment\CommentManagerInterface::forbiddenMessage()
if (!$this->loggedInUser) {
- if ($this->web_user->hasPermission('post comments')) {
+ if (user_access('post comments', $this->web_user)) {
// The note depends on whether users are actually able to register.
if ($info['user_register'] != USER_REGISTER_ADMINISTRATORS_ONLY) {
$this->assertText('Log in or register to post comments');
diff --git a/core/modules/contact/src/MessageForm.php b/core/modules/contact/src/MessageForm.php
index 85dabd1afb94872dfde04ed17ce7587ffb6780e2..5915fd0cf5d0da8a73466b7819e1931de9eea331 100644
--- a/core/modules/contact/src/MessageForm.php
+++ b/core/modules/contact/src/MessageForm.php
@@ -248,7 +248,7 @@ public function save(array $form, array &$form_state) {
// To avoid false error messages caused by flood control, redirect away from
// the contact form; either to the contacted user account or the front page.
- if ($message->isPersonal() && $user->hasPermission('access user profiles')) {
+ if ($message->isPersonal() && user_access('access user profiles')) {
$form_state['redirect_route'] = $message->getPersonalRecipient()->urlInfo();
}
else {
diff --git a/core/modules/content_translation/content_translation.admin.inc b/core/modules/content_translation/content_translation.admin.inc
index 7e7e790eeacb26f35a942df98f793822c9b421c7..343a108e3516fe5975444743e85c79a2704d70e8 100644
--- a/core/modules/content_translation/content_translation.admin.inc
+++ b/core/modules/content_translation/content_translation.admin.inc
@@ -63,7 +63,7 @@ function content_translation_field_sync_widget(FieldDefinitionInterface $field)
function _content_translation_form_language_content_settings_form_alter(array &$form, array &$form_state) {
// Inject into the content language settings the translation settings if the
// user has the required permission.
- if (!\Drupal::currentUser()->hasPermission('administer content translation')) {
+ if (!user_access('administer content translation')) {
return;
}
@@ -139,7 +139,7 @@ function _content_translation_form_language_content_settings_form_alter(array &$
function _content_translation_preprocess_language_content_settings_table(&$variables) {
// Alter the 'build' variable injecting the translation settings if the user
// has the required permission.
- if (!\Drupal::currentUser()->hasPermission('administer content translation')) {
+ if (!user_access('administer content translation')) {
return;
}
diff --git a/core/modules/content_translation/content_translation.module b/core/modules/content_translation/content_translation.module
index 858ffba4b0141050950a9cb742a766a8115c6e0e..0d22898397b534331fb2a62a9d2e2e1de48348dc 100644
--- a/core/modules/content_translation/content_translation.module
+++ b/core/modules/content_translation/content_translation.module
@@ -249,9 +249,8 @@ function _content_translation_menu_strip_loaders($path) {
* The entity whose translation overview should be displayed.
*/
function content_translation_translate_access(EntityInterface $entity) {
- $account = \Drupal::currentUser();
return $entity instanceof ContentEntityInterface && empty($entity->getUntranslated()->language()->locked) && \Drupal::languageManager()->isMultilingual() && $entity->isTranslatable() &&
- ($account->hasPermission('create content translations') || $account->hasPermission('update content translations') || $account->hasPermission('delete content translations'));
+ (user_access('create content translations') || user_access('update content translations') || user_access('delete content translations'));
}
/**
@@ -495,12 +494,9 @@ function content_translation_language_fallback_candidates_entity_view_alter(&$ca
$entity_type_id = $entity->getEntityTypeId();
$entity_type = $entity->getEntityType();
$permission = $entity_type->getPermissionGranularity() == 'bundle' ? $permission = "translate {$entity->bundle()} $entity_type_id" : "translate $entity_type_id";
- $current_user = \Drupal::currentuser();
- if (!$current_user->hasPermission('translate any entity') && !$current_user->hasPermission($permission)) {
- foreach ($entity->getTranslationLanguages() as $langcode => $language) {
- if (empty($entity->translation[$langcode]['status'])) {
- unset($candidates[$langcode]);
- }
+ foreach ($entity->getTranslationLanguages() as $langcode => $language) {
+ if (empty($entity->translation[$langcode]['status']) && !user_access('translate any entity') && !user_access($permission)) {
+ unset($candidates[$langcode]);
}
}
}
@@ -746,7 +742,7 @@ function content_translation_enable_widget($entity_type, $bundle, array &$form,
* Processed language configuration element.
