/** * Returns an array of filter permissions. * * @return array */ public function permissions() { $permissions = []; // Generate permissions for each text format. Warn the administrator that any // of them are potentially unsafe. /** @var \Drupal\filter\FilterFormatInterface[] $formats */ $formats = $this->entityManager->getStorage('filter_format')->loadByProperties(['status' => TRUE]); uasort($formats, 'Drupal\\Core\\Config\\Entity\\ConfigEntityBase::sort'); foreach ($formats as $format) { if ($permission = $format->getPermissionName()) { $permissions[$permission] = ['title' => $this->t('Use the <a href="@url">@label</a> text format', ['@url' => $format->url(), '@label' => $format->label()]), 'description' => String::placeholder($this->t('Warning: This permission may have security implications depending on how the text format is configured.'))]; } } return $permissions; }
/** * {@inheritdoc} */ public function validate($items, Constraint $constraint) { /** @var \Drupal\Core\Field\FieldItemListInterface $items */ /** @var \Drupal\user\UserInterface $account */ $account = $this->context->getMetadata()->getTypedData()->getEntity(); $existing_value = NULL; if ($account->id()) { $account_unchanged = \Drupal::entityManager()->getStorage('user')->loadUnchanged($account->id()); $existing_value = $account_unchanged->getEmail(); } $required = !(!$existing_value && \Drupal::currentUser()->hasPermission('administer users')); if ($required && (!isset($items) || $items->isEmpty())) { $this->context->addViolation($this->message, array('!name' => String::placeholder($account->getFieldDefinition('mail')->getLabel()))); } }
/** * {@inheritdoc} */ public function buildRow(EntityInterface $entity) { // Check whether this is the fallback text format. This format is available // to all roles and cannot be disabled via the admin interface. if ($entity->isFallbackFormat()) { $row['label'] = String::placeholder($entity->label()); $fallback_choice = $this->configFactory->get('filter.settings')->get('always_show_fallback_choice'); if ($fallback_choice) { $roles_markup = String::placeholder($this->t('All roles may use this format')); } else { $roles_markup = String::placeholder($this->t('This format is shown when no other formats are available')); } } else { $row['label'] = $this->getLabel($entity); $roles = array_map('\\Drupal\\Component\\Utility\\String::checkPlain', filter_get_roles_by_format($entity)); $roles_markup = $roles ? implode(', ', $roles) : $this->t('No roles may use this format'); } $row['roles'] = !empty($this->weightKey) ? array('#markup' => $roles_markup) : $roles_markup; return $row + parent::buildRow($entity); }
/** * Generates an overview table of older revisions of a node. * * @param \Drupal\node\NodeInterface $node * A node object. * * @return array * An array as expected by drupal_render(). */ public function revisionOverview(NodeInterface $node) { $account = $this->currentUser(); $node_storage = $this->entityManager()->getStorage('node'); $type = $node->getType(); $build = array(); $build['#title'] = $this->t('Revisions for %title', array('%title' => $node->label())); $header = array($this->t('Revision'), $this->t('Operations')); $revert_permission = ($account->hasPermission("revert {$type} revisions") || $account->hasPermission('revert all revisions') || $account->hasPermission('administer nodes')) && $node->access('update'); $delete_permission = ($account->hasPermission("delete {$type} revisions") || $account->hasPermission('delete all revisions') || $account->hasPermission('administer nodes')) && $node->access('delete'); $rows = array(); $vids = $node_storage->revisionIds($node); foreach (array_reverse($vids) as $vid) { if ($revision = $node_storage->loadRevision($vid)) { $row = array(); $revision_author = $revision->uid->entity; if ($vid == $node->getRevisionId()) { $username = array('#theme' => 'username', '#account' => $revision_author); $row[] = array('data' => $this->t('!date by !username', array('!date' => $this->l($this->dateFormatter->format($revision->revision_timestamp->value, 'short'), 'node.view', array('node' => $node->id())), '!username' => drupal_render($username))) . ($revision->revision_log->value != '' ? '<p class="revision-log">' . Xss::filter($revision->revision_log->value) . '</p>' : ''), 'class' => array('revision-current')); $row[] = array('data' => String::placeholder($this->t('current revision')), 'class' => array('revision-current')); } else { $username = array('#theme' => 'username', '#account' => $revision_author); $row[] = $this->t('!date by !username', array('!date' => $this->l($this->dateFormatter->format($revision->revision_timestamp->value, 'short'), 'node.revision_show', array('node' => $node->id(), 'node_revision' => $vid)), '!username' => drupal_render($username))) . ($revision->revision_log->value != '' ? '<p class="revision-log">' . Xss::filter($revision->revision_log->value) . '</p>' : ''); if ($revert_permission) { $links['revert'] = array('title' => $this->t('Revert'), 'route_name' => 'node.revision_revert_confirm', 'route_parameters' => array('node' => $node->id(), 'node_revision' => $vid)); } if ($delete_permission) { $links['delete'] = array('title' => $this->t('Delete'), 'route_name' => 'node.revision_delete_confirm', 'route_parameters' => array('node' => $node->id(), 'node_revision' => $vid)); } $row[] = array('data' => array('#type' => 'operations', '#links' => $links)); } $rows[] = $row; } } $build['node_revisions_table'] = array('#theme' => 'table', '#rows' => $rows, '#header' => $header, '#attached' => array('library' => array('node/drupal.node.admin'))); return $build; }
