Code
/
twig_tweak
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Added entity access check.

8.x-1.x
Chi 7 years ago
parent
2d9a6629f8
commit
69f8d4b664
4 changed files with 44 additions and 39 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 63
      src/TwigExtension.php
  2. 2
      tests/src/Functional/TwigTweakTest.php
  3. 16
      tests/twig_tweak_test/config/install/block.block.powered_by_drupal.yml
  4. 2
      tests/twig_tweak_test/templates/twig-tweak-test.html.twig

63
src/TwigExtension.php
Unescape View File

@ -5,6 +5,7 @@ namespace Drupal\twig_tweak;
use Drupal\Core\Block\TitleBlockPluginInterface; use Drupal\Core\Block\TitleBlockPluginInterface;
use Drupal\Core\Config\ConfigFactoryInterface; use Drupal\Core\Config\ConfigFactoryInterface;
use Drupal\Core\Controller\TitleResolverInterface; use Drupal\Core\Controller\TitleResolverInterface;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityTypeManagerInterface; use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\Core\Form\FormBuilderInterface; use Drupal\Core\Form\FormBuilderInterface;
use Drupal\Core\Menu\MenuLinkTreeInterface; use Drupal\Core\Menu\MenuLinkTreeInterface;
@ -176,8 +177,10 @@ class TwigExtension extends \Twig_Extension {
*/ */
public function drupalBlock($id) { public function drupalBlock($id) {
$block = $this->entityTypeManager->getStorage('block')->load($id); $block = $this->entityTypeManager->getStorage('block')->load($id);
return $block ? if ($block && $this->entityAccess($block)) {
$this->entityTypeManager->getViewBuilder('block')->view($block) : ''; return $this->entityTypeManager->getViewBuilder('block')->view($block);
}
return NULL;
} }
/** /**
@ -201,20 +204,19 @@ class TwigExtension extends \Twig_Extension {
$view_builder = $this->entityTypeManager->getViewBuilder('block'); $view_builder = $this->entityTypeManager->getViewBuilder('block');
$build = []; $build = [];
/* @var $blocks \Drupal\block\BlockInterface[] */ /* @var $blocks \Drupal\block\BlockInterface[] */
foreach ($blocks as $id => $block) { foreach ($blocks as $id => $block) {
// Should the block be displayed? (follow rules from block layout page). if ($this->entityAccess($block)) {
if (!$block->access('view')) { $block_plugin = $block->getPlugin();
continue; if ($block_plugin instanceof TitleBlockPluginInterface) {
} $request = $this->requestStack->getCurrentRequest();
$block_plugin = $block->getPlugin(); if ($route = $request->attributes->get(RouteObjectInterface::ROUTE_OBJECT)) {
if ($block_plugin instanceof TitleBlockPluginInterface) { $block_plugin->setTitle($this->titleResolver->getTitle($request, $route));
$request = $this->requestStack->getCurrentRequest(); }
if ($route = $request->attributes->get(RouteObjectInterface::ROUTE_OBJECT)) {
$block_plugin->setTitle($this->titleResolver->getTitle($request, $route));
} }
$build[$id] = $view_builder->view($block);
} }
$build[$id] = $view_builder->view($block);
} }
return $build; return $build;
@ -240,7 +242,7 @@ class TwigExtension extends \Twig_Extension {
$entity = $id ? $entity = $id ?
$this->entityTypeManager->getStorage($entity_type)->load($id) : $this->entityTypeManager->getStorage($entity_type)->load($id) :
$this->routeMatch->getParameter($entity_type); $this->routeMatch->getParameter($entity_type);
if ($entity) { if ($entity && $this->entityAccess($entity)) {
$render_controller = $this->entityTypeManager->getViewBuilder($entity_type); $render_controller = $this->entityTypeManager->getViewBuilder($entity_type);
return $render_controller->view($entity, $view_mode, $langcode); return $render_controller->view($entity, $view_mode, $langcode);
} }
@ -265,14 +267,16 @@ class TwigExtension extends \Twig_Extension {
* A render array for the field or NULL if the value does not exist. * A render array for the field or NULL if the value does not exist.
*/ */
public function drupalField($field_name, $entity_type, $id = NULL, $view_mode = 'default', $langcode = NULL) { public function drupalField($field_name, $entity_type, $id = NULL, $view_mode = 'default', $langcode = NULL) {
$entity = $id ? $entity = $id
$this->entityTypeManager->getStorage($entity_type)->load($id) : ? $this->entityTypeManager->getStorage($entity_type)->load($id)
$this->routeMatch->getParameter($entity_type); : $this->routeMatch->getParameter($entity_type);
if ($langcode && $entity->hasTranslation($langcode)) { if ($entity && $this->entityAccess($entity)) {
$entity = $entity->getTranslation($langcode); if ($langcode && $entity->hasTranslation($langcode)) {
} $entity = $entity->getTranslation($langcode);
if (isset($entity->{$field_name})) { }
return $entity->{$field_name}->view($view_mode); if (isset($entity->{$field_name})) {
return $entity->{$field_name}->view($view_mode);
}
} }
return NULL; return NULL;
} }
@ -492,4 +496,21 @@ class TwigExtension extends \Twig_Extension {
return $output; return $output;
} }
/**
* Checks view access to a given entity.
*
* @param \Drupal\Core\Entity\EntityInterface $entity
* Entity to check access.
*
* @return bool
* The access check result.
*
* @TODO Remove "check_access" option in 9.x.
*/
protected function entityAccess(EntityInterface $entity) {
// Prior version 8.x-1.7 entity access was not checked. The "check_access"
// option provides a workaround for possible BC issues.
return !Settings::get('twig_tweak_check_access', TRUE) || $entity->access('view');
}
} }

