Issue #2390467 by iPat, adamwhite: User role permission assignments are not deleted when a role is deleted
Alex Pott
parent
02ce89c4ed
commit
99377f95a7
|
|
@ -29,14 +29,4 @@ class RoleStorage extends ConfigEntityStorage implements RoleStorageInterface {
|
|||
return $has_permission;
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function deleteRoleReferences(array $rids) {
|
||||
// Remove the role from all users.
|
||||
db_delete('user__roles')
|
||||
->condition('target_id', $rids)
|
||||
->execute();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,12 +27,4 @@ interface RoleStorageInterface extends ConfigEntityStorageInterface {
|
|||
*/
|
||||
public function isPermissionInRoles($permission, array $rids);
|
||||
|
||||
/**
|
||||
* Delete role references.
|
||||
*
|
||||
* @param array $rids
|
||||
* The list of role IDs being deleted. The storage should
|
||||
* remove permission and user references to this role.
|
||||
*/
|
||||
public function deleteRoleReferences(array $rids);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,78 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @file
|
||||
* Contains \Drupal\user\Tests\UserRoleDeleteTest.
|
||||
*/
|
||||
|
||||
namespace Drupal\user\Tests;
|
||||
|
||||
use Drupal\simpletest\KernelTestBase;
|
||||
use Drupal\user\Entity\User;
|
||||
|
||||
/**
|
||||
* Tests the handling of user_role entity from the user module
|
||||
*
|
||||
* @group user
|
||||
*/
|
||||
class UserRoleDeleteTest extends KernelTestBase {
|
||||
|
||||
/**
|
||||
* Modules to enable.
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
public static $modules = array('system', 'user', 'field');
|
||||
|
||||
protected function setUp() {
|
||||
parent::setUp();
|
||||
$this->installEntitySchema('user');
|
||||
}
|
||||
|
||||
/**
|
||||
* Tests removal of role references on role entity delete.
|
||||
*
|
||||
* @see user_user_role_delete()
|
||||
*/
|
||||
public function testRoleDeleteUserRoleReferenceDelete() {
|
||||
// Create two test roles.
|
||||
$role_storage = $this->container->get('entity.manager')->getStorage('user_role');
|
||||
$role_storage->create(array('id' => 'test_role_one'))->save();
|
||||
$role_storage->create(array('id' => 'test_role_two'))->save();
|
||||
|
||||
// Create user and assign both test roles.
|
||||
$values = array(
|
||||
'uid' => 1,
|
||||
'roles' => array('test_role_one', 'test_role_two'),
|
||||
);
|
||||
$user = User::create($values);
|
||||
$user->save();
|
||||
|
||||
// Check that user has both roles.
|
||||
$this->assertTrue($user->hasRole('test_role_one'));
|
||||
$this->assertTrue($user->hasRole('test_role_two'));
|
||||
|
||||
// Delete test role one.
|
||||
$test_role_one = $role_storage->load('test_role_one');
|
||||
$test_role_one->delete();
|
||||
|
||||
// Load user again from the database.
|
||||
$user = User::load($user->id());
|
||||
|
||||
// Check that user does not have role one anymore, still has role two.
|
||||
$this->assertFalse($user->hasRole('test_role_one'));
|
||||
$this->assertTrue($user->hasRole('test_role_two'));
|
||||
|
||||
// Create new role with same name.
|
||||
$role_storage->create(array('id' => 'test_role_one'))->save();
|
||||
|
||||
// Load user again from the database.
|
||||
$user = User::load($user->id());
|
||||
|
||||
// Check that user does not have role one.
|
||||
$this->assertFalse($user->hasRole('test_role_one'));
|
||||
$this->assertTrue($user->hasRole('test_role_two'));
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -116,4 +116,16 @@ class UserStorage extends SqlContentEntityStorage implements UserStorageInterfac
|
|||
$this->resetCache(array($account->id()));
|
||||
}
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public function deleteRoleReferences(array $rids) {
|
||||
// Remove the role from all users.
|
||||
$this->database->delete('user__roles')
|
||||
->condition('roles_target_id', $rids)
|
||||
->execute();
|
||||
|
||||
$this->resetCache();
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -32,4 +32,13 @@ interface UserStorageInterface extends EntityStorageInterface{
|
|||
*/
|
||||
public function updateLastAccessTimestamp(AccountInterface $account, $timestamp);
|
||||
|
||||
/**
|
||||
* Delete role references.
|
||||
*
|
||||
* @param array $rids
|
||||
* The list of role IDs being deleted. The storage should
|
||||
* remove permission and user references to this role.
|
||||
*/
|
||||
public function deleteRoleReferences(array $rids);
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1079,6 +1079,10 @@ function user_user_role_insert(RoleInterface $role) {
|
|||
* Implements hook_ENTITY_TYPE_delete() for user_role entities.
|
||||
*/
|
||||
function user_user_role_delete(RoleInterface $role) {
|
||||
// Delete role references for all users.
|
||||
$user_storage = \Drupal::entityManager()->getStorage('user');
|
||||
$user_storage->deleteRoleReferences(array($role->id()));
|
||||
|
||||
// Ignore the authenticated and anonymous roles or the role is being synced.
|
||||
if (in_array($role->id(), array(DRUPAL_AUTHENTICATED_RID, DRUPAL_ANONYMOUS_RID)) || $role->isSyncing()) {
|
||||
return;
|
||||
|
|
|
|||
Loading…
Reference in New Issue