*/
function content_translation_language_configuration_element_process(array $element, array &$form_state, array &$form) {
- if (empty($element['#content_translation_skip_alter']) && \Drupal::currentUser()->hasPermission('administer content translation')) {
+ if (empty($element['#content_translation_skip_alter']) && user_access('administer content translation')) {
$form_state['content_translation']['key'] = $element['#name'];
$context = $form_state['language'][$element['#name']];
diff --git a/core/modules/content_translation/src/ContentTranslationHandler.php b/core/modules/content_translation/src/ContentTranslationHandler.php
index 7510d2e0799005a8302ecf4781def2acfff2b810..500ae4978ef99c4d687ae310ba8d52d02b8aaf6f 100644
--- a/core/modules/content_translation/src/ContentTranslationHandler.php
+++ b/core/modules/content_translation/src/ContentTranslationHandler.php
@@ -65,11 +65,10 @@ public function getTranslationAccess(EntityInterface $entity, $op) {
$translate_permission = TRUE;
// If no permission granularity is defined this entity type does not need an
// explicit translate permission.
- $current_user = \Drupal::currentUser();
- if (!$current_user->hasPermission('translate any entity') && $permission_granularity = $entity_type->getPermissionGranularity()) {
- $translate_permission = $current_user->hasPermission($permission_granularity == 'bundle' ? "translate {$entity->bundle()} {$entity->getEntityTypeId()}" : "translate {$entity->getEntityTypeId()}");
+ if (!user_access('translate any entity') && $permission_granularity = $entity_type->getPermissionGranularity()) {
+ $translate_permission = user_access($permission_granularity == 'bundle' ? "translate {$entity->bundle()} {$entity->getEntityTypeId()}" : "translate {$entity->getEntityTypeId()}");
}
- return $translate_permission && $current_user->hasPermission("$op content translations");
+ return $translate_permission && user_access("$op content translations");
}
/**
diff --git a/core/modules/field_ui/field_ui.module b/core/modules/field_ui/field_ui.module
index 4fe550ccd3a50f9f47f78552fa483ac881c617bc..1dbee70c449c769f6cf571a94b04a7aefdbd0765 100644
--- a/core/modules/field_ui/field_ui.module
+++ b/core/modules/field_ui/field_ui.module
@@ -169,20 +169,19 @@ function field_ui_entity_operation(EntityInterface $entity) {
// Add manage fields and display links if this entity type is the bundle
// of another.
if ($bundle_of = $info->getBundleOf()) {
- $account = \Drupal::currentUser();
- if ($account->hasPermission('administer '. $bundle_of . ' fields')) {
+ if (user_access('administer '. $bundle_of . ' fields')) {
$operations['manage-fields'] = array(
'title' => t('Manage fields'),
'weight' => 15,
) + $entity->urlInfo('field_ui-fields')->toArray();
}
- if ($account->hasPermission('administer '. $bundle_of . ' form display')) {
+ if (user_access('administer '. $bundle_of . ' form display')) {
$operations['manage-form-display'] = array(
'title' => t('Manage form display'),
'weight' => 20,
) + $entity->urlInfo('field_ui-form-display')->toArray();
}
- if ($account->hasPermission('administer '. $bundle_of . ' display')) {
+ if (user_access('administer '. $bundle_of . ' display')) {
$operations['manage-display'] = array(
'title' => t('Manage display'),
'weight' => 25,
diff --git a/core/modules/filter/filter.module b/core/modules/filter/filter.module
index 68b445e8d96c66e0bef14fa0ce8b59354e55fd8b..9d38bba051458b8c3fb218d65daf7b4b553ae2e2 100644
--- a/core/modules/filter/filter.module
+++ b/core/modules/filter/filter.module
@@ -622,7 +622,7 @@ function filter_process_format($element) {
$format_exists = isset($all_formats[$element['#format']]);
$format_allowed = !isset($element['#allowed_formats']) || in_array($element['#format'], $element['#allowed_formats']);
$user_has_access = isset($formats[$element['#format']]);
- $user_is_admin = \Drupal::currentUser()->hasPermission('administer filters');
+ $user_is_admin = user_access('administer filters');
// If the stored format does not exist or if it is not among the allowed
// formats for this textarea, administrators have to assign a new format.
diff --git a/core/modules/filter/src/Tests/FilterFormatAccessTest.php b/core/modules/filter/src/Tests/FilterFormatAccessTest.php
index 9f4234f6a58fe3660836bf0f56b301c692a60ad7..8689305ea4884202ff23be5e71f2f49ce95be2d7 100644
--- a/core/modules/filter/src/Tests/FilterFormatAccessTest.php
+++ b/core/modules/filter/src/Tests/FilterFormatAccessTest.php
@@ -132,8 +132,8 @@ function testFormatPermissions() {
// Make sure that a regular user only has permission to use the format
// they were granted access to.