2
tests/src/Functional/TwigTweakTest.php
Unescape View File

@ -66,7 +66,7 @@ class TwigTweakTest extends BrowserTestBase {
// Test block. // Test block.
$xpath = '//div[@class = "tt-block"]'; $xpath = '//div[@class = "tt-block"]';
$xpath .= '/div[@id="block-powered-by-drupal"]/span[contains(., "Powered by Drupal")]'; $xpath .= '/div[@id="block-classy-powered-by-drupal"]/span[contains(., "Powered by Drupal")]';
$this->assertByXpath($xpath); $this->assertByXpath($xpath);
// Test region. // Test region.

16
tests/twig_tweak_test/config/install/block.block.powered_by_drupal.yml
Unescape View File

@ -1,16 +0,0 @@
langcode: en
status: true
dependencies:
module:
- system
id: powered_by_drupal
region: main
weight: 10
provider: null
plugin: system_powered_by_block
settings:
id: system_powered_by_block
label: 'Powered by Drupal'
provider: system
label_display: '0'
visibility: { }

2
tests/twig_tweak_test/templates/twig-tweak-test.html.twig
Unescape View File

@ -19,7 +19,7 @@
<div class="tt-view-default">{{ drupal_view('twig_tweak_test') }}</div> <div class="tt-view-default">{{ drupal_view('twig_tweak_test') }}</div>
<div class="tt-view-page_1">{{ drupal_view('twig_tweak_test', 'page_1') }}</div> <div class="tt-view-page_1">{{ drupal_view('twig_tweak_test', 'page_1') }}</div>
<div class="tt-view-page_1-with-argument">{{ drupal_view('twig_tweak_test', 'page_1', 1) }}</div> <div class="tt-view-page_1-with-argument">{{ drupal_view('twig_tweak_test', 'page_1', 1) }}</div>
<div class="tt-block">{{ drupal_block('powered_by_drupal') }}</div> <div class="tt-block">{{ drupal_block('classy_powered_by_drupal') }}</div>
<div class="tt-region">{{ drupal_region('sidebar_first') }}</div> <div class="tt-region">{{ drupal_region('sidebar_first') }}</div>
<div class="tt-entity-default">{{ drupal_entity('node', 1) }}</div> <div class="tt-entity-default">{{ drupal_entity('node', 1) }}</div>
<div class="tt-entity-teaser">{{ drupal_entity('node', 1, 'teaser') }}</div> <div class="tt-entity-teaser">{{ drupal_entity('node', 1, 'teaser') }}</div>

Write Preview
Loading…
Cancel
Save