diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc index fa93dc8..707a904 100644 --- a/core/includes/bootstrap.inc +++ b/core/includes/bootstrap.inc @@ -21,8 +21,7 @@ use Drupal\Core\Language\Language; use Drupal\Core\Lock\DatabaseLockBackend; use Drupal\Core\Lock\LockBackendInterface; -use Drupal\user\Plugin\Core\Entity\User; -use Drupal\Core\Entity\EntityBCDecorator; +use Drupal\Core\Session\UserSession; /** * @file @@ -1763,15 +1762,16 @@ function drupal_set_title($title = NULL, $output = CHECK_PLAIN) { /** * Generates a default anonymous $user object. * - * @return object - * The user object. + * @return \Drupal\Core\Session\AccountInterface + * The user session object. */ function drupal_anonymous_user() { - return (object) array( + $values = array( 'uid' => 0, 'hostname' => Drupal::request()->getClientIP(), 'roles' => array(DRUPAL_ANONYMOUS_RID), ); + return new UserSession($values); } /** diff --git a/core/includes/entity.api.php b/core/includes/entity.api.php index 3d2a56a..1287cea 100644 --- a/core/includes/entity.api.php +++ b/core/includes/entity.api.php @@ -548,14 +548,14 @@ function hook_entity_field_info_alter(&$info, $entity_type) { * \Drupal\Core\TypedData\AccessibleInterface::access() for possible values. * @param \Drupal\Core\Entity\Field\Type\Field $field * The entity field object on which the operation is to be performed. - * @param \Drupal\user\UserInterface $account + * @param \Drupal\Core\Session\AccountInterface $account * The user account to check. * * @return bool|NULL * TRUE if access should be allowed, FALSE if access should be denied and NULL * if the implementation has no opinion. */ -function hook_entity_field_access($operation, $field, $account) { +function hook_entity_field_access($operation, $field, \Drupal\Core\Session\AccountInterface $account) { if ($field->getName() == 'field_of_interest' && $operation == 'update') { return user_access('update field of interest', $account); } diff --git a/core/includes/session.inc b/core/includes/session.inc index c68c33c..40e495f 100644 --- a/core/includes/session.inc +++ b/core/includes/session.inc @@ -18,6 +18,8 @@ use Drupal\Component\Utility\Crypt; +use Drupal\Core\Session\UserSession; + /** * Session handler assigned by session_set_save_handler(). * @@ -91,22 +93,27 @@ function _drupal_session_read($sid) { // a HTTPS session or we are about to log in so we check the sessions table // for an anonymous session with the non-HTTPS-only cookie. if (Drupal::request()->isSecure()) { - $user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.ssid = :ssid", array(':ssid' => $sid))->fetchObject(); - if (!$user) { + $values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.ssid = :ssid", array(':ssid' => $sid))->fetchAssoc(); + if (!$values) { if (isset($_COOKIE[$insecure_session_name])) { - $user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid AND s.uid = 0", array( + $values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid AND s.uid = 0", array( ':sid' => $_COOKIE[$insecure_session_name])) - ->fetchObject(); + ->fetchAssoc(); } } } else { - $user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid", array(':sid' => $sid))->fetchObject(); + $values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid", array(':sid' => $sid))->fetchAssoc(); + } + + if ($values) { + $user = new UserSession($values); } // We found the client's session record and they are an authenticated, // active user. - if ($user && $user->uid > 0 && $user->status == 1) { + if ($values && $values['uid'] > 0 && $values['status'] == 1) { + $user = new UserSession($values); // Add roles element to $user. $rids = db_query("SELECT ur.rid FROM {users_roles} ur WHERE ur.uid = :uid", array(':uid' => $user->uid))->fetchCol(); $user->roles = array_merge(array(DRUPAL_AUTHENTICATED_RID), $rids); diff --git a/core/lib/Drupal/Core/Entity/Entity.php b/core/lib/Drupal/Core/Entity/Entity.php index 9798515..2aff719 100644 --- a/core/lib/Drupal/Core/Entity/Entity.php +++ b/core/lib/Drupal/Core/Entity/Entity.php @@ -12,6 +12,7 @@ use Drupal\Core\TypedData\TypedDataInterface; use Drupal\user\UserInterface; use IteratorAggregate; +use Drupal\Core\Session\AccountInterface; /** * Defines a base entity class. @@ -258,7 +259,7 @@ public function getIterator() { /** * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ - public function access($operation = 'view', UserInterface $account = NULL) { + public function access($operation = 'view', AccountInterface $account = NULL) { return \Drupal::entityManager() ->getAccessController($this->entityType) ->access($this, $operation, Language::LANGCODE_DEFAULT, $account); diff --git a/core/lib/Drupal/Core/Entity/EntityAccessController.php b/core/lib/Drupal/Core/Entity/EntityAccessController.php index a4bba1c..ff4ac84 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessController.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessController.php @@ -8,7 +8,7 @@ namespace Drupal\Core\Entity; use Drupal\Core\Language\Language; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Defines a default implementation for entity access controllers. @@ -25,11 +25,9 @@ class EntityAccessController implements EntityAccessControllerInterface { /** * {@inheritdoc} */ - public function access(EntityInterface $entity, $operation, $langcode = Language::LANGUAGE_DEFAULT, UserInterface $account = NULL) { - - // @todo Remove this once we can rely on $account. + public function access(EntityInterface $entity, $operation, $langcode = Language::LANGUAGE_DEFAULT, AccountInterface $account = NULL) { if (!$account) { - $account = user_load($GLOBALS['user']->uid); + $account = $GLOBALS['user']; } if (($access = $this->getCache($entity, $operation, $langcode, $account)) !== NULL) { @@ -73,14 +71,14 @@ public function access(EntityInterface $entity, $operation, $langcode = Language * 'delete'. * @param string $langcode * The language code for which to check access. - * @param \Drupal\user\UserInterface $account + * @param \Drupal\Core\Session\AccountInterface; $account * The user for which to check access. * * @return bool|null * TRUE if access was granted, FALSE if access was denied and NULL if access * could not be determined. */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { return NULL; } @@ -94,7 +92,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, U * 'delete'. * @param string $langcode * The language code for which to check access. - * @param \Drupal\user\UserInterface $account + * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. * * @return bool|null @@ -102,7 +100,7 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, U * is no record for the given user, operation, langcode and entity in the * cache. */ - protected function getCache(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function getCache(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { $uid = $account ? $account->id() : 0; $uuid = $entity->uuid(); @@ -122,13 +120,13 @@ protected function getCache(EntityInterface $entity, $operation, $langcode, User * 'delete'. * @param string $langcode * The language code for which to check access. - * @param \Drupal\user\UserInterface $account + * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. * * @return bool * TRUE if access was granted, FALSE otherwise. */ - protected function setCache($access, EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function setCache($access, EntityInterface $entity, $operation, $langcode, AccountInterface $account) { $uid = $account ? $account->id() : 0; $uuid = $entity->uuid(); diff --git a/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php b/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php index 9f1ab5a..f7b4348 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php @@ -8,8 +8,7 @@ namespace Drupal\Core\Entity; use Drupal\Core\Language\Language; -// @todo Don't depend on module level code. -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Defines a common interface for entity access controller classes. @@ -27,14 +26,14 @@ * @param string $langcode * (optional) The language code for which to check access. Defaults to * Language::LANGCODE_DEFAULT. - * @param \Drupal\user\UserInterface $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. + * @param \Drupal\Core\Session\AccountInterface $account + * (optional) The user session for which to check access, or NULL to check + * access for the current user. Defaults to NULL. * * @return bool * TRUE if access was granted, FALSE otherwise. */ - public function access(EntityInterface $entity, $operation, $langcode = Language::LANGUAGE_DEFAULT, UserInterface $account = NULL); + public function access(EntityInterface $entity, $operation, $langcode = Language::LANGCODE_DEFAULT, AccountInterface $account = NULL); /** * Clears all cached access checks. diff --git a/core/lib/Drupal/Core/Entity/EntityBCDecorator.php b/core/lib/Drupal/Core/Entity/EntityBCDecorator.php index b27dae6..9c8205d 100644 --- a/core/lib/Drupal/Core/Entity/EntityBCDecorator.php +++ b/core/lib/Drupal/Core/Entity/EntityBCDecorator.php @@ -11,7 +11,7 @@ use IteratorAggregate; use Drupal\Core\Entity\EntityInterface; use Drupal\Core\TypedData\TypedDataInterface; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Provides backwards compatible (BC) access to entity fields. @@ -214,7 +214,7 @@ function __clone() { /** * Forwards the call to the decorated entity. */ - public function access($operation = 'view', UserInterface $account = NULL) { + public function access($operation = 'view', AccountInterface $account = NULL) { return $this->decorated->access($operation, $account); } diff --git a/core/lib/Drupal/Core/Entity/Field/Type/EntityTranslation.php b/core/lib/Drupal/Core/Entity/Field/Type/EntityTranslation.php index 2cc58f4..859fa9a 100644 --- a/core/lib/Drupal/Core/Entity/Field/Type/EntityTranslation.php +++ b/core/lib/Drupal/Core/Entity/Field/Type/EntityTranslation.php @@ -7,10 +7,10 @@ namespace Drupal\Core\Entity\Field\Type; +use Drupal\Core\Session\AccountInterface; use Drupal\Core\TypedData\AccessibleInterface; use Drupal\Core\TypedData\ComplexDataInterface; use Drupal\Core\TypedData\TypedData; -use Drupal\user\UserInterface; use ArrayIterator; use Drupal\Core\TypedData\TypedDataInterface; use IteratorAggregate; @@ -211,7 +211,7 @@ public function onChange($property_name) { /** * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ - public function access($operation = 'view', UserInterface $account = NULL) { + public function access($operation = 'view', AccountInterface $account = NULL) { // Determine the language code of this translation by cutting of the // leading "@" from the property name to get the langcode. // @todo Add a way to set and get the langcode so that's more obvious what diff --git a/core/lib/Drupal/Core/Entity/Field/Type/Field.php b/core/lib/Drupal/Core/Entity/Field/Type/Field.php index c211c53..af45ada 100644 --- a/core/lib/Drupal/Core/Entity/Field/Type/Field.php +++ b/core/lib/Drupal/Core/Entity/Field/Type/Field.php @@ -8,7 +8,7 @@ namespace Drupal\Core\Entity\Field\Type; use Drupal\Core\Entity\Field\FieldInterface; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; use Drupal\Core\TypedData\TypedDataInterface; use Drupal\Core\TypedData\ItemList; @@ -145,7 +145,7 @@ public function __unset($property_name) { /** * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ - public function access($operation = 'view', UserInterface $account = NULL) { + public function access($operation = 'view', AccountInterface $account = NULL) { global $user; if (!isset($account) && $user->uid) { $account = user_load($user->uid); @@ -190,7 +190,7 @@ public function access($operation = 'view', UserInterface $account = NULL) { * @return bool * TRUE if access to this field is allowed per default, FALSE otherwise. */ - public function defaultAccess($operation = 'view', UserInterface $account = NULL) { + public function defaultAccess($operation = 'view', AccountInterface $account = NULL) { // Grant access per default. return TRUE; } diff --git a/core/lib/Drupal/Core/Session/AccountInterface.php b/core/lib/Drupal/Core/Session/AccountInterface.php new file mode 100644 index 0000000..1dbc13c --- /dev/null +++ b/core/lib/Drupal/Core/Session/AccountInterface.php @@ -0,0 +1,58 @@ + $value) { + $this->$key = $value; + } + } + + /** + * {@inheritdoc} + */ + public function id() { + return $this->uid; + } + + /** + * {@inheritdoc} + */ + public function getRoles() { + return $this->roles; + } + + /** + * {@inheritdoc} + */ + public function getSecureSessionId() { + return $this->ssid; + } + + /** + * {@inheritdoc} + */ + public function getSessionData() { + return $this->session; + } + + /** + * {@inheritdoc} + */ + public function getSessionId() { + return $this->sid; + } + +} diff --git a/core/lib/Drupal/Core/TypedData/AccessibleInterface.php b/core/lib/Drupal/Core/TypedData/AccessibleInterface.php index a268573..2676006 100644 --- a/core/lib/Drupal/Core/TypedData/AccessibleInterface.php +++ b/core/lib/Drupal/Core/TypedData/AccessibleInterface.php @@ -7,7 +7,7 @@ namespace Drupal\Core\TypedData; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Interface for checking access. @@ -24,7 +24,7 @@ * - update * - delete * Defaults to 'view'. - * @param \Drupal\user\UserInterface $account + * @param Drupal\Core\Session\AccountInterface $account * (optional) The user for which to check access, or NULL to check access * for the current user. Defaults to NULL. * @@ -34,6 +34,6 @@ * * @todo Don't depend on module level code. */ - public function access($operation = 'view', UserInterface $account = NULL); + public function access($operation = 'view', AccountInterface $account = NULL); } diff --git a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php index c8cc35a..8ac282a 100644 --- a/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php +++ b/core/modules/block/custom_block/lib/Drupal/custom_block/CustomBlockAccessController.php @@ -8,8 +8,8 @@ namespace Drupal\custom_block; use Drupal\Core\Entity\EntityInterface; -use Drupal\user\UserInterface; use Drupal\Core\Entity\EntityAccessController; +use Drupal\Core\Session\AccountInterface; /** * Defines the access controller for the custom block entity type. @@ -19,7 +19,7 @@ class CustomBlockAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation === 'view') { return TRUE; } diff --git a/core/modules/block/lib/Drupal/block/BlockAccessController.php b/core/modules/block/lib/Drupal/block/BlockAccessController.php index ec6b417..6df97d7 100644 --- a/core/modules/block/lib/Drupal/block/BlockAccessController.php +++ b/core/modules/block/lib/Drupal/block/BlockAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Provides