/** * Runs entity validation checks. */ function testValidation() { $user = User::create(array('name' => 'test', 'mail' => '*****@*****.**')); $violations = $user->validate(); $this->assertEqual(count($violations), 0, 'No violations when validating a default user.'); // Only test one example invalid name here, the rest is already covered in // the testUsernames() method in this class. $name = $this->randomMachineName(61); $user->set('name', $name); $violations = $user->validate(); $this->assertEqual(count($violations), 1, 'Violation found when name is too long.'); $this->assertEqual($violations[0]->getPropertyPath(), 'name'); $this->assertEqual($violations[0]->getMessage(), t('The username %name is too long: it must be %max characters or less.', array('%name' => $name, '%max' => 60))); // Create a second test user to provoke a name collision. $user2 = entity_create('user', array('name' => 'existing', 'mail' => '*****@*****.**')); $user2->save(); $user->set('name', 'existing'); $violations = $user->validate(); $this->assertEqual(count($violations), 1, 'Violation found on name collision.'); $this->assertEqual($violations[0]->getPropertyPath(), 'name'); $this->assertEqual($violations[0]->getMessage(), t('The username %name is already taken.', array('%name' => 'existing'))); // Make the name valid. $user->set('name', $this->randomMachineName()); $user->set('mail', 'invalid'); $violations = $user->validate(); $this->assertEqual(count($violations), 1, 'Violation found when email is invalid'); $this->assertEqual($violations[0]->getPropertyPath(), 'mail.0.value'); $this->assertEqual($violations[0]->getMessage(), t('This value is not a valid email address.')); $mail = $this->randomMachineName(Email::EMAIL_MAX_LENGTH - 11) . '@example.com'; $user->set('mail', $mail); $violations = $user->validate(); // @todo There are two violations because EmailItem::getConstraints() // overlaps with the implicit constraint of the 'email' property type used // in EmailItem::propertyDefinitions(). Resolve this in // https://drupal.org/node/2023465. $this->assertEqual(count($violations), 2, 'Violations found when email is too long'); $this->assertEqual($violations[0]->getPropertyPath(), 'mail.0.value'); $this->assertEqual($violations[0]->getMessage(), t('%name: the email address can not be longer than @max characters.', array('%name' => $user->get('mail')->getFieldDefinition()->getLabel(), '@max' => Email::EMAIL_MAX_LENGTH))); $this->assertEqual($violations[1]->getPropertyPath(), 'mail.0.value'); $this->assertEqual($violations[1]->getMessage(), t('This value is not a valid email address.')); // Provoke an email collision with an existing user. $user->set('mail', '*****@*****.**'); $violations = $user->validate(); $this->assertEqual(count($violations), 1, 'Violation found when email already exists.'); $this->assertEqual($violations[0]->getPropertyPath(), 'mail'); $this->assertEqual($violations[0]->getMessage(), t('The email address %mail is already taken.', array('%mail' => '*****@*****.**'))); $user->set('mail', NULL); $violations = $user->validate(); $this->assertEqual(count($violations), 1, 'E-mail addresses may not be removed'); $this->assertEqual($violations[0]->getPropertyPath(), 'mail'); $this->assertEqual($violations[0]->getMessage(), t('!name field is required.', array('!name' => String::placeholder($user->getFieldDefinition('mail')->getLabel())))); $user->set('mail', '*****@*****.**'); $user->set('timezone', $this->randomString(33)); $this->assertLengthViolation($user, 'timezone', 32, 2, 1); $user->set('timezone', 'invalid zone'); $this->assertAllowedValuesViolation($user, 'timezone'); $user->set('timezone', NULL); $user->set('init', 'invalid'); $violations = $user->validate(); $this->assertEqual(count($violations), 1, 'Violation found when init email is invalid'); $user->set('init', NULL); $user->set('langcode', 'invalid'); $this->assertAllowedValuesViolation($user, 'langcode'); $user->set('langcode', NULL); // Only configurable langcodes are allowed for preferred languages. $user->set('preferred_langcode', Language::LANGCODE_NOT_SPECIFIED); $this->assertAllowedValuesViolation($user, 'preferred_langcode'); $user->set('preferred_langcode', NULL); $user->set('preferred_admin_langcode', Language::LANGCODE_NOT_SPECIFIED); $this->assertAllowedValuesViolation($user, 'preferred_admin_langcode'); $user->set('preferred_admin_langcode', NULL); Role::create(array('id' => 'role1'))->save(); Role::create(array('id' => 'role2'))->save(); // Test cardinality of user roles. $user = entity_create('user', array('name' => 'role_test', 'mail' => '*****@*****.**', 'roles' => array('role1', 'role2'))); $violations = $user->validate(); $this->assertEqual(count($violations), 0); $user->roles[1]->target_id = 'unknown_role'; $violations = $user->validate(); $this->assertEqual(count($violations), 1); $this->assertEqual($violations[0]->getPropertyPath(), 'roles.1'); $this->assertEqual($violations[0]->getMessage(), t('The referenced entity (%entity_type: %name) does not exist.', array('%entity_type' => 'user_role', '%name' => 'unknown_role'))); }