Issue #3202440 by jonathanshaw, ravi.shankar, catch, longwave: [backport] EntityQuery accessCheck: field ui cardinality validation should not be access sensitive
catch
parent
8bdcc821c3
commit
c2af52f3b1
|
|
@ -194,6 +194,7 @@ class FieldStorageConfigEditForm extends EntityForm {
|
|||
// one selected. Deltas start with 0, so the selected value does not
|
||||
// need to be incremented.
|
||||
$entities_with_higher_delta = \Drupal::entityQuery($this->entity->getTargetEntityTypeId())
|
||||
->accessCheck(FALSE)
|
||||
->condition($this->entity->getName() . '.%delta', $form_state->getValue('cardinality'))
|
||||
->count()
|
||||
->execute();
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ use Drupal\Core\Field\FieldStorageDefinitionInterface;
|
|||
use Drupal\Core\Language\LanguageInterface;
|
||||
use Drupal\field\Entity\FieldConfig;
|
||||
use Drupal\field\Entity\FieldStorageConfig;
|
||||
use Drupal\node\Entity\NodeType;
|
||||
use Drupal\taxonomy\Entity\Vocabulary;
|
||||
use Drupal\Tests\BrowserTestBase;
|
||||
use Drupal\Tests\field\Traits\EntityReferenceTestTrait;
|
||||
|
|
@ -34,6 +35,7 @@ class ManageFieldsFunctionalTest extends BrowserTestBase {
|
|||
'taxonomy',
|
||||
'image',
|
||||
'block',
|
||||
'node_access_test',
|
||||
];
|
||||
|
||||
/**
|
||||
|
|
@ -93,7 +95,6 @@ class ManageFieldsFunctionalTest extends BrowserTestBase {
|
|||
'administer users',
|
||||
'administer account settings',
|
||||
'administer user display',
|
||||
'bypass node access',
|
||||
]);
|
||||
$this->drupalLogin($admin_user);
|
||||
|
||||
|
|
@ -130,6 +131,12 @@ class ManageFieldsFunctionalTest extends BrowserTestBase {
|
|||
->getFormDisplay('node', 'article')
|
||||
->setComponent('field_' . $vocabulary->id())
|
||||
->save();
|
||||
|
||||
// Setup node access testing.
|
||||
node_access_rebuild();
|
||||
node_access_test_add_field(NodeType::load('article'));
|
||||
\Drupal::state()->set('node_access_test.private', TRUE);
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -344,6 +351,47 @@ class ManageFieldsFunctionalTest extends BrowserTestBase {
|
|||
'cardinality_number' => 3,
|
||||
];
|
||||
$this->drupalPostForm($field_edit_path, $edit, t('Save field settings'));
|
||||
|
||||
// Test the cardinality validation is not access sensitive.
|
||||
|
||||
// Remove the cardinality limit 4 so we can add a node the user doesn't have
|
||||
// access to.
|
||||
$edit = [
|
||||
'cardinality' => (string) FieldStorageDefinitionInterface::CARDINALITY_UNLIMITED,
|
||||
];
|
||||
$this->drupalPostForm($field_edit_path, $edit, 'Save field settings');
|
||||
$node = $this->drupalCreateNode([
|
||||
'private' => TRUE,
|
||||
'uid' => 0,
|
||||
'type' => 'article',
|
||||
]);
|
||||
$node->body->appendItem('body 1');
|
||||
$node->body->appendItem('body 2');
|
||||
$node->body->appendItem('body 3');
|
||||
$node->body->appendItem('body 4');
|
||||
$node->save();
|
||||
|
||||
// Assert that you can't set the cardinality to a lower number than the
|
||||
// highest delta of this field (including inaccessible entities) but can
|
||||
// set it to the same.
|
||||
$this->drupalGet($field_edit_path);
|
||||
$edit = [
|
||||
'cardinality' => 'number',
|
||||
'cardinality_number' => 2,
|
||||
];
|
||||
$this->drupalPostForm($field_edit_path, $edit, 'Save field settings');
|
||||
$this->assertRaw(t('There are @count entities with @delta or more values in this field.', ['@count' => 2, '@delta' => 3]));
|
||||
$edit = [
|
||||
'cardinality' => 'number',
|
||||
'cardinality_number' => 3,
|
||||
];
|
||||
$this->drupalPostForm($field_edit_path, $edit, 'Save field settings');
|
||||
$this->assertRaw(t('There is @count entity with @delta or more values in this field.', ['@count' => 1, '@delta' => 4]));
|
||||
$edit = [
|
||||
'cardinality' => 'number',
|
||||
'cardinality_number' => 4,
|
||||
];
|
||||
$this->drupalPostForm($field_edit_path, $edit, 'Save field settings');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Reference in New Issue