a Block access controller. @@ -19,7 +19,7 @@ class BlockAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { // Currently, only view access is implemented. if ($operation != 'view') { return FALSE; diff --git a/core/modules/comment/lib/Drupal/comment/CommentAccessController.php b/core/modules/comment/lib/Drupal/comment/CommentAccessController.php index 1b06b07..4749428 100644 --- a/core/modules/comment/lib/Drupal/comment/CommentAccessController.php +++ b/core/modules/comment/lib/Drupal/comment/CommentAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Access controller for the comment entity. @@ -21,7 +21,7 @@ class CommentAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'view': return user_access('access comments', $account); diff --git a/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php b/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php index 9009337..ca6ca90 100644 --- a/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php +++ b/core/modules/contact/lib/Drupal/contact/CategoryAccessController.php @@ -9,8 +9,7 @@ use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; -use Drupal\user\UserInterface; - +use Drupal\Core\Session\AccountInterface; /** * Defines an access controller for the contact category entity. * @@ -21,7 +20,7 @@ class CategoryAccessController extends EntityAccessController { /** * {@inheritdoc} */ - public function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + public function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation == 'delete' || $operation == 'update') { // Do not allow delete 'personal' category used for personal contact form. return user_access('administer contact forms', $account) && $entity->id() !== 'personal'; diff --git a/core/modules/node/lib/Drupal/node/NodeAccessController.php b/core/modules/node/lib/Drupal/node/NodeAccessController.php index 7e4f601..fa3462f 100644 --- a/core/modules/node/lib/Drupal/node/NodeAccessController.php +++ b/core/modules/node/lib/Drupal/node/NodeAccessController.php @@ -8,10 +8,10 @@ namespace Drupal\node; use Drupal\Core\Language\Language; -use Drupal\user\UserInterface; use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Entity\EntityNG; +use Drupal\Core\Session\AccountInterface; /** * Defines the access controller for the node entity type. @@ -21,7 +21,7 @@ class NodeAccessController extends EntityAccessController { /** * {@inheritdoc} */ - public function access(EntityInterface $entity, $operation, $langcode = Language::LANGUAGE_DEFAULT, UserInterface $account = NULL) { + public function access(EntityInterface $entity, $operation, $langcode = Language::LANGCODE_DEFAULT, AccountInterface $account = NULL) { if (user_access('bypass node access', $account)) { return TRUE; } @@ -34,7 +34,7 @@ public function access(EntityInterface $entity, $operation, $langcode = Language /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $node, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $node, $operation, $langcode, AccountInterface $account) { // Fetch information from the node object if possible. $status = isset($node->status) ? $node->status : NULL; $uid = isset($node->uid) ? $node->uid : NULL; @@ -75,7 +75,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Use * 'delete'. * @param string $langcode * The language code for which to check access. - * @param \Drupal\user\UserInterface $account + * @param \Drupal\Core\Session\AccountInterface $account * The user for which to check access. * * @return bool|null @@ -83,7 +83,7 @@ protected function checkAccess(EntityInterface $node, $operation, $langcode, Use * module implements hook_node_grants(), the node does not (yet) have an id * or none of the implementing modules explicitly granted or denied access. */ - protected function accessGrants(EntityInterface $node, $operation, $langcode, UserInterface $account) { + protected function accessGrants(EntityInterface $node, $operation, $langcode, AccountInterface $account) { // If no module implements the hook or the node does not have an id there is // no point in querying the database for access grants. if (!module_implements('node_grants') || !$node->id()) { diff --git a/core/modules/node/lib/Drupal/node/Tests/NodeTestBase.php b/core/modules/node/lib/Drupal/node/Tests/NodeTestBase.php index 02a16da..93eb3dd 100644 --- a/core/modules/node/lib/Drupal/node/Tests/NodeTestBase.php +++ b/core/modules/node/lib/Drupal/node/Tests/NodeTestBase.php @@ -7,6 +7,7 @@ namespace Drupal\node\Tests; +use Drupal\Core\Session\AccountInterface; use Drupal\simpletest\WebTestBase; /** @@ -41,13 +42,13 @@ function setUp() { * operation should be granted. * @param \Drupal\node\Plugin\Core\Entity\Node $node * The node object to check. - * @param \Drupal\user\UserInterface $account + * @param \Drupal\Core\Session\AccountInterface $account * The user account for which to check access. * @param string|null $langcode * (optional) The