summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorxjm2018-01-06 20:00:13 (GMT)
committerxjm2018-01-06 20:00:13 (GMT)
commitb23aebd77eb1a798b837f84c31ffaad68f70b60a (patch)
treecba14ae1d87d8b0bfa1110ecba83b571e4dc97ac
parent895db7dd8a9b83860cdf1f04686ea4c153665199 (diff)
Issue #2932369 by marcoscano, balsama, Berdir, Grimreaper, alexpott: Media Types missing access control handler result in empty column in media overview page
-rw-r--r--core/modules/media/src/Entity/MediaType.php1
-rw-r--r--core/modules/media/src/MediaTypeAccessControlHandler.php34
-rw-r--r--core/modules/media/tests/src/Functional/MediaOverviewPageTest.php147
-rw-r--r--core/modules/media/tests/src/Kernel/MediaCreationTest.php23
4 files changed, 205 insertions, 0 deletions
diff --git a/core/modules/media/src/Entity/MediaType.php b/core/modules/media/src/Entity/MediaType.php
index 43017b8..8900122 100644
--- a/core/modules/media/src/Entity/MediaType.php
+++ b/core/modules/media/src/Entity/MediaType.php
@@ -21,6 +21,7 @@ use Drupal\media\MediaTypeInterface;
* plural = "@count media types"
* ),
* handlers = {
+ * "access" = "Drupal\media\MediaTypeAccessControlHandler",
* "form" = {
* "add" = "Drupal\media\MediaTypeForm",
* "edit" = "Drupal\media\MediaTypeForm",
diff --git a/core/modules/media/src/MediaTypeAccessControlHandler.php b/core/modules/media/src/MediaTypeAccessControlHandler.php
new file mode 100644
index 0000000..2f134a6
--- /dev/null
+++ b/core/modules/media/src/MediaTypeAccessControlHandler.php
@@ -0,0 +1,34 @@
+<?php
+
+namespace Drupal\media;
+
+use Drupal\Core\Access\AccessResult;
+use Drupal\Core\Entity\EntityAccessControlHandler;
+use Drupal\Core\Entity\EntityInterface;
+use Drupal\Core\Session\AccountInterface;
+
+/**
+ * Defines the access control handler for the "Media Type" entity type.
+ *
+ * @see \Drupal\media\Entity\MediaType
+ */
+class MediaTypeAccessControlHandler extends EntityAccessControlHandler {
+
+ /**
+ * {@inheritdoc}
+ */
+ protected $viewLabelOperation = TRUE;
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function checkAccess(EntityInterface $entity, $operation, AccountInterface $account) {
+ if ($operation === 'view label') {
+ return AccessResult::allowedIfHasPermission($account, 'view media');
+ }
+ else {
+ return parent::checkAccess($entity, $operation, $account);
+ }
+ }
+
+}
diff --git a/core/modules/media/tests/src/Functional/MediaOverviewPageTest.php b/core/modules/media/tests/src/Functional/MediaOverviewPageTest.php
new file mode 100644
index 0000000..d7e5f01
--- /dev/null
+++ b/core/modules/media/tests/src/Functional/MediaOverviewPageTest.php
@@ -0,0 +1,147 @@
+<?php
+
+namespace Drupal\Tests\media\Functional;
+
+use Drupal\media\Entity\Media;
+use Drupal\user\Entity\Role;
+use Drupal\user\RoleInterface;
+
+/**
+ * Tests the Media overview page.
+ *
+ * @group media
+ */
+class MediaOverviewPageTest extends MediaFunctionalTestBase {
+
+ /**
+ * {@inheritdoc}
+ */
+ protected function setUp() {
+ parent::setUp();
+ $this->drupalLogin($this->nonAdminUser);
+ }
+
+ /**
+ * Test that the Media overview page (/admin/content/media).
+ */
+ public function testMediaOverviewPage() {
+ $assert_session = $this->assertSession();
+
+ // Check the view exists, is access-restricted, and some defaults are there.
