diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc index e1c15fe..9370a2a 100644 --- a/core/includes/bootstrap.inc +++ b/core/includes/bootstrap.inc @@ -15,7 +15,7 @@ use Drupal\Core\Language\Language; use Drupal\Core\Lock\DatabaseLockBackend; use Drupal\Core\Lock\LockBackendInterface; -use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Session\UserSession; /** * @file @@ -2044,8 +2044,8 @@ function drupal_hash_base64($data) { /** * Generates a default anonymous $user object. * - * @return Drupal\user\Plugin\Core\Entity\User - * The user object. + * @return \Drupal\Core\Session\UserSessionInterface + * The user session object. */ function drupal_anonymous_user() { $values = array( @@ -2055,7 +2055,7 @@ function drupal_anonymous_user() { DRUPAL_ANONYMOUS_RID => DRUPAL_ANONYMOUS_RID, ), ); - return new User($values, 'user'); + return new UserSession($values); } /** diff --git a/core/includes/session.inc b/core/includes/session.inc index 31e67a6..6df7581 100644 --- a/core/includes/session.inc +++ b/core/includes/session.inc @@ -16,6 +16,8 @@ * data should instead be accessed via the $_SESSION superglobal. */ +use Drupal\Core\Session\UserSession; + /** * Session handler assigned by session_set_save_handler(). * @@ -89,22 +91,26 @@ function _drupal_session_read($sid) { // a HTTPS session or we are about to log in so we check the sessions table // for an anonymous session with the non-HTTPS-only cookie. if ($is_https) { - $user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.ssid = :ssid", array(':ssid' => $sid))->fetchObject(); - if (!$user) { + $values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.ssid = :ssid", array(':ssid' => $sid))->fetchAssoc(); + if (!$values) { if (isset($_COOKIE[$insecure_session_name])) { - $user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid AND s.uid = 0", array( + $values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid AND s.uid = 0", array( ':sid' => $_COOKIE[$insecure_session_name])) - ->fetchObject(); + ->fetchAssoc(); } } } else { - $user = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid", array(':sid' => $sid))->fetchObject(); + $values = db_query("SELECT u.*, s.* FROM {users} u INNER JOIN {sessions} s ON u.uid = s.uid WHERE s.sid = :sid", array(':sid' => $sid))->fetchAssoc(); + } + + if ($values) { + $user = new UserSession($values); } // We found the client's session record and they are an authenticated, // active user. - if ($user && $user->uid > 0 && $user->status == 1) { + if ($user && $user->id() > 0 && $user->status == 1) { // Add roles element to $user. $user->roles = array(); $user->roles[DRUPAL_AUTHENTICATED_RID] = DRUPAL_AUTHENTICATED_RID; diff --git a/core/lib/Drupal/Core/Entity/Entity.php b/core/lib/Drupal/Core/Entity/Entity.php index 785c81c..be7e424 100644 --- a/core/lib/Drupal/Core/Entity/Entity.php +++ b/core/lib/Drupal/Core/Entity/Entity.php @@ -9,6 +9,7 @@ use Drupal\Component\Uuid\Uuid; use Drupal\Core\Language\Language; +use Drupal\Core\Session\UserSessionInterface; use Drupal\Core\TypedData\ContextAwareInterface; use IteratorAggregate; @@ -256,7 +257,7 @@ public function getIterator() { /** * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ - public function access($operation = 'view', \Drupal\user\Plugin\Core\Entity\User $account = NULL) { + public function access($operation = 'view', UserSessionInterface $account = NULL) { $method = $operation . 'Access'; return drupal_container()->get('plugin.manager.entity') ->getAccessController($this->entityType) diff --git a/core/lib/Drupal/Core/Entity/EntityAccessController.php b/core/lib/Drupal/Core/Entity/EntityAccessController.php index 423281f..0f9acc6 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessController.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessController.php @@ -7,7 +7,7 @@ namespace Drupal\Core\Entity; -use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Session\UserSessionInterface; /** * Defines a default implementation for entity access controllers. @@ -24,7 +24,7 @@ class EntityAccessController implements EntityAccessControllerInterface { /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { if (($access = $this->getCache($entity, 'view', $langcode, $account)) !== NULL) { return $access; } @@ -36,7 +36,7 @@ public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { if (($access = $this->getCache($entity, 'create', $langcode, $account)) !== NULL) { return $access; } @@ -48,7 +48,7 @@ public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAU /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { if (($access = $this->getCache($entity, 'update', $langcode, $account)) !