- $this->assertTrue($this->web_user->hasPermission($this->allowed_format->getPermissionName()), 'A regular user has permission to use the allowed text format.');
- $this->assertFalse($this->web_user->hasPermission($this->disallowed_format->getPermissionName()), 'A regular user does not have permission to use the disallowed text format.');
+ $this->assertTrue(user_access($this->allowed_format->getPermissionName(), $this->web_user), 'A regular user has permission to use the allowed text format.');
+ $this->assertFalse(user_access($this->disallowed_format->getPermissionName(), $this->web_user), 'A regular user does not have permission to use the disallowed text format.');
// Make sure that the allowed format appears on the node form and that
// the disallowed format does not.
diff --git a/core/modules/node/node.api.php b/core/modules/node/node.api.php
index dd47b47c7ce7a160720b580ad7a69557d59ba344..247c239ca4ec894e1f3f489e22f04ade7f6ea516 100644
--- a/core/modules/node/node.api.php
+++ b/core/modules/node/node.api.php
@@ -79,7 +79,7 @@
* @ingroup node_access
*/
function hook_node_grants(\Drupal\Core\Session\AccountInterface $account, $op) {
- if ($account->hasPermission('access private content')) {
+ if (user_access('access private content', $account)) {
$grants['example'] = array(1);
}
$grants['example_owner'] = array($account->id());
@@ -311,7 +311,7 @@ function hook_node_grants_alter(&$grants, \Drupal\Core\Session\AccountInterface
* - "delete"
* - "update"
* - "view"
- * @param \Drupal\Core\Session\AccountInterface $account
+ * @param object $account
* The user object to perform the access check operation on.
* @param object $langcode
* The language code to perform the access check operation on.
@@ -323,23 +323,23 @@ function hook_node_grants_alter(&$grants, \Drupal\Core\Session\AccountInterface
*
* @ingroup node_access
*/
-function hook_node_access(\Drupal\node\NodeInterface $node, $op, \Drupal\Core\Session\AccountInterface $account, $langcode) {
+function hook_node_access(\Drupal\node\NodeInterface $node, $op, $account, $langcode) {
$type = is_string($node) ? $node : $node->getType();
$configured_types = node_permissions_get_configured_types();
if (isset($configured_types[$type])) {
- if ($op == 'create' && $account->hasPermission('create ' . $type . ' content')) {
+ if ($op == 'create' && user_access('create ' . $type . ' content', $account)) {
return NODE_ACCESS_ALLOW;
}
if ($op == 'update') {
- if ($account->hasPermission('edit any ' . $type . ' content', $account) || ($account->hasPermission('edit own ' . $type . ' content') && ($account->id() == $node->getOwnerId()))) {
+ if (user_access('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
return NODE_ACCESS_ALLOW;
}
}
if ($op == 'delete') {
- if ($account->hasPermission('delete any ' . $type . ' content', $account) || ($account->hasPermission('delete own ' . $type . ' content') && ($account->id() == $node->getOwnerId()))) {
+ if (user_access('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
return NODE_ACCESS_ALLOW;
}
}
diff --git a/core/modules/node/node.module b/core/modules/node/node.module
index f23559e533bc6f1f57afe8c1a046e695757a003b..a34ca8225c084765bb14b55c899ef1d43329f255 100644
--- a/core/modules/node/node.module
+++ b/core/modules/node/node.module
@@ -93,7 +93,7 @@ function node_help($route_name, RouteMatchInterface $route_match) {
// for rebuild. We don't need to issue the message on the confirm form, or
// while the rebuild is being processed.