+ $this->drupalGet('/admin/content/media');
+ $assert_session->statusCodeEquals(403);
+ $role = Role::load(RoleInterface::AUTHENTICATED_ID);
+ $this->grantPermissions($role, ['access media overview']);
+ $this->drupalGet('/admin/content/media');
+ $assert_session->statusCodeEquals(200);
+ $assert_session->titleEquals('Media | Drupal');
+ $assert_session->fieldExists('Media name');
+ $assert_session->selectExists('source');
+ $assert_session->selectExists('status');
+ $assert_session->selectExists('langcode');
+ $assert_session->buttonExists('Filter');
+ $header = $assert_session->elementExists('css', 'th#view-thumbnail-target-id-table-column');
+ $this->assertEquals('Thumbnail', $header->getText());
+ $header = $assert_session->elementExists('css', 'th#view-name-table-column');
+ $this->assertEquals('Media name', $header->getText());
+ $header = $assert_session->elementExists('css', 'th#view-bundle-table-column');
+ $this->assertEquals('Source', $header->getText());
+ $header = $assert_session->elementExists('css', 'th#view-uid-table-column');
+ $this->assertEquals('Author', $header->getText());
+ $header = $assert_session->elementExists('css', 'th#view-status-table-column');
+ $this->assertEquals('Status', $header->getText());
+ $header = $assert_session->elementExists('css', 'th#view-changed-table-column');
+ $this->assertEquals('Updated Sort ascending', $header->getText());
+ $header = $assert_session->elementExists('css', 'th#view-operations-table-column');
+ $this->assertEquals('Operations', $header->getText());
+ $assert_session->pageTextContains('No content available.');
+
+ // Create some content for the view.
+ $media_type1 = $this->createMediaType();
+ $media_type2 = $this->createMediaType();
+ $media1 = Media::create([
+ 'bundle' => $media_type1->id(),
+ 'name' => 'Media 1',
+ 'uid' => $this->adminUser->id(),
+ ]);
+ $media1->save();
+ $media2 = Media::create([
+ 'bundle' => $media_type2->id(),
+ 'name' => 'Media 2',
+ 'uid' => $this->adminUser->id(),
+ 'status' => FALSE,
+ ]);
+ $media2->save();
+ $media3 = Media::create([
+ 'bundle' => $media_type1->id(),
+ 'name' => 'Media 3',
+ 'uid' => $this->nonAdminUser->id(),
+ ]);
+ $media3->save();
+
+ // Verify the view is now correctly populated.
+ $this->grantPermissions($role, [
+ 'view media',
+ 'update any media',
+ 'delete any media',
+ ]);
+ $this->drupalGet('/admin/content/media');
+ $row1 = $assert_session->elementExists('css', 'table tbody tr:nth-child(1)');
+ $row2 = $assert_session->elementExists('css', 'table tbody tr:nth-child(2)');
+ $row3 = $assert_session->elementExists('css', 'table tbody tr:nth-child(3)');
+
+ // Media thumbnails.
+ $assert_session->elementExists('css', 'td.views-field-thumbnail__target-id img', $row1);
+ $assert_session->elementExists('css', 'td.views-field-thumbnail__target-id img', $row2);
+ $assert_session->elementExists('css', 'td.views-field-thumbnail__target-id img', $row3);
+
+ // Media names.
+ $name1 = $assert_session->elementExists('css', 'td.views-field-name a', $row1);
+ $this->assertEquals($media1->label(), $name1->getText());
+ $name2 = $assert_session->elementExists('css', 'td.views-field-name a', $row2);
+ $this->assertEquals($media2->label(), $name2->getText());
+ $name3 = $assert_session->elementExists('css', 'td.views-field-name a', $row3);
+ $this->assertEquals($media3->label(), $name3->getText());
+ $assert_session->linkByHrefExists('/media/' . $media1->id());
+ $assert_session->linkByHrefExists('/media/' . $media2->id());
+ $assert_session->linkByHrefExists('/media/' . $media3->id());
+
+ // Media types.