== NULL) { return $access; } @@ -60,7 +60,7 @@ public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAU /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { if (($access = $this->getCache($entity, 'delete', $langcode, $account)) !== NULL) { return $access; } @@ -80,15 +80,15 @@ public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAU * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. + * @param \Drupal\Core\Session\UserSessionInterface $account + * (optional) The user session for which to check access, or NULL to check + * access for the current user. Defaults to NULL. * * @return bool|null * TRUE if access was granted, FALSE if access was denied and NULL if access * could not be determined. */ - protected function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + protected function access(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { // @todo Remove this once we can rely on $account. if (!$account) { $account = user_load($GLOBALS['user']->uid); @@ -117,7 +117,7 @@ protected function access(EntityInterface $entity, $operation, $langcode = LANGU * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account + * @param \Drupal\Core\Session\UserSessionInterface $account * (optional) The user for which to check access, or NULL to check access * for the current user. Defaults to NULL. * @@ -126,7 +126,7 @@ protected function access(EntityInterface $entity, $operation, $langcode = LANGU * is no record for the given user, operation, langcode and entity in the * cache. */ - protected function getCache(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + protected function getCache(EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { // @todo Remove this once we can rely on $account. if (!$account) { $account = user_load($GLOBALS['user']->uid); @@ -152,14 +152,14 @@ protected function getCache(EntityInterface $entity, $operation, $langcode = LAN * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account + * @param \Drupal\Core\Session\UserSessionInterface $account * (optional) The user for which to check access, or NULL to check access * for the current user. Defaults to NULL. * * @return bool * TRUE if access was granted, FALSE otherwise. */ - protected function setCache($access, EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + protected function setCache($access, EntityInterface $entity, $operation, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { // @todo Remove this once we can rely on $account. if (!$account) { $account = user_load($GLOBALS['user']->uid); diff --git a/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php b/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php index 66730f6..11da8c9 100644 --- a/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php +++ b/core/lib/Drupal/Core/Entity/EntityAccessControllerInterface.php @@ -7,8 +7,7 @@ namespace Drupal\Core\Entity; -// @todo Don't depend on module level code. -use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Session\UserSessionInterface; /** * Defines a common interface for entity access controller classes. @@ -23,14 +22,14 @@ * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. + * @param \Drupal\Core\Session\UserSessionInterface $account + * (optional) The user session for which to check access, or NULL to check + * access for the current user. Defaults to NULL. * * @return bool * TRUE if access was granted, FALSE otherwise. */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); + public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL); /** * Checks 'create' access for a given entity or entity translation. @@ -40,14 +39,14 @@ public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. + * @param \Drupal\Core\Session\UserSessionInterface $account + * (optional) The user session for which to check access, or NULL to check + * access for the current user. Defaults to NULL. * * @return bool * TRUE if access was granted, FALSE otherwise. */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); + public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL); /** * Checks 'update' access for a given entity or entity translation. @@ -57,14 +56,14 @@ public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAU * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. + * @param \Drupal\Core\Session\UserSessionInterface $account + * (optional) The user session for which to check access, or NULL to check + * access for the current user. Defaults to NULL. * * @return bool * TRUE if access was granted, FALSE otherwise. */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); + public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL); /** * Checks 