if ($route_name != 'node.configure_rebuild_confirm' && $route_name != 'system.batch_page.normal' && $route_name != 'help.page.node' && $route_name != 'help.main'
- && \Drupal::currentUser()->hasPermission('access administration pages') && node_access_needs_rebuild()) {
+ && user_access('access administration pages') && node_access_needs_rebuild()) {
if ($route_name == 'system.status') {
$message = t('The content access permissions need to be rebuilt.');
}
@@ -1159,18 +1159,18 @@ function node_node_access(NodeInterface $node, $op, $account) {
$configured_types = node_permissions_get_configured_types();
if (isset($configured_types[$type])) {
- if ($op == 'create' && $account->hasPermission('create ' . $type . ' content', $account)) {
+ if ($op == 'create' && user_access('create ' . $type . ' content', $account)) {
return NODE_ACCESS_ALLOW;
}
if ($op == 'update') {
- if ($account->hasPermission('edit any ' . $type . ' content', $account) || ($account->hasPermission('edit own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
+ if (user_access('edit any ' . $type . ' content', $account) || (user_access('edit own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
return NODE_ACCESS_ALLOW;
}
}
if ($op == 'delete') {
- if ($account->hasPermission('delete any ' . $type . ' content', $account) || ($account->hasPermission('delete own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
+ if (user_access('delete any ' . $type . ' content', $account) || (user_access('delete own ' . $type . ' content', $account) && ($account->id() == $node->getOwnerId()))) {
return NODE_ACCESS_ALLOW;
}
}
@@ -1349,7 +1349,7 @@ function node_query_node_access_alter(AlterableInterface $query) {
// If $account can bypass node access, or there are no node access modules,
// or the operation is 'view' and the $account has a global view grant
// (such as a view grant for node ID 0), we don't need to alter the query.
- if ($account->hasPermission('bypass node access')) {
+ if (user_access('bypass node access', $account)) {
return;
}
if (!count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
diff --git a/core/modules/node/node.views_execution.inc b/core/modules/node/node.views_execution.inc
index f97b8adeccb512d31eb7a325884c0859e333fd26..daedc338810c80bff319962c6ebc238bb19b879c 100644
--- a/core/modules/node/node.views_execution.inc
+++ b/core/modules/node/node.views_execution.inc
@@ -11,11 +11,10 @@
* Implements hook_views_query_substitutions().
*/
function node_views_query_substitutions(ViewExecutable $view) {
- $account = \Drupal::currentUser();
return array(
- '***ADMINISTER_NODES***' => intval($account->hasPermission('administer nodes')),
- '***VIEW_OWN_UNPUBLISHED_NODES***' => intval($account->hasPermission('view own unpublished content')),
- '***BYPASS_NODE_ACCESS***' => intval($account->hasPermission('bypass node access')),
+ '***ADMINISTER_NODES***' => intval(user_access('administer nodes')),
+ '***VIEW_OWN_UNPUBLISHED_NODES***' => intval(user_access('view own unpublished content')),
+ '***BYPASS_NODE_ACCESS***' => intval(user_access('bypass node access')),
);
}
diff --git a/core/modules/node/src/NodeAccessController.php b/core/modules/node/src/NodeAccessController.php
index ab38a266c171214adab75243d1f18f3929f4c01f..6c058ad7b2134f3f434f8a5679229a422a061527 100644
--- a/core/modules/node/src/NodeAccessController.php
+++ b/core/modules/node/src/NodeAccessController.php
@@ -59,12 +59,10 @@ public static function createInstance(ContainerInterface $container, EntityTypeI
* {@inheritdoc}
*/
public function access(EntityInterface $entity, $operation, $langcode = LanguageInterface::LANGCODE_DEFAULT, AccountInterface $account = NULL) {
- $account = $this->prepareUser($account);
-
- if ($account->hasPermission('bypass node access')) {
+ if (user_access('bypass node access', $account)) {
return TRUE;
}
- if (!$account->hasPermission('access content')) {
+ if (!user_access('access content', $account)) {
return FALSE;
}
return parent::access($entity, $operation, $langcode, $account);
@@ -76,10 +74,10 @@ public function access(EntityInterface $entity, $operation, $langcode = Language
public function createAccess($entity_bundle = NULL, AccountInterface $account = NULL, array $context = array()) {
$account = $this->prepareUser($account);
- if ($account->hasPermission('bypass node access')) {
+ if (user_access('bypass node access', $account)) {
return TRUE;
}
- if (!$account->hasPermission('access content')) {
+ if (!user_access('access content', $account)) {
return FALSE;
}
@@ -98,7 +96,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc
$uid = $translation->getOwnerId();
// Check if authors can view their own unpublished nodes.
