Issue #3030477 by Manuel Garcia, Anas_maw: Views filter "Published status or admin user" not checking "View any unpublished content" permission
Alex Pott
parent
8a76eeecf6
commit
cb03af1056
|
|
@ -0,0 +1,18 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @file
|
||||
* Provide views runtime hooks for content_moderation.module.
|
||||
*/
|
||||
|
||||
use Drupal\views\ViewExecutable;
|
||||
|
||||
/**
|
||||
* Implements hook_views_query_substitutions().
|
||||
*/
|
||||
function content_moderation_views_query_substitutions(ViewExecutable $view) {
|
||||
$account = \Drupal::currentUser();
|
||||
return [
|
||||
'***VIEW_ANY_UNPUBLISHED_NODES***' => intval($account->hasPermission('view any unpublished content')),
|
||||
];
|
||||
}
|
||||
|
|
@ -24,7 +24,11 @@ class Status extends FilterPluginBase {
|
|||
|
||||
public function query() {
|
||||
$table = $this->ensureMyTable();
|
||||
$this->query->addWhereExpression($this->options['group'], "$table.status = 1 OR ($table.uid = ***CURRENT_USER*** AND ***CURRENT_USER*** <> 0 AND ***VIEW_OWN_UNPUBLISHED_NODES*** = 1) OR ***BYPASS_NODE_ACCESS*** = 1");
|
||||
$snippet = "$table.status = 1 OR ($table.uid = ***CURRENT_USER*** AND ***CURRENT_USER*** <> 0 AND ***VIEW_OWN_UNPUBLISHED_NODES*** = 1) OR ***BYPASS_NODE_ACCESS*** = 1";
|
||||
if ($this->moduleHandler->moduleExists('content_moderation')) {
|
||||
$snippet .= ' OR ***VIEW_ANY_UNPUBLISHED_NODES*** = 1';
|
||||
}
|
||||
$this->query->addWhereExpression($this->options['group'], $snippet);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -12,6 +12,11 @@ use Drupal\node\NodeInterface;
|
|||
*/
|
||||
class StatusExtraTest extends NodeTestBase {
|
||||
|
||||
/**
|
||||
* {@inheritdoc}
|
||||
*/
|
||||
public static $modules = ['node_test_views', 'content_moderation'];
|
||||
|
||||
/**
|
||||
* Views used by this test.
|
||||
*
|
||||
|
|
@ -26,6 +31,7 @@ class StatusExtraTest extends NodeTestBase {
|
|||
$node_author = $this->drupalCreateUser(['view own unpublished content']);
|
||||
$node_author_not_unpublished = $this->drupalCreateUser();
|
||||
$normal_user = $this->drupalCreateUser();
|
||||
$privileged_user = $this->drupalCreateUser(['view any unpublished content']);
|
||||
$admin_user = $this->drupalCreateUser(['bypass node access']);
|
||||
|
||||
// Create one published and one unpublished node by the admin.
|
||||
|
|
@ -47,6 +53,14 @@ class StatusExtraTest extends NodeTestBase {
|
|||
$this->assertText($node_unpublished2->label());
|
||||
$this->assertText($node_unpublished3->label());
|
||||
|
||||
// The privileged user should simply see all nodes.
|
||||
$this->drupalLogin($privileged_user);
|
||||
$this->drupalGet('test_status_extra');
|
||||
$this->assertText($node_published->label());
|
||||
$this->assertText($node_unpublished->label());
|
||||
$this->assertText($node_unpublished2->label());
|
||||
$this->assertText($node_unpublished3->label());
|
||||
|
||||
// The node author should see the published node and his own node.
|
||||
$this->drupalLogin($node_author);
|
||||
$this->drupalGet('test_status_extra');
|
||||
|
|
|
|||
Loading…
Reference in New Issue