Issue #1992428 by andypost: Convert Roles management to a Controller.

core/modules/system/lib/Drupal/system/Tests/Upgrade/UserRoleUpgradePathTest.php

@@ -39,8 +39,10 @@ class UserRoleUpgradePathTest extends UpgradePathTestBase {
 
     // Check that "gärtner" has been converted to "4" and that the role
     // edit page for it exists.
-    $this->drupalGet('admin/people/roles/edit/4');
+    $this->drupalGet('admin/people/roles/manage/4');
     $this->assertResponse(200, 'Role edit page for "gärtner" was found.');
+    $this->assertField('label', 'Role edit page for "gärtner" was found.');
+    $this->assertRaw('gärtner', 'Role edit page for "gärtner" was found.');
 
     // Check that the anonymous user role ID has been converted from "1" to
     // "anonymous".

core/modules/user/lib/Drupal/user/Form/UserRoleDelete.php

@@ -0,0 +1,73 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\user\Form\UserRoleDelete.
+ */
+
+namespace Drupal\user\Form;
+
+use Drupal\Core\Form\ConfirmFormBase;
+use Drupal\user\RoleInterface;
+
+/**
+ * Provides a deletion confirmation form for Role entity.
+ */
+class UserRoleDelete extends ConfirmFormBase {
+
+  /**
+   * The role being deleted.
+   *
+   * @var \Drupal\user\RoleInterface
+   */
+  protected $role;
+
+  /**
+   * {@inheritdoc}
+   */
+  public function getFormID() {
+    return 'user_admin_role_delete_confirm';
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function getQuestion() {
+    return t('Are you sure you want to delete the role %name?', array('%name' => $this->role->label()));
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function getCancelPath() {
+    return 'admin/people/roles';
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function getConfirmText() {
+    return t('Delete');
+  }
+
+  /**
+   * {@inheritdoc}
+   * @param \Drupal\user\RoleInterface $user_role
+   *   The role being deleted.
+   */
+  public function buildForm(array $form, array &$form_state, RoleInterface $user_role = NULL) {
+    $this->role = $user_role;
+    return parent::buildForm($form, $form_state);
+  }
+
+  /**
+   * {@inheritdoc}
+   */
+  public function submitForm(array &$form, array &$form_state) {
+    $this->role->delete();
+    watchdog('user', 'Role %name has been deleted.', array('%name' => $this->role->label()));
+    drupal_set_message(t('Role %name has been deleted.', array('%name' => $this->role->label())));
+    $form_state['redirect'] = 'admin/people/roles';
+  }
+
+}

core/modules/user/lib/Drupal/user/Plugin/Core/Entity/Role.php

@@ -21,6 +21,7 @@ use Drupal\user\RoleInterface;
  *   module = "user",
  *   controllers = {
  *     "storage" = "Drupal\user\RoleStorageController",
+ *     "access" = "Drupal\user\RoleAccessController",
  *     "list" = "Drupal\user\RoleListController",
  *     "form" = {
  *       "default" = "Drupal\user\RoleFormController"

core/modules/user/lib/Drupal/user/RoleAccessController.php

@@ -0,0 +1,34 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\user\RoleAccessController.
+ */
+
+namespace Drupal\user;
+
+use Drupal\Core\Entity\EntityAccessController;
+use Drupal\Core\Entity\EntityInterface;
+use Drupal\user\Plugin\Core\Entity\User;
+
+/**
+ * Defines the access controller for the user_role entity type.
+ */
+class RoleAccessController extends EntityAccessController {
+
+  /**
+   * {@inheritdoc}
+   */
+  protected function checkAccess(EntityInterface $entity, $operation, $langcode, User $account) {
+    switch ($operation) {
+      case 'delete':
+        if ($entity->id() == DRUPAL_ANONYMOUS_RID || $entity->id() == DRUPAL_AUTHENTICATED_RID) {
+          return FALSE;
+        }
+
+      default:
+        return user_access('administer permissions', $account);
+    }
+  }
+
+}

