Security update for Core, with self-updated composer

[yaffs-website] / web / core / modules / node / src / Plugin / views / filter / Access.php

diff --git a/web/core/modules/node/src/Plugin/views/filter/Access.php b/web/core/modules/node/src/Plugin/views/filter/Access.php
index 73844e11d19b540113be95e4ee9e7857566b3733..71e8e95e5aace600236c082b03ed7ee940ea2271 100644 (file)
--- a/web/core/modules/node/src/Plugin/views/filter/Access.php
+++ b/web/core/modules/node/src/Plugin/views/filter/Access.php
@@ -2,6 +2,7 @@
 
 namespace Drupal\node\Plugin\views\filter;
 
+use Drupal\Core\Database\Query\Condition;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\views\Plugin\views\filter\FilterPluginBase;
 
@@ -14,8 +15,8 @@ use Drupal\views\Plugin\views\filter\FilterPluginBase;
  */
 class Access extends FilterPluginBase {
 
-  public function adminSummary() { }
-  protected function operatorForm(&$form, FormStateInterface $form_state) { }
+  public function adminSummary() {}
+  protected function operatorForm(&$form, FormStateInterface $form_state) {}
   public function canExpose() {
     return FALSE;
   }
@@ -27,10 +28,10 @@ class Access extends FilterPluginBase {
     $account = $this->view->getUser();
     if (!$account->hasPermission('bypass node access')) {
       $table = $this->ensureMyTable();
-      $grants = db_or();
+      $grants = new Condition('OR');
       foreach (node_access_grants('view', $account) as $realm => $gids) {
         foreach ($gids as $gid) {
-          $grants->condition(db_and()
+          $grants->condition((new Condition('AND'))
             ->condition($table . '.gid', $gid)
             ->condition($table . '.realm', $realm)
           );