Issue #2715859 by alexpott, prics, joachim, effulgentsia, Berdir, AaronBauman: ImageWidget::validateRequiredFields() produces an error message if an image field is hidden with hook_entity_field_access()

core/modules/image/src/Plugin/Field/FieldWidget/ImageWidget.php

@@ -5,7 +5,6 @@ namespace Drupal\image\Plugin\Field\FieldWidget;
 use Drupal\Core\Field\FieldDefinitionInterface;
 use Drupal\Core\Field\FieldItemListInterface;
 use Drupal\Core\Image\ImageFactory;
-use Drupal\Component\Utility\NestedArray;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\Core\Render\ElementInfoManagerInterface;
 use Drupal\file\Entity\File;
@@ -296,18 +295,7 @@ class ImageWidget extends FileWidget {
     // Only do validation if the function is triggered from other places than
     // the image process form.
     $triggering_element = $form_state->getTriggeringElement();
-    if (empty($triggering_element['#submit']) || !in_array('file_managed_file_submit', $triggering_element['#submit'])) {
-      // If the image is not there, we do not check for empty values.
-      $parents = $element['#parents'];
-      $field = array_pop($parents);
-      $image_field = NestedArray::getValue($form_state->getUserInput(), $parents);
-      // We check for the array key, so that it can be NULL (like if the user
-      // submits the form without using the "upload" button).
-      if (!array_key_exists($field, $image_field)) {
-        return;
-      }
-    }
-    else {
+    if (!empty($triggering_element['#submit']) && in_array('file_managed_file_submit', $triggering_element['#submit'], TRUE)) {
       $form_state->setLimitValidationErrors([]);
     }
   }

core/modules/image/tests/modules/image_access_test_hidden/image_access_test_hidden.info.yml

@@ -0,0 +1,6 @@
+name: 'Image access test for hidden fields'
+type: module
+description: 'Provides an entity field access hook implementation to set an image field as hidden.'
+package: Testing
+version: VERSION
+core: 8.x

core/modules/image/tests/modules/image_access_test_hidden/image_access_test_hidden.module

@@ -0,0 +1,21 @@
+<?php
+
+/**
+ * @file
+ * Image field access for hidden fields.
+ */
+
+use Drupal\Core\Field\FieldDefinitionInterface;
+use Drupal\Core\Session\AccountInterface;
+use Drupal\Core\Field\FieldItemListInterface;
+use Drupal\Core\Access\AccessResult;
+
+/**
+ * Implements hook_entity_field_access().
+ */
+function image_access_test_hidden_entity_field_access($operation, FieldDefinitionInterface $field_definition, AccountInterface $account, FieldItemListInterface $items = NULL) {
+  if ($field_definition->getName() == 'field_image' && $operation == 'edit') {
+    return AccessResult::forbidden();
+  }
+  return AccessResult::neutral();
+}

core/modules/image/tests/src/Functional/ImageFieldValidateTest.php

@@ -2,6 +2,7 @@
 
 namespace Drupal\Tests\image\Functional;
 
+use Drupal\Core\Field\FieldStorageDefinitionInterface;
 use Drupal\Tests\TestFileCreationTrait;
 
 /**
@@ -205,6 +206,56 @@ class ImageFieldValidateTest extends ImageFieldTestBase {
     $this->assertNoText(t('Title field is required.'));
   }
 
+  /**
+   * Tests creating an entity while leaving the image field empty.
+   *
+   * This is tested first with edit access to the image field allowed, and then
+   * with it forbidden.
+   *
+   * @dataProvider providerTestEmpty
+   */
+  public function testEmpty($field_name, $required, $cardinality, $form_element_name, $expected_page_text_when_edit_access_allowed, $expected_page_text_when_edit_access_forbidden) {
+    $this->createImageField($field_name, 'article', ['cardinality' => $cardinality], ['required' => $required]);
+
+    // Test with field edit access allowed.
+    $this->drupalGet('node/add/article');
+    $this->assertSession()->fieldExists($form_element_name);
+    $edit = [
+      'title[0][value]' => 'Article with edit-access-allowed image field',
+    ];
+    $this->drupalPostForm(NULL, $edit, t('Save'));
+    $this->assertSession()->pageTextContains($expected_page_text_when_edit_access_allowed);
+
+    // Test with field edit access forbidden.
+    \Drupal::service('module_installer')->install(['image_access_test_hidden']);
+    $this->drupalGet('node/add/article');
+    $this->assertSession()->fieldNotExists($form_element_name);
+    $edit = [
+      'title[0][value]' => 'Article with edit-access-forbidden image field',
+    ];
+    $this->drupalPostForm(NULL, $edit, t('Save'));
+    $this->assertSession()->pageTextContains($expected_page_text_when_edit_access_forbidden);
+  }
+
+  /**
+   * Data provider for ::testEmpty()
+   *
+   * @return array
+   *   Test cases.
+   */
+  public function providerTestEmpty() {
+    return [
+      'optional-single' => ['field_image', FALSE, 1, 'files[field_image_0]', 'Article Article with edit-access-allowed image field has been created.', 'Article Article with edit-access-forbidden image field has been created.'],
+      'optional-unlimited' => ['field_image', FALSE, FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED, 'files[field_image_0][]', 'Article Article with edit-access-allowed image field has been created.', 'Article Article with edit-access-forbidden image field has been created.'],
+      'optional-multiple-limited' => ['field_image', FALSE, 2, 'files[field_image_0][]', 'Article Article with edit-access-allowed image field has been created.', 'Article Article with edit-access-forbidden image field has been created.'],
+      'required-single' => ['field_image', TRUE, 1, 'files[field_image_0]', 'field_image field is required.', 'field_image field is required.'],
+      'required-unlimited' => ['field_image', TRUE, FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED, 'files[field_image_0][]', 'field_image field is required.', 'field_image field is required.'],
+
+      // @todo Fix this discrepancy in https://www.drupal.org/project/drupal/issues/3011744.
+      'required-multiple-limited' => ['field_image', TRUE, 2, 'files[field_image_0][]', 'This value should not be null.', 'Article Article with edit-access-forbidden image field has been created.'],
+    ];
+  }
+
   /**
    * Returns field settings.
    *