Drupal investigation

node.views_execution.inc 2.7KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364
  1. <?php
  2. /**
  3. * @file
  4. * Provide views runtime hooks for node.module.
  5. */
  6. use Drupal\user\RoleInterface;
  7. use Drupal\views\ViewExecutable;
  8. use Drupal\user\Entity\Role;
  9. /**
  10. * Implements hook_views_query_substitutions().
  11. */
  12. function node_views_query_substitutions(ViewExecutable $view) {
  13. $account = \Drupal::currentUser();
  14. return [
  15. '***ADMINISTER_NODES***' => intval($account->hasPermission('administer nodes')),
  16. '***VIEW_OWN_UNPUBLISHED_NODES***' => intval($account->hasPermission('view own unpublished content')),
  17. '***BYPASS_NODE_ACCESS***' => intval($account->hasPermission('bypass node access')),
  18. ];
  19. }
  20. /**
  21. * Implements hook_views_analyze().
  22. */
  23. function node_views_analyze(ViewExecutable $view) {
  24. $ret = [];
  25. // Check for something other than the default display:
  26. if ($view->storage->get('base_table') == 'node') {
  27. foreach ($view->displayHandlers as $display) {
  28. if (!$display->isDefaulted('access') || !$display->isDefaulted('filters')) {
  29. // check for no access control
  30. $access = $display->getOption('access');
  31. if (empty($access['type']) || $access['type'] == 'none') {
  32. $anonymous_role = Role::load(RoleInterface::ANONYMOUS_ID);
  33. $anonymous_has_access = $anonymous_role && $anonymous_role->hasPermission('access content');
  34. $authenticated_role = Role::load(RoleInterface::AUTHENTICATED_ID);
  35. $authenticated_has_access = $authenticated_role && $authenticated_role->hasPermission('access content');
  36. if (!$anonymous_has_access || !$authenticated_has_access) {
  37. $ret[] = Analyzer::formatMessage(t('Some roles lack permission to access content, but display %display has no access control.', ['%display' => $display->display['display_title']]), 'warning');
  38. }
  39. $filters = $display->getOption('filters');
  40. foreach ($filters as $filter) {
  41. if ($filter['table'] == 'node' && ($filter['field'] == 'status' || $filter['field'] == 'status_extra')) {
  42. continue 2;
  43. }
  44. }
  45. $ret[] = Analyzer::formatMessage(t('Display %display has no access control but does not contain a filter for published nodes.', ['%display' => $display->display['display_title']]), 'warning');
  46. }
  47. }
  48. }
  49. }
  50. foreach ($view->displayHandlers as $display) {
  51. if ($display->getPluginId() == 'page') {
  52. if ($display->getOption('path') == 'node/%') {
  53. $ret[] = Analyzer::formatMessage(t('Display %display has set node/% as path. This will not produce what you want. If you want to have multiple versions of the node view, use panels.', ['%display' => $display->display['display_title']]), 'warning');
  54. }
  55. }
  56. }
  57. return $ret;
  58. }