- if ($operation === 'view' && !$status && $account->hasPermission('view own unpublished content')) {
+ if ($operation === 'view' && !$status && user_access('view own unpublished content', $account)) {
if ($account->id() != 0 && $account->id() == $uid) {
return TRUE;
@@ -124,7 +122,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Acc
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
$configured_types = node_permissions_get_configured_types();
if (isset($configured_types[$entity_bundle])) {
- return $account->hasPermission('create ' . $entity_bundle . ' content');
+ return user_access('create ' . $entity_bundle . ' content', $account);
}
}
diff --git a/core/modules/node/src/NodeForm.php b/core/modules/node/src/NodeForm.php
index 69d91a5d7766c5d9e9b2bca936e8a6deed30f1ef..9e3dafc9dc12d0e1bd9904dac58650b15029435a 100644
--- a/core/modules/node/src/NodeForm.php
+++ b/core/modules/node/src/NodeForm.php
@@ -53,7 +53,6 @@ public function form(array $form, array &$form_state) {
$form['#title'] = $this->t('<em>Edit @type</em> @title', array('@type' => node_get_type_label($node), '@title' => $node->label()));
}
- $current_user = \Drupal::currentUser();
$user_config = \Drupal::config('user.settings');
// Some special stuff when previewing a node.
if (isset($form_state['node_preview'])) {
@@ -113,7 +112,7 @@ public function form(array $form, array &$form_state) {
'#type' => 'checkbox',
'#title' => t('Create new revision'),
'#default_value' => !empty($this->settings['options']['revision']),
- '#access' => $node->isNewRevision() || $current_user->hasPermission('administer nodes'),
+ '#access' => $node->isNewRevision() || user_access('administer nodes'),
'#group' => 'revision_information',
);
@@ -129,7 +128,7 @@ public function form(array $form, array &$form_state) {
),
),
'#group' => 'revision_information',
- '#access' => $node->isNewRevision() || $current_user->hasPermission('administer nodes'),
+ '#access' => $node->isNewRevision() || user_access('administer nodes'),
);
// Node author information for administrators.
@@ -162,7 +161,7 @@ public function form(array $form, array &$form_state) {
'#weight' => -1,
'#description' => t('Leave blank for %anonymous.', array('%anonymous' => $user_config->get('anonymous'))),
'#group' => 'author',
- '#access' => $current_user->hasPermission('administer nodes'),
+ '#access' => user_access('administer nodes'),
);
$form['created'] = array(
'#type' => 'textfield',
@@ -171,7 +170,7 @@ public function form(array $form, array &$form_state) {
'#description' => t('Format: %time. The date format is YYYY-MM-DD and %timezone is the time zone offset from UTC. Leave blank to use the time of form submission.', array('%time' => !empty($node->date) ? date_format(date_create($node->date), 'Y-m-d H:i:s O') : format_date($node->getCreatedTime(), 'custom', 'Y-m-d H:i:s O'), '%timezone' => !empty($node->date) ? date_format(date_create($node->date), 'O') : format_date($node->getCreatedTime(), 'custom', 'O'))),
'#default_value' => !empty($node->date) ? $node->date : '',
'#group' => 'author',
- '#access' => $current_user->hasPermission('administer nodes'),
+ '#access' => user_access('administer nodes'),
);
// Node options for administrators.
@@ -194,7 +193,7 @@ public function form(array $form, array &$form_state) {
'#title' => t('Promoted to front page'),
'#default_value' => $node->isPromoted(),
'#group' => 'options',
- '#access' => $current_user->hasPermission('administer nodes'),
+ '#access' => user_access('administer nodes'),
);
$form['sticky'] = array(
@@ -202,7 +201,7 @@ public function form(array $form, array &$form_state) {
'#title' => t('Sticky at top of lists'),
'#default_value' => $node->isSticky(),
'#group' => 'options',
- '#access' => $current_user->hasPermission('administer nodes'),
+ '#access' => user_access('administer nodes'),
);
return parent::form($form, $form_state, $node);
@@ -224,7 +223,7 @@ protected function actions(array $form, array &$form_state) {
// modules to integrate with "the Save operation" of this form. Modules
// need a way to plug themselves into 1) the ::submit() step, and
// 2) the ::save() step, both decoupled from the pressed form button.
