CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
isNeutral example
/** * @covers \Drupal\block_content\Access\AccessGroupAnd */
public function testGroups() {
$allowedAccessible = $this->createAccessibleDouble(AccessResult::allowed());
$forbiddenAccessible = $this->createAccessibleDouble(AccessResult::forbidden());
$neutralAccessible = $this->createAccessibleDouble(AccessResult::neutral());
// Ensure that groups with no dependencies return a neutral access result. $this->assertTrue((new AccessGroupAnd())->access('view', $this->account, TRUE)->isNeutral());
$andNeutral = new AccessGroupAnd();
$andNeutral->addDependency($allowedAccessible)->addDependency($neutralAccessible);
$this->assertTrue($andNeutral->access('view', $this->account, TRUE)->isNeutral());
$andForbidden = $andNeutral;
$andForbidden->addDependency($forbiddenAccessible);
$this->assertTrue($andForbidden->access('view', $this->account, TRUE)->isForbidden());
// Ensure that groups added to other groups works. $andGroupsForbidden = new AccessGroupAnd();
$testRefinable->addAccessDependency($this->forbidden);
}
$accessResult = $testRefinable->getAccessDependency()->access('view', $this->account, TRUE);
$this->assertTrue($accessResult->isForbidden());
$this->assertEquals('Because I said so', $accessResult->getReason());
// Calling setAccessDependency() replaces the existing dependency. $testRefinable->setAccessDependency($this->neutral);
$dependency = $testRefinable->getAccessDependency();
$this->assertNotInstanceOf(AccessGroupAnd::class, $dependency);
$accessResult = $dependency->access('view', $this->account, TRUE);
$this->assertTrue($accessResult->isNeutral());
$this->assertEquals('I have no opinion', $accessResult->getReason());
}
/** * Tests merging a new dependency with existing non-group access dependency. * * @dataProvider providerTestSetFirst */
public function testMergeNonGroup($use_set_first) {
$testRefinable = new RefinableDependentAccessTraitTestClass();
if ($use_set_first) {
}
$accessResult = $testRefinable->getAccessDependency()->access('view', $this->account, TRUE);
$this->assertTrue($accessResult->isForbidden());
$this->assertEquals('Because I said so', $accessResult->getReason());
// Calling setAccessDependency() replaces the existing dependency. $testRefinable->setAccessDependency($this->neutral);
$dependency = $testRefinable->getAccessDependency();
$this->assertNotInstanceOf(AccessGroupAnd::class, $dependency);
$accessResult = $dependency->access('view', $this->account, TRUE);
$this->assertTrue($accessResult->isNeutral());
$this->assertEquals('I have no opinion', $accessResult->getReason());
}
/** * Tests merging a new dependency with existing non-group access dependency. * * @dataProvider providerTestSetFirst */
public function testMergeNonGroup($use_set_first) {
$testRefinable = new RefinableDependentAccessTraitTestClass();
if ($use_set_first) {
$result->setReason($other->getReason());
}
}
elseif ($this->isAllowed() || $other->isAllowed()) {
$result = static::allowed();
if (!$this->isAllowed() || ($this->getCacheMaxAge() === 0 && $other->isAllowed()) || ($this->getCacheMaxAge() !== 0 && $other instanceof CacheableDependencyInterface && $other->getCacheMaxAge() !== 0)) {
$merge_other = TRUE;
}
}
else {
$result = static::neutral();
if (!$this->isNeutral() || ($this->getCacheMaxAge() === 0 && $other->isNeutral()) || ($this->getCacheMaxAge() !== 0 && $other instanceof CacheableDependencyInterface && $other->getCacheMaxAge() !== 0)) {
$merge_other = TRUE;
}
if ($this instanceof AccessResultReasonInterface && $this->getReason() !== '') {
$result->setReason($this->getReason());
}
elseif ($other instanceof AccessResultReasonInterface && $other->getReason() !== '') {
$result->setReason($other->getReason());
}
}
$result->inheritCacheability($this);
}
}
elseif ($this->isAllowed() || $other->isAllowed()) {
$result = static::allowed();
if (!$this->isAllowed() || ($this->getCacheMaxAge() === 0 && $other->isAllowed()) || ($this->getCacheMaxAge() !== 0 && $other instanceof CacheableDependencyInterface && $other->getCacheMaxAge() !== 0)) {
$merge_other = TRUE;
}
}
else {
$result = static::neutral();
if (!$this->isNeutral() || ($this->getCacheMaxAge() === 0 && $other->isNeutral()) || ($this->getCacheMaxAge() !== 0 && $other instanceof CacheableDependencyInterface && $other->getCacheMaxAge() !== 0)) {
$merge_other = TRUE;
}
if ($this instanceof AccessResultReasonInterface && $this->getReason() !== '') {
$result->setReason($this->getReason());
}
elseif ($other instanceof AccessResultReasonInterface && $other->getReason() !== '') {
$result->setReason($other->getReason());
}
}
$result->inheritCacheability($this);
protected function getFieldAccess(ResourceType $resource_type, $internal_field_name) {