'delete' access for a given entity or entity translation. @@ -74,14 +73,14 @@ public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAU * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. + * @param \Drupal\Core\Session\UserSessionInterface $account + * (optional) The user session for which to check access, or NULL to check + * access for the current user. Defaults to NULL. * * @return bool * TRUE if access was granted, FALSE otherwise. */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL); + public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL); /** * Clears all cached access checks. diff --git a/core/lib/Drupal/Core/Entity/EntityBCDecorator.php b/core/lib/Drupal/Core/Entity/EntityBCDecorator.php index 08be87c..bf7b566 100644 --- a/core/lib/Drupal/Core/Entity/EntityBCDecorator.php +++ b/core/lib/Drupal/Core/Entity/EntityBCDecorator.php @@ -9,6 +9,7 @@ use IteratorAggregate; use Drupal\Core\Entity\EntityInterface; +use Drupal\Core\Session\UserSessionInterface; use Drupal\Core\TypedData\ContextAwareInterface; /** @@ -211,7 +212,7 @@ function __clone() { /** * Forwards the call to the decorated entity. */ - public function access($operation = 'view', \Drupal\user\Plugin\Core\Entity\User $account = NULL) { + public function access($operation = 'view', UserSessionInterface $account = NULL) { return $this->decorated->access($operation, $account); } diff --git a/core/lib/Drupal/Core/Entity/Field/Type/EntityTranslation.php b/core/lib/Drupal/Core/Entity/Field/Type/EntityTranslation.php index 97a5627..f7fc89b 100644 --- a/core/lib/Drupal/Core/Entity/Field/Type/EntityTranslation.php +++ b/core/lib/Drupal/Core/Entity/Field/Type/EntityTranslation.php @@ -7,6 +7,7 @@ namespace Drupal\Core\Entity\Field\Type; +use Drupal\Core\Session\UserSessionInterface; use Drupal\Core\TypedData\AccessibleInterface; use Drupal\Core\TypedData\ComplexDataInterface; use Drupal\Core\TypedData\ContextAwareTypedData; @@ -195,7 +196,7 @@ public function isEmpty() { /** * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ - public function access($operation = 'view', \Drupal\user\Plugin\Core\Entity\User $account = NULL) { + public function access($operation = 'view', UserSessionInterface $account = NULL) { $method = $operation . 'Access'; // Determine the language code of this translation by cutting of the // leading "@" from the property name to get the langcode. diff --git a/core/lib/Drupal/Core/Entity/Field/Type/Field.php b/core/lib/Drupal/Core/Entity/Field/Type/Field.php index 305fc1f..8ce7a5d 100644 --- a/core/lib/Drupal/Core/Entity/Field/Type/Field.php +++ b/core/lib/Drupal/Core/Entity/Field/Type/Field.php @@ -8,7 +8,7 @@ namespace Drupal\Core\Entity\Field\Type; use Drupal\Core\Entity\Field\FieldInterface; -use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Session\UserSessionInterface; use Drupal\Core\TypedData\ContextAwareInterface; use Drupal\Core\TypedData\ItemList; @@ -148,7 +148,7 @@ public function __unset($property_name) { /** * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ - public function access($operation = 'view', User $account = NULL) { + public function access($operation = 'view', UserSessionInterface $account = NULL) { global $user; if (!isset($account) && $user->uid) { $account = user_load($user->uid); @@ -193,7 +193,7 @@ public function access($operation = 'view', User $account = NULL) { * @return bool * TRUE if access to this field is allowed per default, FALSE otherwise. */ - public function defaultAccess($operation = 'view', User $account = NULL) { + public function defaultAccess($operation = 'view', UserSessionInterface $account = NULL) { // Grant access per default. return TRUE; } diff --git a/core/lib/Drupal/Core/Session/UserSession.php b/core/lib/Drupal/Core/Session/UserSession.php new file mode 100644 index 0000000..3ed8247 --- /dev/null +++ b/core/lib/Drupal/Core/Session/UserSession.php @@ -0,0 +1,115 @@ + $value) { + $this->$key = $value; + } + } + + /** + * Implements \Drupal\Core\Session\UserSessionInterface::id(). + */ + public function id() { + return $this->uid; + } + + /** + * Implements \Drupal\Core\Session\UserSessionInterface::getRoles(). + */ + public function getRoles() { + return $this->roles; + } + + /** + * Implements \Drupal\Core\Session\UserSessionInterface::getSecureSessionId(). + */ + public function getSecureSessionId() { + return $this->ssid; + } + + /** + * Implements \Drupal\Core\Session\UserSessionInterface::getSessionData(). + */ + public function getSessionData() { + return $this->session; + } + + /** + * Implements \Drupal\Core\Session\UserSessionInterface::getSessionId(). + */ + public function getSessionId() { + return $this->sid; + } + +} \ No newline at end of file diff --git a/core/lib/Drupal/Core/Session/UserSessionInterface.php b/core/lib/Drupal/Core/Session/UserSessionInterface.php new file mode 100644 index 0000000..2e7cac7 --- /dev/null +++ b/core/lib/Drupal/Core/Session/UserSessionInterface.php @@ -0,0 +1,56 @@ +getPlugin()->access(); } diff --git a/core/modules/node/lib/Drupal/node/NodeAccessController.php b/core/modules/node/lib/Drupal/node/NodeAccessController.php index 815c2ab..06f8438 100644 --- a/core/modules/node/lib/Drupal/node/NodeAccessController.php +++ b/core/modules/node/lib/Drupal/node/NodeAccessController.php @@ -7,10 +7,10 @@ namespace Drupal\node; -use Drupal\user\Plugin\Core\Entity\User; use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Entity\EntityNG; +use Drupal\Core\Session\UserSessionInterface; /** * Defines the access controller for the node entity type. @@ -20,7 +20,7 @@ class NodeAccessController extends EntityAccessController { /** * Overrides \Drupal\Core\Entity\EntityAccessController::viewAccess(). */ - public function viewAccess(EntityInterface $node, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function viewAccess(EntityInterface $node, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { if (($cached = $this->getCache($node, 'view', $langcode, $account)) !== NULL ) { return $cached; } @@ -38,7 +38,7 @@ public function viewAccess(EntityInterface $node, $langcode = LANGUAGE_DEFAULT, /** * Overrides \Drupal\Core\Entity\EntityAccessController::access(). */ - protected function access(EntityInterface $node, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + protected function access(EntityInterface $node, $operation, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { if (user_access('bypass node access', $account)) { return TRUE; } @@ -90,16 +90,16 @@ protected function access(EntityInterface $node, $operation, $langcode = LANGUAG * @param string $langcode * (optional) The language code for which to check access. Defaults to * LANGUAGE_DEFAULT. - * @param \Drupal\user\Plugin\Core\Entity\User $account - * (optional) The user for which to check access, or NULL to check access - * for the current user. Defaults to NULL. + * @param \Drupal\Core\Session\UserSessionInterface $account + * (optional) The user session for which to check access, or NULL to check + * access for the current user. Defaults to NULL. * * @return bool|null * TRUE if access was granted, FALSE if access was denied or NULL if no * module implements hook_node_grants(), the node does not (yet) have an id * or none of the implementing modules explicitly granted or denied access. */ - protected function accessGrants(EntityInterface $node, $operation, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + protected function accessGrants(EntityInterface $node, $operation, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { // If no module implements the hook or the node does not have an id there is // no point in querying the database for access grants. if (!module_implements('node_grants') || !$node->id()) { diff --git a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php index 0642032..ab7fa33 100644 --- a/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php +++ b/core/modules/system/lib/Drupal/system/Tests/Entity/EntityAccessTest.php @@ -8,8 +8,8 @@ namespace Drupal\system\Tests\Entity; use Drupal\Core\Language\Language; +use Drupal\Core\Session\UserSessionInterface; use Drupal\Core\TypedData\AccessibleInterface; -use Drupal\user\Plugin\Core\Entity\User; use Drupal\Core\Entity\EntityAccessController; /** @@ -45,7 +45,7 @@ function setUp() { /** * Asserts entity access correctly grants or denies access. */ - function assertEntityAccess($ops, AccessibleInterface $object, User $account = NULL) { + function assertEntityAccess($ops, AccessibleInterface $object, UserSessionInterface $account = NULL) { foreach ($ops as $op => $result) { $message = format_string("Entity access returns @result with operation '@op'.", array( '@result' => !isset($result) ? 'null' : ($result ? 