- if ($element['submit']['#access'] && \Drupal::currentUser()->hasPermission('administer nodes')) {
+ if ($element['submit']['#access'] && user_access('administer nodes')) {
// isNew | prev status » default & publish label & unpublish label
// 1 | 1 » publish & Save and publish & Save as unpublished
// 1 | 0 » unpublish & Save and publish & Save as unpublished
diff --git a/core/modules/node/src/Plugin/entity_reference/selection/NodeSelection.php b/core/modules/node/src/Plugin/entity_reference/selection/NodeSelection.php
index f850270cd8db5532b1906bbba2ba8fc3aa4c7093..dbbda10e2341563ea5108cafa41e13880f29a0c0 100644
--- a/core/modules/node/src/Plugin/entity_reference/selection/NodeSelection.php
+++ b/core/modules/node/src/Plugin/entity_reference/selection/NodeSelection.php
@@ -32,7 +32,7 @@ public function buildEntityQuery($match = NULL, $match_operator = 'CONTAINS') {
// 'unpublished'. We need to do that as long as there are no access control
// modules in use on the site. As long as one access control module is there,
// it is supposed to handle this check.
- if (!\Drupal::currentUser()->hasPermission('bypass node access') && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
+ if (!user_access('bypass node access') && !count(\Drupal::moduleHandler()->getImplementations('node_grants'))) {
$query->condition('status', NODE_PUBLISHED);
}
return $query;
diff --git a/core/modules/node/src/Tests/NodeRevisionPermissionsTest.php b/core/modules/node/src/Tests/NodeRevisionPermissionsTest.php
index 57c32c37c0fff6c46a6c131d6522f16879f95458..bba2587c04648e534289504975c4debfd69b86e9 100644
--- a/core/modules/node/src/Tests/NodeRevisionPermissionsTest.php
+++ b/core/modules/node/src/Tests/NodeRevisionPermissionsTest.php
@@ -94,7 +94,7 @@ function testNodeRevisionAccessAnyType() {
foreach ($permutations as $case) {
// Skip this test if there are no revisions for the node.
if (!($revision->isDefaultRevision() && (db_query('SELECT COUNT(vid) FROM {node_field_revision} WHERE nid = :nid', array(':nid' => $revision->id()))->fetchField() == 1 || $case['op'] == 'update' || $case['op'] == 'delete'))) {
- if (!empty($case['account']->is_admin) || $case['account']->hasPermission($this->map[$case['op']])) {
+ if (!empty($case['account']->is_admin) || user_access($this->map[$case['op']], $case['account'])) {
$this->assertTrue($node_revision_access->checkAccess($revision, $case['account'], $case['op']), "{$this->map[$case['op']]} granted.");
}
else {
@@ -141,7 +141,7 @@ function testNodeRevisionAccessPerType() {
foreach ($permutations as $case) {
// Skip this test if there are no revisions for the node.
if (!($revision->isDefaultRevision() && (db_query('SELECT COUNT(vid) FROM {node_field_revision} WHERE nid = :nid', array(':nid' => $revision->id()))->fetchField() == 1 || $case['op'] == 'update' || $case['op'] == 'delete'))) {
- if (!empty($case['account']->is_admin) || $case['account']->hasPermission($this->type_map[$case['op']], $case['account'])) {
+ if (!empty($case['account']->is_admin) || user_access($this->type_map[$case['op']], $case['account'])) {
$this->assertTrue($node_revision_access->checkAccess($revision, $case['account'], $case['op']), "{$this->type_map[$case['op']]} granted.");
}
else {
diff --git a/core/modules/node/tests/modules/node_access_test/node_access_test.module b/core/modules/node/tests/modules/node_access_test/node_access_test.module
index 64c7476d4b397df7c14ba5de1511999cca768bf6..696f29ef9bbfd84fdb91cd72c8aa9351d585d0ce 100644
--- a/core/modules/node/tests/modules/node_access_test/node_access_test.module
+++ b/core/modules/node/tests/modules/node_access_test/node_access_test.module
@@ -49,7 +49,7 @@
function node_access_test_node_grants($account, $op) {
$grants = array();
$grants['node_access_test_author'] = array($account->id());
- if ($op == 'view' && $account->hasPermission('node test view', $account)) {
+ if ($op == 'view' && user_access('node test view', $account)) {
$grants['node_access_test'] = array(8888, 8889);
}
diff --git a/core/modules/system/entity.api.php b/core/modules/system/entity.api.php
index 5388dab3cf2a343a7c069d5c5870243ff89d86f8..1bab346dd20c5ab516fb279aefc628af8e77208c 100644
--- a/core/modules/system/entity.api.php
+++ b/core/modules/system/entity.api.php
@@ -1521,7 +1521,7 @@ function hook_entity_operation_alter(array &$operations, \Drupal\Core\Entity\Ent
*/
function hook_entity_field_access($operation, \Drupal\Core\Field\FieldDefinitionInterface $field_definition, \Drupal\Core\Session\AccountInterface $account, \Drupal\Core\Field\FieldItemListInterface $items = NULL) {
if ($field_definition->getName() == 'field_of_interest' && $operation == 'edit') {
- return $account->hasPermission('update field of interest');
+ return user_access('update field of interest', $account);
}
}
diff --git a/core/modules/system/src/Form/ModulesListForm.php b/core/modules/system/src/Form/ModulesListForm.php
index da1ecd05bbc79a2b2e8d84559cc7232a43bf3361..f825071da6a125c82318601dc522fbd7ae44f48c 100644
--- a/core/modules/system/src/Form/ModulesListForm.php
+++ b/core/modules/system/src/Form/ModulesListForm.php
@@ -235,7 +235,7 @@ protected function buildRow(array $modules, Extension $module, $distribution) {
// Generate link for module's permission, if the user has access to it.
