Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #2078155 by Amitaibu, Sweetchuck: Fixed Access protected field items being removed.

8.0.x
Nathaniel Catchpole 2013-09-15 09:41:06 +01:00
parent 490e8753db
commit 070b183e05
5 changed files with 110 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
core/modules/entity_reference/lib/Drupal/entity_reference/Plugin/field/formatter/EntityReferenceEntityFormatter.php
View File

@ -80,9 +80,6 @@ class EntityReferenceEntityFormatter extends EntityReferenceFormatterBase {
* {@inheritdoc}
*/
public function viewElements(EntityInterface $entity, $langcode, FieldInterface $items) {
// Remove un-accessible items.
parent::viewElements($entity, $langcode, $items);
$view_mode = $this->getSetting('view_mode');
$links = $this->getSetting('links');
@ -91,6 +88,10 @@ class EntityReferenceEntityFormatter extends EntityReferenceFormatterBase {
$elements = array();
foreach ($items as $delta => $item) {
if (!$item->access) {
// User doesn't have access to the referenced entity.
continue;
}
// Protect ourselves from recursive rendering.
static $depth = 0;
$depth++;

15
core/modules/entity_reference/lib/Drupal/entity_reference/Plugin/field/formatter/EntityReferenceFormatterBase.php
View File

@ -94,19 +94,4 @@ abstract class EntityReferenceFormatterBase extends FormatterBase {
}
}
}
/**
* Overrides \Drupal\field\Plugin\Type\Formatter\FormatterBase::viewElements().
*
* @see \Drupal\entity_reference\Plugin\field\formatter\EntityReferenceFormatterBase::viewElements().
*/
public function viewElements(EntityInterface $entity, $langcode, FieldInterface $items) {
// Remove un-accessible items.
foreach ($items as $delta => $item) {
if (empty($item->access)) {
unset($items[$delta]);
}
}
return array();
}
}

4
core/modules/entity_reference/lib/Drupal/entity_reference/Plugin/field/formatter/EntityReferenceIdFormatter.php
View File

@ -34,6 +34,10 @@ class EntityReferenceIdFormatter extends EntityReferenceFormatterBase {
$elements = array();
foreach ($items as $delta => $item) {
if (!$item->access) {
// User doesn't have access to the referenced entity.
continue;
}
if (!empty($item->entity) && !empty($item->target_id)) {
$elements[$delta] = array('#markup' => check_plain($item->target_id));
}

13
core/modules/entity_reference/lib/Drupal/entity_reference/Plugin/field/formatter/EntityReferenceLabelFormatter.php
View File

@ -56,17 +56,18 @@ class EntityReferenceLabelFormatter extends EntityReferenceFormatterBase {
* {@inheritdoc}
*/
public function viewElements(EntityInterface $entity, $langcode, FieldInterface $items) {
// Remove un-accessible items.
parent::viewElements($entity, $langcode, $items);
$elements = array();
foreach ($items as $delta => $item) {
if ($entity = $item->entity) {
$label = $entity->label();
if (!$item->access) {
// User doesn't have access to the referenced entity.
continue;
}
if ($referenced_entity = $item->entity) {
$label = $referenced_entity->label();
// If the link is to be displayed and the entity has a uri,
// display a link.
if ($this->getSetting('link') && $uri = $entity->uri()) {
if ($this->getSetting('link') && $uri = $referenced_entity->uri()) {
$elements[$delta] = array(
'#type' => 'link',
'#title' => $label,

95
core/modules/entity_reference/lib/Drupal/entity_reference/Tests/EntityReferenceFormatterTest.php Normal file
View File

@ -0,0 +1,95 @@
<?php
/**
* @file
* Contains \Drupal\entity_reference\Tests\EntityReferenceFormatterTest.
*/
namespace Drupal\entity_reference\Tests;
use Drupal\system\Tests\Entity\EntityUnitTestBase;
use Symfony\Component\HttpFoundation\Request;
/**
* Tests Entity Reference formatters.
*/
class EntityReferenceFormatterTest extends EntityUnitTestBase {
/**
* The entity type used in this test.
*
* @var string
*/
protected $entityType = 'entity_test_render';
/**
* The bundle used in this test.
*
* @var string
*/
protected $bundle = 'entity_test_render';
/**
* The name of the field used in this test.
*
* @var string
*/
protected $fieldName = 'field_test';
/**
* Modules to enable.
*
* @var array
*/
public static $modules = array('entity_reference');
public static function getInfo() {
return array(
'name' => 'Entity reference formatters',
'description' => 'Tests the formatters functionality.',
'group' => 'Entity Reference',
);
}
public function setUp() {
parent::setUp();
entity_reference_create_instance($this->entityType, $this->bundle, $this->fieldName, 'Field test', $this->entityType);
}
/**
* Assert unaccessible items don't change the data of the fields.
*/
public function testAccess() {
$field_name = $this->fieldName;
$entity_1 = entity_create($this->entityType, array('name' => $this->randomName()));
$entity_1->save();
$entity_2 = entity_create($this->entityType, array('name' => $this->randomName()));
$entity_2->save();
$entity_2->{$field_name}->entity = $entity_1;
// Assert user doesn't have access to the entity.
$this->assertFalse($entity_1->access('view'), 'Current user does not have access to view the referenced entity.');
$formatter_manager = $this->container->get('plugin.manager.field.formatter');
// Get all the existing formatters.
foreach ($formatter_manager->getOptions('entity_reference') as $formatter => $name) {
// Set formatter type for the 'full' view mode.
entity_get_display($this->entityType, $this->bundle, 'default')
->setComponent($field_name, array(
'type' => $formatter,
))
->save();
// Invoke entity view.
entity_view($entity_2, 'default');
// Verify the un-accessible item still exists.
$this->assertEqual($entity_2->{$field_name}->value, $entity_1->id(), format_string('The un-accessible item still exists after @name formatter was executed.', array('@name' => $name)));
}
}
}