core/modules/user/user.admin.inc

@@ -481,28 +481,3 @@ function user_admin_role_add() {
   $role = entity_create('user_role', array());
   return entity_get_form($role);
 }
-
-/**
- * Form to confirm role delete operation.
- */
-function user_admin_role_delete_confirm($form, &$form_state, $role) {
-  $form_state['user_role'] = $role;
-  $form['id'] = array(
-    '#type' => 'value',
-    '#value' => $role->id(),
-  );
-  return confirm_form($form, t('Are you sure you want to delete the role %name ?', array('%name' => $role->label())), 'admin/people/roles', t('This action cannot be undone.'), t('Delete'));
-}
-
-/**
- * Form submit handler for user_admin_role_delete_confirm().
- */
-function user_admin_role_delete_confirm_submit($form, &$form_state) {
-  $role = $form_state['user_role'];
-  $role->delete();
-
-  drupal_set_message(t('Role %label has been deleted.', array('%label' => $role->label())));
-  watchdog('user', 'Role %label has been deleted.', array('%label' => $role->label()), WATCHDOG_NOTICE);
-
-  $form_state['redirect'] = 'admin/people/roles';
-}

core/modules/user/user.module

@@ -945,24 +945,18 @@ function user_menu() {
   $items['admin/people/roles'] = array(
     'title' => 'Roles',
     'description' => 'List, edit, or add user roles.',
-    'page callback' => 'user_admin_roles_list',
-    'access arguments' => array('administer permissions'),
-    'file' => 'user.admin.inc',
+    'route_name' => 'user_role_list',
     'type' => MENU_LOCAL_TASK,
   );
   $items['admin/people/roles/add'] = array(
     'title' => 'Add role',
-    'page callback' => 'user_admin_role_add',
-    'access arguments' => array('administer permissions'),
+    'route_name' => 'user_role_add',
     'type' => MENU_LOCAL_ACTION,
-    'file' => 'user.admin.inc',
   );
 
   $items['admin/people/roles/manage/%user_role'] = array(
     'title' => 'Edit role',
-    'page callback' => 'entity_get_form',
-    'page arguments' => array(4),
-    'access arguments' => array('administer permissions'),
+    'route_name' => 'user_role_edit',
   );
   $items['admin/people/roles/manage/%user_role/edit'] = array(
     'title' => 'Edit',
@@ -970,13 +964,9 @@ function user_menu() {
   );
   $items['admin/people/roles/manage/%user_role/delete'] = array(
     'title' => 'Delete role',
-    'page callback' => 'drupal_get_form',
-    'page arguments' => array('user_admin_role_delete_confirm', 4),
-    'access callback' => 'user_role_delete_access',
-    'access arguments' => array(4),
+    'route_name' => 'user_role_delete',
     'weight' => 10,
     'context' => MENU_CONTEXT_INLINE,
-    'file' => 'user.admin.inc',
   );
 
   $items['admin/people/create'] = array(
@@ -1885,18 +1875,6 @@ function user_role_load($rid) {
   return entity_load('user_role', $rid);
 }
 
-/**
- * Menu access callback for user role deletion.
- */
-function user_role_delete_access($role) {
-  // Prevent the system-defined roles from being removed.
-  if ($role->id() == DRUPAL_ANONYMOUS_RID || $role->id() == DRUPAL_AUTHENTICATED_RID) {
-    return FALSE;
-  }
-
-  return user_access('administer permissions');
-}
-
 /**
  * Determine the modules that permissions belong to.
  *

core/modules/user/user.routing.yml

@@ -25,3 +25,32 @@ user_account_settings:
     _form: '\Drupal\user\AccountSettingsForm'
   requirements:
     _permission: 'administer users'
+
+user_role_list:
+  pattern: '/admin/people/roles'
+  defaults:
+    _content: '\Drupal\Core\Entity\Controller\EntityListController::listing'
+    entity_type: 'user_role'
+  requirements:
+    _permission: 'administer permissions'
+
+user_role_add:
+  pattern: '/admin/people/roles/add'
+  defaults:
+    _entity_form: user_role.default
+  requirements:
+    _permission: 'administer permissions'
+
+user_role_edit:
+  pattern: '/admin/people/roles/manage/{user_role}'
+  defaults:
+    _entity_form: user_role.default
+  requirements:
+    _entity_access: user_role.update
+
+user_role_delete:
+  pattern: '/admin/people/roles/manage/{user_role}/delete'
+  defaults:
+    _form: '\Drupal\user\Form\UserRoleDelete'
+  requirements:
+    _entity_access: user_role.delete