Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #2012916 by andypost, Berdir, pwieck: Implement access controller for the menu and menu link entity.

8.0.x
Alex Pott 2013-08-13 09:32:25 -05:00
parent 7833e61c45
commit 972406d591
11 changed files with 77 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
core/modules/menu/lib/Drupal/menu/Access/DeleteLinkAccessCheck.php
View File

@ -1,37 +0,0 @@
<?php
/**
* @file
* Contains \Drupal\menu\Access\DeleteLinkAccessCheck.
*/
namespace Drupal\menu\Access;
use Drupal\Core\Access\StaticAccessCheckInterface;
use Symfony\Component\Routing\Route;
use Symfony\Component\HttpFoundation\Request;
/**
* Access check for menu link delete routes.
*/
class DeleteLinkAccessCheck implements StaticAccessCheckInterface {
/**
* {@inheritdoc}
*/
public function appliesTo() {
return array('_access_menu_delete_link');
}
/**
* {@inheritdoc}
*/
public function access(Route $route, Request $request) {
if (user_access('administer menu') && $menu_link = $request->attributes->get('menu_link')) {
// Links defined via hook_menu may not be deleted. Updated items are an
// exception, as they can be broken.
return $menu_link->module !== 'system' || $menu_link->updated;
}
return FALSE;
}
}

24
core/modules/menu/lib/Drupal/menu/MenuFormController.php
View File

@ -174,10 +174,8 @@ class MenuFormController extends EntityFormController implements EntityControlle
*/
protected function actions(array $form, array &$form_state) {
$actions = parent::actions($form, $form_state);
$menu = $this->entity;
$system_menus = menu_list_system_menus();
$actions['delete']['#access'] = !$menu->isNew() && !isset($system_menus[$menu->id()]);
$actions['delete']['#access'] = !$this->entity->isNew() && $this->entity->access('delete');
// Add the language configuration submit handler. This is needed because the
// submit button has custom submit handlers.
@ -223,8 +221,10 @@ class MenuFormController extends EntityFormController implements EntityControlle
*/
public function save(array $form, array &$form_state) {
$menu = $this->entity;
// @todo Get rid of menu_list_system_menus() https://drupal.org/node/1882552
// Supposed menu item declared by hook_menu()
// Should be moved to submitOverviewForm()
$system_menus = menu_list_system_menus();
if (!$menu->isNew() || isset($system_menus[$menu->id()])) {
$this->submitOverviewForm($form, $form_state);
}
@ -354,31 +354,27 @@ class MenuFormController extends EntityFormController implements EntityControlle
);
// Build a list of operations.
$operations = array();
$links = array();
$links['edit'] = array(
$operations['edit'] = array(
'title' => t('Edit'),
'href' => 'admin/structure/menu/item/' . $item['mlid'] . '/edit',
);
$operations['edit'] = array('#type' => 'link', '#title' => t('Edit'), '#href' => 'admin/structure/menu/item/' . $item['mlid'] . '/edit');
// Only items created by the menu module can be deleted.
if ($item['module'] == 'menu' || $item['updated'] == 1) {
$links['delete'] = array(
if ($item->access('delete')) {
$operations['delete'] = array(
'title' => t('Delete'),
'href' => 'admin/structure/menu/item/' . $item['mlid'] . '/delete',
);
$operations['delete'] = array('#type' => 'link', '#title' => t('Delete'), '#href' => 'admin/structure/menu/item/' . $item['mlid'] . '/delete');
}
// Set the reset column.
elseif ($item['module'] == 'system' && $item['customized']) {
$links['reset'] = array(
elseif ($item->access('reset')) {
$operations['reset'] = array(
'title' => t('Reset'),
'href' => 'admin/structure/menu/item/' . $item['mlid'] . '/reset',
);
$operations['reset'] = array('#type' => 'link', '#title' => t('Reset'), '#href' => 'admin/structure/menu/item/' . $item['mlid'] . '/reset');
}
$form[$mlid]['operations'] = array(
'#type' => 'operations',
'#links' => $links,
'#links' => $operations,
);
}

12
core/modules/menu/lib/Drupal/menu/MenuListController.php
View File

@ -49,16 +49,16 @@ class MenuListController extends ConfigEntityListController {
if (isset($operations['edit'])) {
$operations['edit']['title'] = t('Edit menu');
$operations['add'] = array(
'title' => t('Add link'),
'href' => $uri['path'] . '/add',
'options' => $uri['options'],
'weight' => 20,
);
}
if (isset($operations['delete'])) {
$operations['delete']['title'] = t('Delete menu');
}
$operations['add'] = array(
'title' => t('Add link'),
'href' => $uri['path'] . '/add',
'options' => $uri['options'],
'weight' => 20,
);
return $operations;
}

1
core/modules/menu/menu.module
View File

@ -125,7 +125,6 @@ function menu_menu() {
*/
function menu_entity_info(&$entity_info) {
$entity_info['menu']['controllers']['list'] = 'Drupal\menu\MenuListController';
$entity_info['menu']['controllers']['access'] = 'Drupal\menu\MenuAccessController';
$entity_info['menu']['uri_callback'] = 'menu_uri';
$entity_info['menu']['controllers']['form'] = array(
'add' => 'Drupal\menu\MenuFormController',