$definitions = $this->fieldManager->getFieldDefinitions($resource_type->getEntityTypeId(), $resource_type->getBundle());
assert(isset($definitions[$internal_field_name]), 'The field name should have already been validated.');
$field_definition = $definitions[$internal_field_name];
$filter_access_results = $this->moduleHandler->invokeAll('jsonapi_entity_field_filter_access', [$field_definition, $this->currentUser]);
$filter_access_result = array_reduce($filter_access_results, function DAccessResultInterface $combined_result, AccessResultInterface $result) {
return $combined_result->orIf($result);
}, AccessResult::neutral());
if (!$filter_access_result->isNeutral()) {
return $filter_access_result;
}
$entity_access_control_handler = $this->entityTypeManager->getAccessControlHandler($resource_type->getEntityTypeId());
$field_access = $entity_access_control_handler->fieldAccess('view', $field_definition, NULL, NULL, TRUE);
return $filter_access_result->orIf($field_access);
}
}
// @todo Consider adding explicit "publish any|own workspace" permissions in // https://www.drupal.org/project/drupal/issues/3084260. $permission_operation = ($operation === 'update' || $operation === 'publish') ? 'edit' : $operation;
// Check if the user has permission to access all workspaces. $access_result = AccessResult::allowedIfHasPermission($account, $permission_operation . ' any workspace');
// Check if it's their own workspace, and they have permission to access // their own workspace. if ($access_result->isNeutral() && $account->isAuthenticated() && $account->id() === $entity->getOwnerId()) {
$access_result = AccessResult::allowedIfHasPermission($account, $permission_operation . ' own workspace')
->cachePerUser()
->addCacheableDependency($entity);
}
return $access_result;
}
/** * {@inheritdoc} */
/** * Tests the construction of an AccessResult object. * * @covers ::neutral */
public function testConstruction() {
$verify = function DAccessResult $access) {
$this->assertFalse($access->isAllowed());
$this->assertFalse($access->isForbidden());
$this->assertTrue($access->isNeutral());
$this->assertDefaultCacheability($access);
};
// Verify the object when using the constructor. $a = new AccessResultNeutral();
$verify($a);
// Verify the object when using the ::create() convenience method. $b = AccessResult::neutral();
$verify($b);
$parameters = $state->getOpenerParameters();
$parameters['entity_id'] = $neutral_entity->id();
$state = MediaLibraryState::create(
$state->getOpenerId(),
$state->getAllowedTypeIds(),
$state->getSelectedTypeId(),
$state->getAvailableSlots(),
$parameters
);
$access_result = $ui_builder->checkAccess($this->createUser(), $state);
$this->assertTrue($access_result->isNeutral());
$this->assertAccess($access_result, FALSE, NULL, [], ['url.query_args', 'user.permissions']);
// Give the user permission to edit the entity and assert that access is // granted. $account = $this->createUser([
'administer entity_test content',
'view media',
]);
$access_result = $ui_builder->checkAccess($account, $state);
$this->assertAccess($access_result, TRUE, NULL, Views::getView('media_library')->storage->getCacheTags(), ['url.query_args', 'user.permissions']);
}
$parameters['entity_id'] = $neutral_entity->id();
$state = MediaLibraryState::create(
$state->getOpenerId(),
$state->getAllowedTypeIds(),
$state->getSelectedTypeId(),
$state->getAvailableSlots(),
$parameters
);
$access_result = $ui_builder->checkAccess($this->createUser(), $state);
$this->assertTrue($access_result->isNeutral());
$this->assertAccess($access_result, FALSE, NULL, [], ['url.query_args', 'user.permissions']);
// Give the user permission to edit the entity and assert that access is // granted. $account = $this->createUser([
'administer entity_test content',
'view media',
]);
$access_result = $ui_builder->checkAccess($account, $state);
$this->assertAccess($access_result, TRUE, NULL, Views::getView('media_library')->storage->getCacheTags(), ['url.query_args', 'user.permissions']);
}
protected function assertAccess(AccessResultInterface $expected_access_result, array $expected_cache_contexts, array $expected_cache_tags, AccessResultInterface $actual): void {
$this->assertSame($expected_access_result->isAllowed(), $actual->isAllowed());
$this->assertSame($expected_access_result->isForbidden(), $actual->isForbidden());
$this->assertSame($expected_access_result->isNeutral(), $actual->isNeutral());
$actual_cache_contexts = $actual->getCacheContexts();
sort($expected_cache_contexts);
sort($actual_cache_contexts);
$this->assertSame($expected_cache_contexts, $actual_cache_contexts);
$actual_cache_tags = $actual->getCacheTags();
sort($expected_cache_tags);
sort($actual_cache_tags);
$this->assertSame($expected_cache_tags, $actual_cache_tags);
}