X-Git-Url: http://www.aleph1.co.uk/gitweb/?p=yaffs-website;a=blobdiff_plain;f=web%2Fmodules%2Fcontrib%2Fentity%2Fsrc%2FAccess%2FEntityRevisionRouteAccessChecker.php;fp=web%2Fmodules%2Fcontrib%2Fentity%2Fsrc%2FAccess%2FEntityRevisionRouteAccessChecker.php;h=84f43170750db35dfe0aa3e0aba9a3790608c2a0;hp=d9556e1dc292a54106419848346d3298df02e34b;hb=af6d1fb995500ae68849458ee10d66abbdcfb252;hpb=680c79a86e3ed402f263faeac92e89fb6d9edcc0

diff --git a/web/modules/contrib/entity/src/Access/EntityRevisionRouteAccessChecker.php b/web/modules/contrib/entity/src/Access/EntityRevisionRouteAccessChecker.php
index d9556e1dc..84f431707 100644
--- a/web/modules/contrib/entity/src/Access/EntityRevisionRouteAccessChecker.php
+++ b/web/modules/contrib/entity/src/Access/EntityRevisionRouteAccessChecker.php
@@ -7,9 +7,8 @@ use Drupal\Core\Entity\ContentEntityInterface;
 use Drupal\Core\Entity\EntityStorageInterface;
 use Drupal\Core\Entity\EntityTypeManagerInterface;
 use Drupal\Core\Routing\Access\AccessInterface;
+use Drupal\Core\Routing\RouteMatchInterface;
 use Drupal\Core\Session\AccountInterface;
-use Symfony\Component\HttpFoundation\Request;
-use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\Routing\Route;
 
 /**
@@ -30,42 +29,42 @@ class EntityRevisionRouteAccessChecker implements AccessInterface {
   protected $accessCache = array();
 
   /**
-   * The request stack.
+   * The currently active route match object.
    *
-   * @var \Symfony\Component\HttpFoundation\RequestStack
+   * @var \Drupal\Core\Routing\RouteMatchInterface
    */
-  protected $requestStack;
+  protected $routeMatch;
 
   /**
    * Creates a new EntityRevisionRouteAccessChecker instance.
    *
    * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
    *   The entity manager.
-   * @param \Symfony\Component\HttpFoundation\RequestStack $request_stack
-   *   The request stack.
+   * @param \Drupal\Core\Routing\RouteMatchInterface $route_match
+   *   The currently active route match object.
    */
-  public function __construct(EntityTypeManagerInterface $entity_type_manager, RequestStack $request_stack) {
+  public function __construct(EntityTypeManagerInterface $entity_type_manager, RouteMatchInterface $route_match) {
     $this->entityTypeManager = $entity_type_manager;
-    $this->requestStack = $request_stack;
+    $this->routeMatch = $route_match;
   }
 
   /**
    * {@inheritdoc}
    */
-  public function access(Route $route, AccountInterface $account, Request $request = NULL) {
-    if (empty($request)) {
-      $request = $this->requestStack->getCurrentRequest();
+  public function access(Route $route, AccountInterface $account, RouteMatchInterface $route_match = NULL) {
+    if (empty($route_match)) {
+      $route_match = $this->routeMatch;
     }
 
     $operation = $route->getRequirement('_entity_access_revision');
-    list(, $operation) = explode('.', $operation, 2);
+    list($entity_type_id, $operation) = explode('.', $operation, 2);
 
     if ($operation === 'list') {
-      $_entity = $request->attributes->get('_entity', $request->attributes->get($route->getOption('entity_type_id')));
+      $_entity = $route_match->getParameter($entity_type_id);
       return AccessResult::allowedIf($this->checkAccess($_entity, $account, $operation))->cachePerPermissions();
     }
     else {
-      $_entity_revision = $request->attributes->get('_entity_revision');
+      $_entity_revision = $route_match->getParameter($entity_type_id . '_revision');
       return AccessResult::allowedIf($_entity_revision && $this->checkAccess($_entity_revision, $account, $operation))->cachePerPermissions();
     }
   }
@@ -104,8 +103,10 @@ class EntityRevisionRouteAccessChecker implements AccessInterface {
     $cid = $entity->getRevisionId() . ':' . $langcode . ':' . $account->id() . ':' . $operation;
 
     if (!isset($this->accessCache[$cid])) {
+      $admin_permission = $entity_type->getAdminPermission();
+
       // Perform basic permission checks first.
-      if (!$account->hasPermission($map[$operation]) && !$account->hasPermission($type_map[$operation]) && !$account->hasPermission('administer nodes')) {
+      if (!$account->hasPermission($map[$operation]) && !$account->hasPermission($type_map[$operation]) && ($admin_permission && !$account->hasPermission($admin_permission))) {
         $this->accessCache[$cid] = FALSE;
         return FALSE;
       }
@@ -114,6 +115,8 @@ class EntityRevisionRouteAccessChecker implements AccessInterface {
         $this->accessCache[$cid] = TRUE;
       }
       else {
+        // Entity access handlers are generally not aware of the "list" operation.
+        $operation = $operation == 'list' ? 'view' : $operation;
         // First check the access to the default revision and finally, if the
         // node passed in is not the default revision then access to that, too.
         $this->accessCache[$cid] = $entity_access->access($entity_storage->load($entity->id()), $operation, $account) && ($entity->isDefaultRevision() || $entity_access->access($entity, $operation, $account));