Let's start to convert all calls to user_access() with the new AccountInterface::hasPermission() method.

Part of #2048171: [meta] Replace user_access() calls with $account->hasPermission() wherever possible.

Change records for this issue:

#3 drupal-menu_replace_user_access_2062005-3.patch569 bytesInternetDevels
PASSED: [[SimpleTest]]: [MySQL] 58,529 pass(es).
[ View ]
#1 drupal-menu_replace_user_access_2062005.patch2.73 KBInternetDevels
PASSED: [[SimpleTest]]: [MySQL] 57,822 pass(es).
[ View ]


Status:Active» Needs review
new2.73 KB
PASSED: [[SimpleTest]]: [MySQL] 57,822 pass(es).
[ View ]

In some cases $request does not contain information about account. I've used $request instead, but looks like this issue requires more deep investigation.

Component:user system» menu.module
Status:Needs review» Needs work
  1. +++ b/core/modules/menu/lib/Drupal/menu/Access/DeleteLinkAccessCheck.php
    @@ -27,7 +27,8 @@ public function appliesTo() {
    +    $account = \Drupal::request()->attributes->get('_account');

    Depends on #2048223: Add $account argument to AccessCheckInterface::access() method and use the current_user service

  2. +++ b/core/modules/menu/menu.module
    @@ -529,6 +529,7 @@ function menu_form_node_form_alter(&$form, $form_state) {
    +  $account = Drupal::request()->attributes->get('_account');

    Use Drupal::currentUser() service https://drupal.org/node/2032447

Status:Needs work» Needs review
new569 bytes
PASSED: [[SimpleTest]]: [MySQL] 58,529 pass(es).
[ View ]

Only one change left after re-rolling.

Status:Needs review» Reviewed & tested by the community


Status:Reviewed & tested by the community» Fixed

Committed/pushed to 8.x, thanks!

Automatically closed -- issue fixed for 2 weeks with no activity.