'true' : 'false'), diff --git a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php index b9e9361..9083d09 100644 --- a/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php +++ b/core/modules/system/tests/modules/entity_test/lib/Drupal/entity_test/EntityTestAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Entity\EntityAccessController; -use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Session\UserSessionInterface; /** * Defines the access controller for the test entity type. @@ -19,7 +19,7 @@ class EntityTestAccessController extends EntityAccessController { /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { if ($langcode != LANGUAGE_DEFAULT) { return user_access('view test entity translations', $account); } @@ -29,21 +29,21 @@ public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('administer entity_test content', $account); } /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('administer entity_test content', $account); } /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('administer entity_test content', $account); } diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php index c45aa02..f5996ab 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/TermAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; -use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Session\UserSessionInterface; /** * Defines an access controller for the taxonomy term entity. @@ -21,28 +21,28 @@ class TermAccessController extends EntityAccessController { /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('access content', $account); } /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('administer taxonomy', $account); } /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access("update terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); } /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access("delete terms in {$entity->bundle()}", $account) || user_access('administer taxonomy', $account); } diff --git a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php index b1ec119..035d2b3 100644 --- a/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php +++ b/core/modules/taxonomy/lib/Drupal/taxonomy/VocabularyAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityAccessController; use Drupal\Core\Entity\EntityInterface; -use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Session\UserSessionInterface; /** * Defines an access controller for the vocabulary entity. @@ -21,28 +21,28 @@ class VocabularyAccessController extends EntityAccessController { /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::viewAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('administer taxonomy', $account); } /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::createAccess(). */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('administer taxonomy', $account); } /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::updateAccess(). */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('administer taxonomy', $account); } /** * Implements \Drupal\Core\Entity\EntityAccessControllerInterface::deleteAccess(). */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('administer taxonomy', $account); } diff --git a/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php b/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php index fb7cbbb..dc71a88 100644 --- a/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php +++ b/core/modules/user/lib/Drupal/user/Plugin/Core/Entity/User.php @@ -8,6 +8,7 @@ namespace Drupal\user\Plugin\Core\Entity; use Drupal\Core\Entity\Entity; +use Drupal\Core\Session\UserSessionInterface; use Drupal\Component\Annotation\Plugin; use Drupal\Core\Annotation\Translation; @@ -38,7 +39,7 @@ * } * ) */ -class User extends Entity { +class User extends Entity implements UserSessionInterface { /** * The user ID. @@ -174,4 +175,32 @@ class User extends Entity { public function id() { return $this->uid; } + + /** + * Implements \Drupal\Core\Session\UserSessionInterface::getRoles(). + */ + public function getRoles() { + return $this->roles; + } + + /** + * Implements \Drupal\Core\Session\UserSessionInterface::getSecureSessionId(). + */ + public function getSecureSessionId() { + return NULL; + } + + /** + * Implements \Drupal\Core\Session\UserSessionInterface::getSessionData(). + */ + public function getSessionData() { + return array(); + } + + /** + * Implements \Drupal\Core\Session\UserSessionInterface::getSessionId(). + */ + public function getSessionId() { + return NULL; + } } diff --git a/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php b/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php index 5b4004d..854dd50 100644 --- a/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php +++ b/core/modules/user/lib/Drupal/user/Plugin/views/access/Permission.php @@ -10,6 +10,7 @@ use Drupal\Component\Annotation\Plugin; use Drupal\views\Plugin\views\access\AccessPluginBase; use Drupal\Core\Annotation\Translation; +use Drupal\Core\Session\UserSessionInterface; /** * Access plugin that provides permission-based access control. @@ -29,7 +30,7 @@ class Permission extends