summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlex Pott2015-01-19 09:17:48 (GMT)
committerAlex Pott2015-01-19 09:17:48 (GMT)
commit99377f95a7f8ce2643c71f8dba341e8b444d2ac8 (patch)
tree4a400f8c82eb7d49bb0d9b4afe7e01ccae5c72d9
parent02ce89c4edfbdb6fb11cbb347b66b536b8ca0886 (diff)
Issue #2390467 by iPat, adamwhite: User role permission assignments are not deleted when a role is deleted
-rw-r--r--core/modules/user/src/RoleStorage.php10
-rw-r--r--core/modules/user/src/RoleStorageInterface.php8
-rw-r--r--core/modules/user/src/Tests/UserRoleDeleteTest.php78
-rw-r--r--core/modules/user/src/UserStorage.php12
-rw-r--r--core/modules/user/src/UserStorageInterface.php9
-rw-r--r--core/modules/user/user.module4
6 files changed, 103 insertions, 18 deletions
diff --git a/core/modules/user/src/RoleStorage.php b/core/modules/user/src/RoleStorage.php
index a3f6d0f..3878166 100644
--- a/core/modules/user/src/RoleStorage.php
+++ b/core/modules/user/src/RoleStorage.php
@@ -29,14 +29,4 @@ class RoleStorage extends ConfigEntityStorage implements RoleStorageInterface {
return $has_permission;
}
- /**
- * {@inheritdoc}
- */
- public function deleteRoleReferences(array $rids) {
- // Remove the role from all users.
- db_delete('user__roles')
- ->condition('target_id', $rids)
- ->execute();
- }
-
}
diff --git a/core/modules/user/src/RoleStorageInterface.php b/core/modules/user/src/RoleStorageInterface.php
index 1764de6..7ad3511 100644
--- a/core/modules/user/src/RoleStorageInterface.php
+++ b/core/modules/user/src/RoleStorageInterface.php
@@ -27,12 +27,4 @@ interface RoleStorageInterface extends ConfigEntityStorageInterface {
*/
public function isPermissionInRoles($permission, array $rids);
- /**
- * Delete role references.
- *
- * @param array $rids
- * The list of role IDs being deleted. The storage should
- * remove permission and user references to this role.
- */
- public function deleteRoleReferences(array $rids);
}
diff --git a/core/modules/user/src/Tests/UserRoleDeleteTest.php b/core/modules/user/src/Tests/UserRoleDeleteTest.php
new file mode 100644
index 0000000..9975046
--- /dev/null
+++ b/core/modules/user/src/Tests/UserRoleDeleteTest.php
@@ -0,0 +1,78 @@
+<?php
+
+/**
+ * @file
+ * Contains \Drupal\user\Tests\UserRoleDeleteTest.
+ */
+
+namespace Drupal\user\Tests;
+
+use Drupal\simpletest\KernelTestBase;
+use Drupal\user\Entity\User;
+
+/**
+ * Tests the handling of user_role entity from the user module
+ *
+ * @group user
+ */
+class UserRoleDeleteTest extends KernelTestBase {
+
+ /**
+ * Modules to enable.
+ *
+ * @var array
+ */
+ public static $modules = array('system', 'user', 'field');
+
+ protected function setUp() {
+ parent::setUp();
+ $this->installEntitySchema('user');
+ }
+
+ /**
+ * Tests removal of role references on role entity delete.
+ *
+ * @see user_user_role_delete()
+ */
+ public function testRoleDeleteUserRoleReferenceDelete() {
+ // Create two test roles.
+ $role_storage = $this->container->get('entity.manager')->getStorage('user_role');
+ $role_storage->create(array('id' => 'test_role_one'))->save();
+ $role_storage->create(array('id' => 'test_role_two'))->save();
+
+ // Create user and assign both test roles.
+ $values = array(
+ 'uid' => 1,
+ 'roles' => array('test_role_one', 'test_role_two'),
+ );
+ $user = User::create($values);
+ $user->save();
+
+ // Check that user has both roles.
+ $this->assertTrue($user->hasRole('test_role_one'));
+ $this->assertTrue($user->hasRole('test_role_two'));
+
+ // Delete test role one.
+ $test_role_one = $role_storage->load('test_role_one');
+ $test_role_one->delete();
+
+ // Load user again from the database.
+ $user = User::load($user->id());
+
+ // Check that user does not have role one anymore, still has role two.
+ $this->assertFalse($user->hasRole('test_role_one'));
+ $this->assertTrue($user->hasRole('test_role_two'));
+
+ // Create new role with same name.
+ $role_storage->create(array('id' => 'test_role_one'))->save();
+
+ // Load user again from the database.
+ $user = User::load($user->id());
+
+ // Check that user does not have role one.
+ $this->assertFalse($user->hasRole('test_role_one'));
+ $this->assertTrue($user->hasRole('test_role_two'));
+
+ }
+
+}
diff --git a/core/modules/user/src/UserStorage.php b/core/modules/user/src/UserStorage.php
index b51b1ee..f404b8d 100644
--- a/core/modules/user/src/UserStorage.php
+++ b/core/modules/user/src/UserStorage.php
@@ -116,4 +116,16 @@ class UserStorage extends SqlContentEntityStorage implements UserStorageInterfac
$this->resetCache(array($account->id()));
}
+ /**
+ * {@inheritdoc}
+ */
+ public function deleteRoleReferences(array $rids) {
+ // Remove the role from all users.
+ $this->database->delete('user__roles')
+ ->condition('roles_target_id', $rids)
+ ->execute();
+
+ $this->resetCache();
+ }
+
}
diff --git a/core/modules/user/src/UserStorageInterface.php b/core/modules/user/src/UserStorageInterface.php
index 104c4ae..2614bc3 100644
--- a/core/modules/user/src/UserStorageInterface.php
+++ b/core/modules/user/src/UserStorageInterface.php
@@ -32,4 +32,13 @@ interface UserStorageInterface extends EntityStorageInterface{
*/
public function updateLastAccessTimestamp(AccountInterface $account, $timestamp);
+ /**
+ * Delete role references.
+ *
+ * @param array $rids
+ * The list of role IDs being deleted. The storage should
+ * remove permission and user references to this role.
+ */
+ public function deleteRoleReferences(array $rids);
+
}
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index b3fe322..7995031 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -1079,6 +1079,10 @@ function user_user_role_insert(RoleInterface $role) {
* Implements hook_ENTITY_TYPE_delete() for user_role entities.
*/
function user_user_role_delete(RoleInterface $role) {
+ // Delete role references for all users.
+ $user_storage = \Drupal::entityManager()->getStorage('user');
+ $user_storage->deleteRoleReferences(array($role->id()));
+
// Ignore the authenticated and anonymous roles or the role is being synced.
if (in_array($role->id(), array(DRUPAL_AUTHENTICATED_RID, DRUPAL_ANONYMOUS_RID)) || $role->isSyncing()) {
return;