language code indicating which translation of the node * to check. If NULL, the untranslated (fallback) access is checked. */ - function assertNodeAccess(array $ops, $node, $account, $langcode = NULL) { + function assertNodeAccess(array $ops, $node, AccountInterface $account, $langcode = NULL) { foreach ($ops as $op => $result) { $msg = format_string( 'node_access() returns @result with operation %op, language code %langcode.', diff --git a/core/modules/overlay/overlay.module b/core/modules/overlay/overlay.module index 14c6c21..cd56410 100644 --- a/core/modules/overlay/overlay.module +++ b/core/modules/overlay/overlay.module @@ -8,7 +8,7 @@ use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Drupal\block\Plugin\Core\Entity\Block; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Implements hook_help(). @@ -402,7 +402,7 @@ function theme_overlay_disable_message($variables) { /** * Implements hook_block_access(). */ -function overlay_block_access(Block $block, $operation, UserInterface $account, $langcode) { +function overlay_block_access(Block $block, $operation, AccountInterface $account, $langcode) { // If we are limiting rendering to a subset of page regions, hide all blocks // which appear in regions not on that list. Note that overlay_page_alter() // does a more comprehensive job of preventing unwanted regions from being diff --git a/core/modules/shortcut/lib/Drupal/shortcut/ShortcutAccessController.php b/core/modules/shortcut/lib/Drupal/shortcut/ShortcutAccessController.php index b42fe65..d5a143d 100644 --- a/core/modules/shortcut/lib/Drupal/shortcut/ShortcutAccessController.php +++ b/core/modules/shortcut/lib/Drupal/shortcut/ShortcutAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Entity\EntityAccessController; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Defines the access controller for the shortcut entity type. @@ -19,7 +19,7 @@ class ShortcutAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'edit': if (user_access('administer shortcuts', $account)) { @@ -38,4 +38,5 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, U break; } } + } diff --git a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php index c1c7ea8..9733be6 100644 --- a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php +++ b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php @@ -8,8 +8,8 @@ namespace Drupal\system\Tests\Entity; use Drupal\Core\Language\Language; +use Drupal\Core\Session\AccountInterface; use Drupal\Core\TypedData\AccessibleInterface; -use Drupal\user\UserInterface; use Drupal\Core\Entity\EntityAccessController; /** @@ -45,7 +45,7 @@ function setUp() { /** * Asserts entity access correctly grants or denies access. */ - function assertEntityAccess($ops, AccessibleInterface $object, UserInterface $account = NULL) { + function assertEntityAccess($ops, AccessibleInterface $object, AccountInterface $account = NULL) { foreach ($ops as $op => $result) { $message = format_string("Entity access returns @result with operation '@op'.", array( '@result' => !isset($result) ? 'null' : ($result ? 'true' : 'false'), diff --git a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php index dd60560..c2b5594 100644 --- a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php +++ b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php @@ -10,7 +10,7 @@ use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Language\Language; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Defines the access controller for the test entity type. @@ -20,7 +20,7 @@ class EntityTestAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { if ($operation === 'view') { if ($langcode != Language::LANGCODE_DEFAULT) { return user_access('view test entity translations', $account); diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php index 0d6dbd0..d562e84 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Defines an access controller for the taxonomy term entity. @@ -21,7 +21,7 @@ class TermAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'view': return user_access('access content', $account); diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php index 8f6e54f..0750593 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Defines an access controller for the vocabulary entity. @@ -21,7 +21,7 @@ class VocabularyAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { return user_access('administer taxonomy', $account); } diff --git a/core/modules/translation_entity/translation_entity.module b/core/modules/translation_entity/translation_entity.module index 5800198..e7077ab 100644 --- a/core/modules/translation_entity/translation_entity.module +++ b/core/modules/translation_entity/translation_entity.module @@ -6,6 +6,7 @@ */ use Drupal\Core\Language\Language; +use Drupal\Core\Session\AccountInterface; use Drupal\Core\Entity\EntityFormControllerInterface; use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Entity\EntityNG; @@ -289,11 +290,11 @@ function translation_entity_translate_access(EntityInterface $entity) { * The entity whose translation overview should be displayed. * @param $langcode * The language code of the translation to be displayed. - * @param \Drupal\user\UserInterface $account + * @param \Drupal\Core\Session\AccountInterface $account * (optional) The account for which view access should be checked. Defaults to * the current user. */ -function translation_entity_view_access(EntityInterface $entity, $langcode, $account = NULL) { +function translation_entity_view_access(EntityInterface $entity, $langcode, AccountInterface $account = NULL) { $entity_type = $entity->entityType(); return !empty($entity->translation[$langcode]['status']) || user_access('translate any entity', $account) || user_access("translate $entity_type entities", $account); } diff --git a/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php b/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php index 6c95606..019eb6f 100644 --- a/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php +++ b/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php @@ -236,4 +236,36 @@ public function getBCEntity() { return $this->bcEntity; } + /** + * {@inheritdoc} + */ + public function getRoles() { + $roles = array(); + foreach ($this->get('roles') as $role) { + $roles[] = $role->value; + } + return $roles; + } + + /** + * {@inheritdoc} + */ + public function getSecureSessionId() { + return NULL; + } + + /** + * {@inheritdoc} + */ + public function getSessionData() { + return array(); + } + + /** + * {@inheritdoc} + */ + public function getSessionId() { + return NULL; + } + } diff --git a/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php b/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php index 3ce4592..0f4a387 100644 --- a/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php +++ b/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php @@ -8,6 +8,7 @@ namespace Drupal\user\Plugin\views\access; use Drupal\Component\Annotation\Plugin; +use Drupal\Core\Session\AccountInterface; use Drupal\views\Plugin\views\access\AccessPluginBase; use Drupal\Core\Annotation\Translation; use Symfony\Component\Routing\Route; @@ -30,7 +31,10 @@ class Permission extends AccessPluginBase { */ protected $usesOptions = TRUE; - public function access($account) { + /** + * {@inheritdoc} + */ + public function access(AccountInterface $account) { return user_access($this->options['perm'], $account) || user_access('access all views', $account); } diff --git a/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php b/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php index 23ece46..8b10a21 100644 --- a/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php +++ b/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php @@ -11,6 +11,7 @@ use Drupal\views\Plugin\views\access\AccessPluginBase; use Drupal\Core\Annotation\Translation; use Symfony\Component\Routing\Route; +use Drupal\Core\Session\AccountInterface; /** * Access plugin that provides role-based access control. @@ -33,7 +34,7 @@ class Role extends AccessPluginBase { /** * {@inheritdoc} */ - public function access($account) { + public function access(AccountInterface $account) { return user_access('access all views', $account) || array_intersect(array_filter($this->options['role']), $account->roles); } diff --git a/core/modules/user/lib/Drupal/user/RoleAccessController.php b/core/modules/user/lib/Drupal/user/RoleAccessController.php index 64973df..13afa61 100644 --- a/core/modules/user/lib/Drupal/user/RoleAccessController.php +++ b/core/modules/user/lib/Drupal/user/RoleAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; -use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Session\AccountInterface; /** * Defines the access controller for the user_role entity type. @@ -19,7 +19,7 @@ class RoleAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'delete': if ($entity->id() == DRUPAL_ANONYMOUS_RID || $entity->id() == DRUPAL_AUTHENTICATED_RID) { diff --git a/core/modules/user/lib/Drupal/user/Tests/UserEntityCallbacksTest.php b/core/modules/user/lib/Drupal/user/Tests/UserEntityCallbacksTest.php index a4bfd52..13f6489 100644 --- a/core/modules/user/lib/Drupal/user/Tests/UserEntityCallbacksTest.php +++ b/core/modules/user/lib/Drupal/user/Tests/UserEntityCallbacksTest.php @@ -33,7 +33,7 @@ function setUp() { parent::setUp(); $this->account = $this->drupalCreateUser(); - $this->anonymous = entity_create('user', (array) drupal_anonymous_user()); + $this->anonymous = entity_create('user', array('uid' => 0)); } /** diff --git a/core/modules/user/lib/Drupal/user/UserAccessController.php b/core/modules/user/lib/Drupal/user/UserAccessController.php index 2651933..fd46efa 100644 --- a/core/modules/user/lib/Drupal/user/UserAccessController.php +++ b/core/modules/user/lib/Drupal/user/UserAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Entity\EntityAccessController; -use Drupal\user\UserInterface; +use Drupal\Core\Session\AccountInterface; /** * Defines the access controller for the user entity type. @@ -19,7 +19,7 @@ class UserAccessController extends EntityAccessController { /** * {@inheritdoc} */ - protected function checkAccess(EntityInterface $entity, $operation, $langcode, UserInterface $account) { + protected function checkAccess(EntityInterface $entity, $operation, $langcode, AccountInterface $account) { switch ($operation) { case 'view': return $this->viewAccess($entity, $langcode, $account); @@ -32,14 +32,14 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, U case 'update': // Users can always edit their own account. Users with the 'administer // users' permission can edit any account except the anonymous account. - return (($account->uid == $entity->id()) || user_access('administer users', $account)) && $entity->id() > 0; + return (($account->id() == $entity->id()) || user_access('administer users', $account)) && $entity->id() > 0; break; case 'delete': // Users with 'cancel account' permission can cancel their own account, // users with 'administer users' permission can cancel any account // except the anonymous account. - return ((($account->uid == $entity->id()) && user_access('cancel account', $account)) || user_access('administer users', $account)) && $entity->id() > 0; + return ((($account->id() == $entity->id()) && user_access('cancel account', $account)) || user_access('administer users', $account)) && $entity->id() > 0; break; } } @@ -49,11 +49,11 @@ protected function checkAccess(EntityInterface $entity, $operation, $langcode, U * * See EntityAccessControllerInterface::view() for parameters. */ - protected function viewAccess(EntityInterface $entity, $langcode, UserInterface $account) { + protected function viewAccess(EntityInterface $entity, $langcode, AccountInterface $account) { // Never allow access to view the anonymous user account. if ($entity->id()) { // Admins can view all, users can view own profiles at all times. - if ($account->uid == $entity->id() || user_access('administer users', $account)) { + if ($account->id() == $entity->id() || user_access('administer users', $account)) { return TRUE; } elseif (user_access('access user profiles', $account)) { diff --git a/core/modules/user/lib/Drupal/user/UserBCDecorator.php b/core/modules/user/lib/Drupal/user/UserBCDecorator.php index 586bc0a..b65e9b2 100644 --- a/core/modules/user/lib/Drupal/user/UserBCDecorator.php +++ b/core/modules/user/lib/Drupal/user/UserBCDecorator.php @@ -21,12 +21,37 @@ public function &__get($name) { // Special handling for roles, as the return value is expected to be an // array. if ($name == 'roles') { - $roles = array(); - foreach ($this->getNGEntity()->roles as $role) { - $roles[] = $role->value; - } + $roles = $this->decorated->getRoles(); return $roles; } return parent::__get($name); } + + /** + * {@inheritdoc} + */ + public function getRoles() { + return $this->decorated->getRoles(); + } + + /** + * {@inheritdoc} + */ + public function getSecureSessionId() { + return $this->decorated->getSecureSessionId(); + } + + /** + * {@inheritdoc} + */ + public function getSessionData() { + return $this->decorated->getSecureSessionId(); + } + + /** + * {@inheritdoc} + */ + public function getSessionId() { + return $this->decorated->getSessionId(); + } } diff --git a/core/modules/user/lib/Drupal/user/UserInterface.php b/core/modules/user/lib/Drupal/user/UserInterface.php index 3a98dd5..925f366 100644 --- a/core/modules/user/lib/Drupal/user/UserInterface.php +++ b/core/modules/user/lib/Drupal/user/UserInterface.php @@ -8,10 +8,11 @@ namespace Drupal\user; use Drupal\Core\Entity\EntityInterface; +use Drupal\Core\Session\AccountInterface; /** * Provides an interface defining a user entity. */ -interface UserInterface extends EntityInterface { +interface UserInterface extends EntityInterface, AccountInterface { } diff --git a/core/modules/user/user.api.php b/core/modules/user/user.api.php index 3879b59..ae61b93 100644 --- a/core/modules/user/user.api.php +++ b/core/modules/user/user.api.php @@ -361,7 +361,7 @@ function hook_user_view(\Drupal\user\UserInterface $account, \Drupal\entity\Plug * @see user_view() * @see hook_entity_view_alter() */ -function hook_user_view_alter(&$build, \Drupal\user\Plugin\Core\Entity\User $account, \Drupal\entity\Plugin\Core\Entity\EntityDisplay $display) { +function hook_user_view_alter(&$build, \Drupal\user\UserInterface $account, \Drupal\entity\Plugin\Core\Entity\EntityDisplay $display) { // Check for the existence of a field added by another module. if (isset($build['an_additional_field'])) { // Change its weight. diff --git a/core/modules/user/user.module b/core/modules/user/user.module index 28083e0..1c7633d 100644 --- a/core/modules/user/user.module +++ b/core/modules/user/user.module @@ -3,6 +3,7 @@ use Drupal\Component\Utility\Crypt; use Drupal\Core\Database\Query\SelectInterface; use Drupal\Core\Entity\EntityInterface; +use Drupal\Core\Session\AccountInterface; use Drupal\comment\Plugin\Core\Entity\Comment; use Drupal\entity\Plugin\Core\Entity\EntityDisplay; use Drupal\file\Plugin\Core\Entity\File; @@ -454,7 +455,7 @@ function user_role_permissions($roles) { * * @param $string * The permission, such as "administer nodes", being checked for. - * @param $account + * @param \Drupal\Core\Session\AccountInterface $account * (optional) The account to check, if not given use currently logged in user. * * @return @@ -464,7 +465,7 @@ function user_role_permissions($roles) { * way, we guarantee consistent behavior, and ensure that the superuser * can perform all actions. */ -function user_access($string, $account = NULL) { +function user_access($string, AccountInterface $account = NULL) { global $user; if (!isset($account)) { @@ -488,7 +489,7 @@ function user_access($string, $account = NULL) { } $perm = &$drupal_static_fast['perm']; if (!isset($perm[$account->uid])) { - $role_permissions = user_role_permissions($account->roles); + $role_permissions = user_role_permissions($account->getRoles()); $perms = array(); foreach ($role_permissions as $one_role) { diff --git a/core/modules/views/lib/Drupal/views/Plugin/views/access/AccessPluginBase.php b/core/modules/views/lib/Drupal/views/Plugin/views/access/AccessPluginBase.php index d5713b4..5db54db 100644 --- a/core/modules/views/lib/Drupal/views/Plugin/views/access/AccessPluginBase.php +++ b/core/modules/views/lib/Drupal/views/Plugin/views/access/AccessPluginBase.php @@ -7,6 +7,7 @@ namespace Drupal\views\Plugin\views\access; +use Drupal\Core\Session\AccountInterface; use Drupal\views\Plugin\views\PluginBase; use Drupal\views\ViewExecutable; use Symfony\Component\Routing\Route; @@ -57,13 +58,13 @@ public function summaryTitle() { /** * Determine if the current user has access or not. * - * @param \Drupal\user\UserInterface $account + * @param \Drupal\Core\Session\AccountInterface $account * The user who wants to access this view. * * @return TRUE * Returns whether the user has access to the view. */ - abstract public function access($account); + abstract public function access(AccountInterface $account); /** * Allows access plugins to alter the route definition of a view. diff --git a/core/modules/views/lib/Drupal/views/Plugin/views/access/None.php b/core/modules/views/lib/Drupal/views/Plugin/views/access/None.php index 522c472..6df34c7 100644 --- a/core/modules/views/lib/Drupal/views/Plugin/views/access/None.php +++ b/core/modules/views/lib/Drupal/views/Plugin/views/access/None.php @@ -9,6 +9,7 @@ use Drupal\Core\Annotation\Translation; use Drupal\Component\Annotation\Plugin; +use Drupal\Core\Session\AccountInterface; use Symfony\Component\Routing\Route; @@ -32,7 +33,7 @@ public function summaryTitle() { /** * Implements Drupal\views\Plugin\views\access\AccessPluginBase::access(). */ - public function access($account) { + public function access(AccountInterface $account) { // No access control. return TRUE; } diff --git a/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/StaticTest.php b/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/StaticTest.php index fe62097..6328add 100644 --- a/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/StaticTest.php +++ b/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/StaticTest.php @@ -9,6 +9,7 @@ use Drupal\Component\Annotation\Plugin; use Drupal\Core\Annotation\Translation; +use Drupal\Core\Session\AccountInterface; use Drupal\views\Plugin\views\access\AccessPluginBase; use Symfony\Component\Routing\Route; @@ -30,7 +31,7 @@ protected function defineOptions() { return $options; } - public function access($account) { + public function access(AccountInterface $account) { return !empty($this->options['access']); } diff --git a/core/modules/views_ui/lib/Drupal/views_ui/ViewUI.php b/core/modules/views_ui/lib/Drupal/views_ui/ViewUI.php index abe1e45..cbaa672 100644 --- a/core/modules/views_ui/lib/Drupal/views_ui/ViewUI.php +++ b/core/modules/views_ui/lib/Drupal/views_ui/ViewUI.php @@ -11,10 +11,10 @@ use Drupal\views\ViewExecutable; use Drupal\Core\Database\Database; use Drupal\Core\TypedData\TypedDataInterface; +use Drupal\Core\Session\AccountInterface; use Drupal\views\Plugin\views\query\Sql; use Drupal\views\Plugin\Core\Entity\View; use Drupal\views\ViewStorageInterface; -use Drupal\user\UserInterface; /** * Stores UI related temporary settings. @@ -943,7 +943,7 @@ public function language() { /** * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ - public function access($operation = 'view', UserInterface $account = NULL) { + public function access($operation = 'view', AccountInterface $account = NULL) { return $this->storage->access($operation, $account); }