AccessPluginBase { */ protected $usesOptions = TRUE; - public function access($account) { + public function access(UserSessionInterface $account) { return views_check_perm($this->options['perm'], $account); } diff --git a/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php b/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php index 6448df4..f9c17f7 100644 --- a/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php +++ b/core/modules/user/lib/Drupal/user/Plugin/views/access/Role.php @@ -10,6 +10,7 @@ use Drupal\Component\Annotation\Plugin; use Drupal\views\Plugin\views\access\AccessPluginBase; use Drupal\Core\Annotation\Translation; +use Drupal\Core\Session\UserSessionInterface; /** * Access plugin that provides role-based access control. @@ -29,7 +30,7 @@ class Role extends AccessPluginBase { */ protected $usesOptions = TRUE; - public function access($account) { + public function access(UserSessionInterface $account) { return views_check_roles(array_filter($this->options['role']), $account); } diff --git a/core/modules/user/lib/Drupal/user/Tests/UserEntityCallbacksTest.php b/core/modules/user/lib/Drupal/user/Tests/UserEntityCallbacksTest.php index 15894ad..13f6489 100644 --- a/core/modules/user/lib/Drupal/user/Tests/UserEntityCallbacksTest.php +++ b/core/modules/user/lib/Drupal/user/Tests/UserEntityCallbacksTest.php @@ -33,7 +33,7 @@ function setUp() { parent::setUp(); $this->account = $this->drupalCreateUser(); - $this->anonymous = drupal_anonymous_user(); + $this->anonymous = entity_create('user', array('uid' => 0)); } /** diff --git a/core/modules/user/lib/Drupal/user/UserAccessController.php b/core/modules/user/lib/Drupal/user/UserAccessController.php index 13b8c6b..43d3d96 100644 --- a/core/modules/user/lib/Drupal/user/UserAccessController.php +++ b/core/modules/user/lib/Drupal/user/UserAccessController.php @@ -9,7 +9,7 @@ use Drupal\Core\Entity\EntityInterface; use Drupal\Core\Entity\EntityAccessController; -use Drupal\user\Plugin\Core\Entity\User; +use Drupal\Core\Session\UserSessionInterface; /** * Defines the access controller for the user entity type. @@ -19,7 +19,7 @@ class UserAccessController extends EntityAccessController { /** * Implements EntityAccessControllerInterface::viewAccess(). */ - public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { $uid = $entity->uid; if (!$account) { $account = $GLOBALS['user']; @@ -42,14 +42,14 @@ public function viewAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT /** * Implements EntityAccessControllerInterface::createAccess(). */ - public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function createAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { return user_access('administer users', $account); } /** * Implements EntityAccessControllerInterface::updateAccess(). */ - public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { if (!$account) { $account = $GLOBALS['user']; } @@ -61,7 +61,7 @@ public function updateAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAU /** * Implements EntityAccessControllerInterface::deleteAccess(). */ - public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, User $account = NULL) { + public function deleteAccess(EntityInterface $entity, $langcode = LANGUAGE_DEFAULT, UserSessionInterface $account = NULL) { if (!$account) { $account = $GLOBALS['user']; } diff --git a/core/modules/user/user.module b/core/modules/user/user.module index bdf5862..5ee5335 100644 --- a/core/modules/user/user.module +++ b/core/modules/user/user.module @@ -2,6 +2,7 @@ use Drupal\Core\Database\Query\SelectInterface; use Drupal\Core\Entity\EntityInterface; +use Drupal\Core\Session\UserSessionInterface; use Drupal\comment\Plugin\Core\Entity\Comment; use Drupal\entity\Plugin\Core\Entity\EntityDisplay; use Drupal\file\Plugin\Core\Entity\File; @@ -468,7 +469,7 @@ function user_role_permissions($roles) { * * @param $string * The permission, such as "administer nodes", being checked for. - * @param $account + * @param \Drupal\Core\Session\UserSessionInterface $account * (optional) The account to check, if not given use currently logged in user. * * @return @@ -478,7 +479,7 @@ function user_role_permissions($roles) { * way, we guarantee consistent behavior, and ensure that the superuser * can perform all actions. */ -function user_access($string, $account = NULL) { +function user_access($string, UserSessionInterface $account = NULL) { global $user; if (!isset($account)) { @@ -499,7 +500,7 @@ function user_access($string, $account = NULL) { } $perm = &$drupal_static_fast['perm']; if (!isset($perm[$account->uid])) { - $role_permissions = user_role_permissions($account->roles); + $role_permissions = user_role_permissions($account->getRoles()); $perms = array(); foreach ($role_permissions as $one_role) { diff --git a/core/modules/views/lib/Drupal/views/Plugin/views/access/AccessPluginBase.php b/core/modules/views/lib/Drupal/views/Plugin/views/access/AccessPluginBase.php index 0d70b4c..443f55d 100644 --- a/core/modules/views/lib/Drupal/views/Plugin/views/access/AccessPluginBase.php +++ b/core/modules/views/lib/Drupal/views/Plugin/views/access/AccessPluginBase.php @@ -7,6 +7,7 @@ namespace Drupal\views\Plugin\views\access; +use Drupal\Core\Session\UserSessionInterface; use Drupal\views\Plugin\views\PluginBase; use Drupal\views\ViewExecutable; @@ -56,13 +57,13 @@ public function summaryTitle() { /** * Determine if the current user has access or not. * - * @param Drupal\user\User $account + * @param \Drupal\Core\Session\UserSessionInterface $account * The user who wants to access this view. * * @return TRUE * Returns whether the user has access to the view. */ - abstract public function access($account); + abstract public function access(UserSessionInterface $account); /** * Determine the access callback and arguments. diff --git a/core/modules/views/lib/Drupal/views/Plugin/views/access/None.php b/core/modules/views/lib/Drupal/views/Plugin/views/access/None.php index 55e1c80..dfcd2dc 100644 --- a/core/modules/views/lib/Drupal/views/Plugin/views/access/None.php +++ b/core/modules/views/lib/Drupal/views/Plugin/views/access/None.php @@ -9,6 +9,7 @@ use Drupal\Core\Annotation\Translation; use Drupal\Component\Annotation\Plugin; +use Drupal\Core\Session\UserSessionInterface; /** * Access plugin that provides no access control at all. @@ -30,7 +31,7 @@ public function summaryTitle() { /** * Implements Drupal\views\Plugin\views\access\AccessPluginBase::access(). */ - public function access($account) { + public function access(UserSessionInterface $account) { // No access control. return TRUE; } diff --git a/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/DynamicTest.php b/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/DynamicTest.php index b153c93..59ce2cf 100644 --- a/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/DynamicTest.php +++ b/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/DynamicTest.php @@ -9,6 +9,7 @@ use Drupal\Component\Annotation\Plugin; use Drupal\Core\Annotation\Translation; +use Drupal\Core\Session\UserSessionInterface; use Drupal\views\Plugin\views\access\AccessPluginBase; /** @@ -29,7 +30,7 @@ protected function defineOptions() { return $options; } - public function access($account) { + public function access(UserSessionInterface $account) { return !empty($this->options['access']) && isset($this->view->args[0]) && $this->view->args[0] == state()->get('test_dynamic_access_argument1') && isset($this->view->args[1]) && $this->view->args[1] == state()->get('test_dynamic_access_argument2'); } diff --git a/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/StaticTest.php b/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/StaticTest.php index 398e8d7..d96e38b 100644 --- a/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/StaticTest.php +++ b/core/modules/views/tests/views_test_data/lib/Drupal/views_test_data/Plugin/views/access/StaticTest.php @@ -9,6 +9,7 @@ use Drupal\Component\Annotation\Plugin; use Drupal\Core\Annotation\Translation; +use Drupal\Core\Session\UserSessionInterface; use Drupal\views\Plugin\views\access\AccessPluginBase; /** @@ -29,7 +30,7 @@ protected function defineOptions() { return $options; } - public function access($account) { + public function access(UserSessionInterface $account) { return !empty($this->options['access']); } diff --git a/core/modules/views/views_ui/lib/Drupal/views_ui/ViewUI.php b/core/modules/views/views_ui/lib/Drupal/views_ui/ViewUI.php index eae95fc..a0bc66b 100644 --- a/core/modules/views/views_ui/lib/Drupal/views_ui/ViewUI.php +++ b/core/modules/views/views_ui/lib/Drupal/views_ui/ViewUI.php @@ -9,6 +9,7 @@ use Drupal\views\ViewExecutable; use Drupal\Core\Database\Database; +use Drupal\Core\Session\UserSessionInterface; use Drupal\Core\TypedData\ContextAwareInterface; use Drupal\views\Plugin\views\query\Sql; use Drupal\views\Plugin\Core\Entity\View; @@ -889,7 +890,7 @@ public function language() { /** * Implements \Drupal\Core\TypedData\AccessibleInterface::access(). */ - public function access($operation = 'view', \Drupal\user\Plugin\Core\Entity\User $account = NULL) { + public function access($operation = 'view', UserSessionInterface $account = NULL) { return $this->__call(__FUNCTION__, func_get_args()); }