+ $type_element1 = $assert_session->elementExists('css', 'td.views-field-bundle', $row1);
+ $this->assertEquals($media_type1->label(), $type_element1->getText());
+ $type_element2 = $assert_session->elementExists('css', 'td.views-field-bundle', $row2);
+ $this->assertEquals($media_type2->label(), $type_element2->getText());
+ $type_element3 = $assert_session->elementExists('css', 'td.views-field-bundle', $row3);
+ $this->assertEquals($media_type1->label(), $type_element3->getText());
+
+ // Media authors.
+ $author_element1 = $assert_session->elementExists('css', 'td.views-field-uid', $row1);
+ $this->assertEquals($this->adminUser->getDisplayName(), $author_element1->getText());
+ $author_element2 = $assert_session->elementExists('css', 'td.views-field-uid', $row2);
+ $this->assertEquals($this->adminUser->getDisplayName(), $author_element2->getText());
+ $author_element3 = $assert_session->elementExists('css', 'td.views-field-uid', $row3);
+ $this->assertEquals($this->nonAdminUser->getDisplayName(), $author_element3->getText());
+
+ // Media publishing status.
+ $status_element1 = $assert_session->elementExists('css', 'td.views-field-status', $row1);
+ $this->assertEquals('Published', $status_element1->getText());
+ $status_element2 = $assert_session->elementExists('css', 'td.views-field-status', $row2);
+ $this->assertEquals('Unpublished', $status_element2->getText());
+ $status_element3 = $assert_session->elementExists('css', 'td.views-field-status', $row3);
+ $this->assertEquals('Published', $status_element3->getText());
+
+ // Timestamp.
+ $expected = \Drupal::service('date.formatter')->format($media1->getChangedTime(), 'short');
+ $changed_element1 = $assert_session->elementExists('css', 'td.views-field-changed', $row1);
+ $this->assertEquals($expected, $changed_element1->getText());
+
+ // Operations.
+ $edit_link1 = $assert_session->elementExists('css', 'td.views-field-operations li.edit a', $row1);
+ $this->assertEquals('Edit', $edit_link1->getText());
+ $assert_session->linkByHrefExists('/media/' . $media1->id() . '/edit');
+ $delete_link1 = $assert_session->elementExists('css', 'td.views-field-operations li.delete a', $row1);
+ $this->assertEquals('Delete', $delete_link1->getText());
+ $assert_session->linkByHrefExists('/media/' . $media1->id() . '/delete');
+ }
+
+}
diff --git a/core/modules/media/tests/src/Kernel/MediaCreationTest.php b/core/modules/media/tests/src/Kernel/MediaCreationTest.php
index baf837f..93d4384 100644
--- a/core/modules/media/tests/src/Kernel/MediaCreationTest.php
+++ b/core/modules/media/tests/src/Kernel/MediaCreationTest.php
@@ -6,6 +6,8 @@ use Drupal\media\Entity\Media;
use Drupal\media\Entity\MediaType;
use Drupal\media\MediaInterface;
use Drupal\media\MediaTypeInterface;
+use Drupal\user\Entity\Role;
+use Drupal\user\Entity\User;
/**
* Tests creation of media types and media items.
@@ -33,6 +35,27 @@ class MediaCreationTest extends MediaKernelTestBase {
// be created automatically when a config is being imported.
$this->assertEquals(['source_field' => '', 'test_config_value' => 'Kakec'], $test_media_type->get('source_configuration'), 'Could not assure the correct media source configuration.');
$this->assertEquals(['metadata_attribute' => 'field_attribute_config_test'], $test_media_type->get('field_map'), 'Could not assure the correct field map.');
+ // Check the Media Type access handler behavior.
+ // We grant access to the 'view label' operation to all users having
+ // permission to 'view media'.
+ $user1 = User::create([
+ 'name' => 'username1',
+ 'status' => 1,
+ ]);
+ $user1->save();
+ $user2 = User::create([
+ 'name' => 'username2',
+ 'status' => 1,
+ ]);
+ $user2->save();
+ $role = Role::create([
+ 'id' => 'role1',
+ 'label' => 'role1',
+ ]);
+ $role->grantPermission('view media')->trustData()->save();
+ $user2->addRole($role->id());
+ $this->assertFalse($test_media_type->access('view label', $user1));
+ $this->assertTrue($test_media_type->access('view label', $user2));
}
/**