Issue #3379220 by kristiaanvandeneynde, smustgrave, Wim Leers: system_page_attachments() varies by authenticated user role but does not add said cache context

(cherry picked from commit abfa56416c7bf0ab3ecb937cf363e94f334ec4f9)
2023-12-31 10:24:08 +00:00 · 2023-12-31 10:24:08 +00:00 · 16ff3a4451
parent 35b420b9ee
commit 16ff3a4451
5 changed files with 31 additions and 5 deletions
--- a/core/modules/system/system.module
+++ b/core/modules/system/system.module
@ -672,6 +672,7 @@ function system_page_attachments(array &$page) {
  // @see \Drupal\Core\Utility\LinkGenerator::generate()
  // @see template_preprocess_links()
  // @see \Drupal\Core\EventSubscriber\ActiveLinkResponseFilter
+  $page['#cache']['contexts'][] = 'user.roles:authenticated';
  if (\Drupal::currentUser()->isAuthenticated()) {
    $page['#attached']['library'][] = 'core/drupal.active-link';
  }
--- a/core/modules/system/tests/src/Functional/Cache/AssertPageCacheContextsAndTagsTrait.php
+++ b/core/modules/system/tests/src/Functional/Cache/AssertPageCacheContextsAndTagsTrait.php
@ -130,10 +130,19 @@ trait AssertPageCacheContextsAndTagsTrait {
  protected function assertCacheContexts(array $expected_contexts, $message = NULL, $include_default_contexts = TRUE) {
    if ($include_default_contexts) {
      $default_contexts = ['languages:language_interface', 'theme'];
-      // Add the user.permission context to the list of default contexts except
-      // when user is already there.
+      // Add the user based contexts to the list of default contexts except when
+      // user is already there.
      if (!in_array('user', $expected_contexts)) {
        $default_contexts[] = 'user.permissions';
+
+        if (!in_array('user.roles', $expected_contexts)) {
+          // The system_page_attachments() hook is only called when dealing with
+          // the HtmlRenderer, so check the Content-Type header.
+          // @see \Drupal\Core\Render\MainContent\HtmlRenderer::invokePageAttachmentHooks()
+          if ($this->getSession()->getResponseHeader('Content-Type') === 'text/html; charset=UTF-8') {
+            $default_contexts[] = 'user.roles:authenticated';
+          }
+        }
      }
      $expected_contexts = Cache::mergeContexts($expected_contexts, $default_contexts);
    }
--- a/core/modules/system/tests/src/Functional/Entity/EntityCacheTagsTestBase.php
+++ b/core/modules/system/tests/src/Functional/Entity/EntityCacheTagsTestBase.php
@ -322,7 +322,7 @@ abstract class EntityCacheTagsTestBase extends PageCacheTagsTestBase {
    // The default cache contexts for rendered entities.
    $default_cache_contexts = ['languages:' . LanguageInterface::TYPE_INTERFACE, 'theme', 'user.permissions'];
    $entity_cache_contexts = Cache::mergeContexts($default_cache_contexts, ['url.site']);
-    $page_cache_contexts = Cache::mergeContexts($default_cache_contexts, ['url.query_args:' . MainContentViewSubscriber::WRAPPER_FORMAT]);
+    $page_cache_contexts = Cache::mergeContexts($default_cache_contexts, ['url.query_args:' . MainContentViewSubscriber::WRAPPER_FORMAT, 'user.roles:authenticated']);

    // Cache tags present on every rendered page.
    // 'user.permissions' is a required cache context, and responses that vary
--- a/core/modules/system/tests/src/Functional/Routing/RouterTest.php
+++ b/core/modules/system/tests/src/Functional/Routing/RouterTest.php
@ -35,7 +35,7 @@ class RouterTest extends BrowserTestBase {
   */
  public function testFinishResponseSubscriber() {
    $renderer_required_cache_contexts = ['languages:' . LanguageInterface::TYPE_INTERFACE, 'theme', 'user.permissions'];
-    $expected_cache_contexts = Cache::mergeContexts($renderer_required_cache_contexts, ['url.query_args:' . MainContentViewSubscriber::WRAPPER_FORMAT]);
+    $expected_cache_contexts = Cache::mergeContexts($renderer_required_cache_contexts, ['url.query_args:' . MainContentViewSubscriber::WRAPPER_FORMAT, 'user.roles:authenticated']);
    sort($expected_cache_contexts);

    // Confirm that the router can get to a controller.
@ -69,7 +69,7 @@ class RouterTest extends BrowserTestBase {
    // X-Drupal-Cache-Contexts and X-Drupal-Cache-Tags headers.
    // 1. controller result: render array, globally cacheable route access.
    $this->drupalGet('router_test/test18');
-    $expected_cache_contexts = Cache::mergeContexts($renderer_required_cache_contexts, ['url']);
+    $expected_cache_contexts = Cache::mergeContexts($renderer_required_cache_contexts, ['url', 'user.roles:authenticated']);
    sort($expected_cache_contexts);
    $this->assertSession()->responseHeaderEquals('X-Drupal-Cache-Contexts', implode(' ', $expected_cache_contexts));
    $this->assertSession()->responseHeaderEquals('X-Drupal-Cache-Tags', 'config:user.role.anonymous foo http_response rendered');
--- a/core/tests/Drupal/FunctionalTests/BrowserTestBaseTest.php
+++ b/core/tests/Drupal/FunctionalTests/BrowserTestBaseTest.php
@ -39,6 +39,22 @@ class BrowserTestBaseTest extends BrowserTestBase {
   */
  protected $defaultTheme = 'stark';

+  /**
+   * Tests that JavaScript Drupal settings can be read.
+   */
+  public function testDrupalSettings() {
+    // Trigger a 403 because those pages have very little else going on.
+    $this->drupalGet('admin');
+    $this->assertSame([], $this->getDrupalSettings());
+
+    // Now try the same 403 as an authenticated user and verify that Drupal
+    // settings do show up.
+    $account = $this->drupalCreateUser();
+    $this->drupalLogin($account);
+    $this->drupalGet('admin');
+    $this->assertNotSame([], $this->getDrupalSettings());
+  }
+
  /**
   * Tests basic page test.
   */