$row['links']['permissions'] = array();
- if ($module->status && \Drupal::currentUser()->hasPermission('administer permissions') && in_array($module->getName(), $this->moduleHandler->getImplementations('permission'))) {
+ if ($module->status && user_access('administer permissions') && in_array($module->getName(), $this->moduleHandler->getImplementations('permission'))) {
$row['links']['permissions'] = array(
'#type' => 'link',
'#title' => $this->t('Permissions'),
diff --git a/core/modules/system/system.api.php b/core/modules/system/system.api.php
index 857145b1ca0ae66c3395f07683067666589edb04..c975257a4c369caff46f10af7edfc4fa8203b01c 100644
--- a/core/modules/system/system.api.php
+++ b/core/modules/system/system.api.php
@@ -946,7 +946,7 @@ function hook_system_info_alter(array &$info, \Drupal\Core\Extension\Extension $
* can be selected on the user permissions page and used to grant or restrict
* access to actions the module performs.
*
- * Permissions are checked using \Drupal::currentUser()->hasPermission().
+ * Permissions are checked using user_access().
*
* For a detailed usage example, see page_example.module.
*
@@ -1232,7 +1232,7 @@ function hook_theme_registry_alter(&$theme_registry) {
* @see _template_preprocess_default_variables()
*/
function hook_template_preprocess_default_variables_alter(&$variables) {
- $variables['is_admin'] = \Drupal::currentUser()->hasPermission('access administration pages');
+ $variables['is_admin'] = user_access('access administration pages');
}
/**
@@ -1834,7 +1834,7 @@ function hook_query_TAG_alter(Drupal\Core\Database\Query\AlterableInterface $que
$op = 'view';
}
// Skip the extra joins and conditions for node admins.
- if (!\Drupal::currentUser()->hasPermission('bypass node access')) {
+ if (!user_access('bypass node access')) {
// The node_access table has the access grants for any given node.
$access_alias = $query->join('node_access', 'na', '%alias.nid = n.nid');
$or = db_or();
diff --git a/core/modules/system/system.module b/core/modules/system/system.module
index 74fc69b008f1800c74cf0c896415dea3f99cc33d..4a57520bdbcc4b17ae2fc183deee5d7795cd3d97 100644
--- a/core/modules/system/system.module
+++ b/core/modules/system/system.module
@@ -754,7 +754,7 @@ function system_stream_wrappers() {
* Menu item access callback - only enabled themes can be accessed.