8
core/modules/menu/menu.routing.yml
View File

@ -24,28 +24,28 @@ menu_link_add:
defaults:
_content: '\Drupal\menu\Controller\MenuController::addLink'
requirements:
_permission: 'administer menu'
_entity_create_access: 'menu_link'
menu_link_edit:
pattern: '/admin/structure/menu/item/{menu_link}/edit'
defaults:
_entity_form: 'menu_link'
requirements:
_permission: 'administer menu'
_entity_access: 'menu_link.update'
menu_link_reset:
pattern: 'admin/structure/menu/item/{menu_link}/reset'
defaults:
_entity_form: 'menu_link.reset'
requirements:
_permission: 'administer menu'
_entity_access: 'menu_link.reset'
menu_link_delete:
pattern: 'admin/structure/menu/item/{menu_link}/delete'
defaults:
_entity_form: 'menu_link.delete'
requirements:
_access_menu_delete_link: 'TRUE'
_entity_access: 'menu_link.delete'
menu_menu_add:
pattern: '/admin/structure/menu/add'

5
core/modules/menu/menu.services.yml
View File

@ -1,5 +0,0 @@
services:
access_check.menu.delete_link:
class: Drupal\menu\Access\DeleteLinkAccessCheck
tags:
- { name: access_check }

48
core/modules/menu_link/lib/Drupal/menu_link/MenuLinkAccessController.php Normal file
View File

@ -0,0 +1,48 @@
<?php
/**
* @file
* Contains \Drupal\menu_link\MenuLinkAccessController.
*/
namespace Drupal\menu_link;
use Drupal\Core\Entity\EntityAccessController;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Session\AccountInterface;
/**
* Defines an access controller for the menu link entity.
*
* @see \Drupal\menu_link\Plugin\Core\Entity\MenuLink
*/
class MenuLinkAccessController extends EntityAccessController {
/**
* {@inheritdoc}
*/
protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) {
$access = $account->hasPermission('administer menu');
if ($access) {
switch ($operation) {
case 'reset':
// Reset allowed for items defined via hook_menu() and customized.
return $entity->module == 'system' && $entity->customized;
case 'delete':
// Only items created by the menu module can be deleted.
return $entity->module == 'menu' || $entity->updated == 1;
}
}
return $access;
}
/**
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return $account->hasPermission('administer menu');
}
}

2
core/modules/menu_link/lib/Drupal/menu_link/MenuLinkFormController.php
View File

@ -208,7 +208,7 @@ class MenuLinkFormController extends EntityFormController implements EntityContr
protected function actions(array $form, array &$form_state) {
$element = parent::actions($form, $form_state);
$element['submit']['#button_type'] = 'primary';
$element['delete']['#access'] = $this->entity->module == 'menu';
$element['delete']['#access'] = $this->entity->access('delete');
return $element;
}

1
core/modules/menu_link/lib/Drupal/menu_link/Plugin/Core/Entity/MenuLink.php
View File

@ -28,6 +28,7 @@ use Drupal\Core\Entity\Entity;
* module = "menu_link",
* controllers = {
* "storage" = "Drupal\menu_link\MenuLinkStorageController",
* "access" = "Drupal\menu_link\MenuLinkAccessController",
* "render" = "Drupal\Core\Entity\EntityRenderController",
* "form" = {
* "default" = "Drupal\menu_link\MenuLinkFormController"

9
core/modules/menu/lib/Drupal/menu/MenuAccessController.php → core/modules/system/lib/Drupal/system/MenuAccessController.php
View File

@ -2,10 +2,10 @@
/**
* @file
* Contains \Drupal\menu\MenuAccessController.
* Contains \Drupal\system\MenuAccessController.
*/
namespace Drupal\menu;
namespace Drupal\system;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityAccessController;
@ -25,6 +25,7 @@ class MenuAccessController extends EntityAccessController {
}
elseif ($operation == 'delete') {
// System menus could not be deleted.
// @todo Refactor in https://drupal.org/node/1882552
$system_menus = menu_list_system_menus();
if (isset($system_menus[$entity->id()])) {
return FALSE;
@ -32,7 +33,7 @@ class MenuAccessController extends EntityAccessController {
}
if (in_array($operation, array('update', 'delete'))) {
return user_access('administer menu', $account);
return $account->hasPermission('administer menu');
}
}
@ -40,7 +41,7 @@ class MenuAccessController extends EntityAccessController {
* {@inheritdoc}
*/
protected function checkCreateAccess(AccountInterface $account, array $context, $entity_bundle = NULL) {
return user_access('administer menu', $account);
return $account->hasPermission('administer menu');
}
}

3
core/modules/system/lib/Drupal/system/Plugin/Core/Entity/Menu.php
View File

@ -20,7 +20,8 @@ use Drupal\system\MenuInterface;
* label = @Translation("Menu"),
* module = "system",
* controllers = {
* "storage" = "Drupal\Core\Config\Entity\ConfigStorageController"
* "storage" = "Drupal\Core\Config\Entity\ConfigStorageController",
* "access" = "Drupal\system\MenuAccessController"
* },
* config_prefix = "menu.menu",
* entity_keys = {