Let's start to convert all calls to user_access() with the new AccountInterface::hasPermission() method.

Part of #2048171: [meta] Replace user_access() calls with $account->hasPermission() wherever possible.

Change records for this issue:

Files: 
CommentFileSizeAuthor
#6 drupal-book_replace_user_access-2061973-6.patch4.15 KBnaveenvalecha
PASSED: [[SimpleTest]]: [MySQL] 58,451 pass(es).
[ View ]
#3 drupal-book_replace_user_access-2061973.patch5.84 KBInternetDevels
PASSED: [[SimpleTest]]: [MySQL] 57,854 pass(es).
[ View ]
#3 interdiff.txt3.33 KBInternetDevels
#1 drupal-book_replace_user_access-2061973.patch5.7 KBInternetDevels
FAILED: [[SimpleTest]]: [MySQL] 57,953 pass(es), 1 fail(s), and 0 exception(s).
[ View ]

Comments

Status:Active» Needs review
StatusFileSize
new5.7 KB
FAILED: [[SimpleTest]]: [MySQL] 57,953 pass(es), 1 fail(s), and 0 exception(s).
[ View ]

Patch attached.

Status:Needs review» Needs work

The last submitted patch, drupal-book_replace_user_access-2061973.patch, failed testing.

StatusFileSize
new3.33 KB
new5.84 KB
PASSED: [[SimpleTest]]: [MySQL] 57,854 pass(es).
[ View ]

Again problem with anonymous and Drupal::request(). I've added a workaround, locally test passed.

Status:Needs work» Needs review

Status:Needs review» Needs work

+++ b/core/modules/book/book.admin.inc
@@ -209,7 +209,7 @@ function theme_book_admin_table($variables) {
+  $access = Drupal::request()->attributes->get('_account')->hasPermission('administer nodes');
+++ b/core/modules/book/book.module
@@ -126,7 +126,8 @@ function book_node_view_link(EntityInterface $node, $view_mode) {
+      $user = Drupal::request()->attributes->get('_account');
@@ -224,7 +225,9 @@ function book_menu() {
+  $user = Drupal::request()->attributes->get('_account');
@@ -240,7 +243,7 @@ function book_export_access(EntityInterface $node) {
+  return Drupal::request()->attributes->get('_account')->hasPermission('administer book outlines') && node_access('view', $node);
@@ -305,9 +308,11 @@ function book_get_books() {
+  $user = Drupal::request()->attributes->get('_account');
@@ -459,7 +464,7 @@ function _book_add_form_elements(&$form, &$form_state, EntityInterface $node) {
+  if (Drupal::request()->attributes->get('_account')->hasPermission('create new books') && ($nid == 'new' || ($nid != $node->book['original_bid']))) {
@@ -812,7 +817,7 @@ function book_page_alter(&$page) {
+  if (!empty($node->book['bid']) && !Drupal::request()->attributes->get('_account')->hasPermission('administer nodes')) {
@@ -879,8 +884,10 @@ function book_node_predelete(EntityInterface $node) {
+  $user = Drupal::request()->attributes->get('_account');
+++ b/core/modules/book/book.pages.inc
@@ -68,7 +68,7 @@ function book_export($type, EntityInterface $node) {
+  if (Drupal::request()->attributes->get('_account')->hasPermission('access printer-friendly version')) {

All should be Drupal::currentUser() service

Status:Needs work» Needs review
StatusFileSize
new4.15 KB
PASSED: [[SimpleTest]]: [MySQL] 58,451 pass(es).
[ View ]

The patch #3 no longer applied.So rewrote the patch and there is no interdiff.Also used the Drupal::currentUser()service as in #5. So needs review

Status:Needs review» Reviewed & tested by the community

Awesome!

Status:Reviewed & tested by the community» Fixed

Committed 2e493af and pushed to 8.x. Thanks!

Automatically closed -- issue fixed for 2 weeks with no activity.