*/
function _system_themes_access($theme) {
- return \Drupal::currentUser()->hasPermission('administer themes') && drupal_theme_access($theme);
+ return user_access('administer themes') && drupal_theme_access($theme);
}
/**
diff --git a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php
index 9f5fd46d8489563ab2b6803a10619f491c2399ac..5f2348738fbcb4ba7f353830a358d16ac782171b 100644
--- a/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php
+++ b/core/modules/system/tests/modules/entity_test/src/EntityTestAccessController.php
@@ -23,12 +23,12 @@ class EntityTestAccessController extends EntityAccessController {
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
if ($operation === 'view') {
if ($langcode != LanguageInterface::LANGCODE_DEFAULT) {
- return $account->hasPermission('view test entity translations');
+ return user_access('view test entity translations', $account);
}
- return $account->hasPermission('view test entity');
+ return user_access('view test entity', $account);
}
elseif (in_array($operation, array('update', 'delete'))) {
- return $account->hasPermission('administer entity_test content');
+ return user_access('administer entity_test content', $account);
}
}
@@ -36,7 +36,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, A
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
- return $account->hasPermission('administer entity_test content');
+ return user_access('administer entity_test content', $account);
}
}
diff --git a/core/modules/system/theme.api.php b/core/modules/system/theme.api.php
index ecfa22906110b166ac333fbbabe1437d4a4105ec..08c9cf0df59226290cf77323ca9e9adcb04a53a3 100644
--- a/core/modules/system/theme.api.php
+++ b/core/modules/system/theme.api.php
@@ -199,7 +199,7 @@ function hook_preprocess(&$variables, $hook) {
// Add contextual links to the variables, if the user has permission.
- if (!\Drupal::currentUser()->hasPermission('access contextual links')) {
+ if (!user_access('access contextual links')) {
return;
}
diff --git a/core/modules/toolbar/toolbar.module b/core/modules/toolbar/toolbar.module
index c80387238cf25e1df5209f6256dc060689eab4aa..83917807c6143aa6b301114d8c56ffef5b9c0bb6 100644
--- a/core/modules/toolbar/toolbar.module
+++ b/core/modules/toolbar/toolbar.module
@@ -151,7 +151,7 @@ function _toolbar_initialize_page_cache() {
function toolbar_page_build(&$page) {
$page['page_top']['toolbar'] = array(
'#type' => 'toolbar',
- '#access' => \Drupal::currentUser()->hasPermission('access toolbar'),
+ '#access' => user_access('access toolbar'),
);
}
diff --git a/core/modules/update/update.module b/core/modules/update/update.module
index 1dbfcf972e666e68d8115c0af3aa9c320af5fd08..243eae9ace09c3d552d5cc47c7b13f2a026917c4 100644
--- a/core/modules/update/update.module
+++ b/core/modules/update/update.module
@@ -164,7 +164,7 @@ function update_page_build() {
* @see update_menu()
*/
function update_manager_access() {
- return Settings::get('allow_authorize_operations', TRUE) && \Drupal::currentUser()->hasPermission('administer software updates');
+ return Settings::get('allow_authorize_operations', TRUE) && user_access('administer software updates');
}
/**
diff --git a/core/modules/views/views.api.php b/core/modules/views/views.api.php
index 836f4bea3cb2ec08b3693bddaec2de609d45d0b4..578e376d7d350c3d144bee1b375d365fdfbd9674 100644
--- a/core/modules/views/views.api.php
+++ b/core/modules/views/views.api.php
@@ -480,9 +480,7 @@ function hook_views_form_substitutions() {
function hook_views_pre_view(ViewExecutable $view, $display_id, array &$args) {
// Modify contextual filters for my_special_view if user has 'my special permission'.
- $account = \Drupal::currentUser();
-
- if ($view->name == 'my_special_view' && $account->hasPermission('my special permission') && $display_id == 'public_display') {
+ if ($view->name == 'my_special_view' && user_access('my special permission')) {
$args[0] = 'custom value';
}
}
@@ -549,9 +547,7 @@ function hook_views_pre_execute(ViewExecutable $view) {
// view administrators that the query might be heavy.
// (This action could be performed later in the execution process, but not
// earlier.)
- $account = \Drupal::currentUser();
-
- if (count($view->query->tables) > 2 && $account->hasPermission('administer views')) {
+ if (count($view->query->tables) > 2 && user_access('administer views')) {
drupal_set_message(t('The view %view may be heavy to execute.', array('%view' => $view->name)), 'warning');
}
}
diff --git a/core/modules/views/views.module b/core/modules/views/views.module
index f92f39e1ee0e5350b0ccdd5e8af67865296ddaa0..886a599410d13eef9755fe6bf9e46d7cb0b4038f 100644
--- a/core/modules/views/views.module
+++ b/core/modules/views/views.module
@@ -338,7 +338,7 @@ function views_page_alter(&$page) {
*/
function views_preprocess_page(&$variables) {
// Early-return to prevent adding unnecessary JavaScript.
- if (!\Drupal::currentUser()->hasPermission('access contextual links')) {
+ if (!user_access('access contextual links')) {
return;
}