diff --git a/composer.lock b/composer.lock
index 95cdb7e33184cc9c54510fc623a5fd921ef06869..b5481c6e4732d38a777907c0cc471748006ea563 100644
--- a/composer.lock
+++ b/composer.lock
@@ -7381,20 +7381,20 @@
},
{
"name": "drupal/userprotect",
- "version": "1.1.0",
+ "version": "1.2.0",
"source": {
"type": "git",
"url": "https://git.drupalcode.org/project/userprotect.git",
- "reference": "8.x-1.1"
+ "reference": "8.x-1.2"
},
"dist": {
"type": "zip",
- "url": "https://ftp.drupal.org/files/projects/userprotect-8.x-1.1.zip",
- "reference": "8.x-1.1",
- "shasum": "485e240317a7fc1c0523b082f333c983ea3ca639"
+ "url": "https://ftp.drupal.org/files/projects/userprotect-8.x-1.2.zip",
+ "reference": "8.x-1.2",
+ "shasum": "f3246af48c60b85bb8f240cd98c286e5b38eb33c"
},
"require": {
- "drupal/core": "^8 || ^9"
+ "drupal/core": "^8 || ^9 || ^10"
},
"require-dev": {
"drupal/role_delegation": "^1.0"
@@ -7402,8 +7402,8 @@
"type": "drupal-module",
"extra": {
"drupal": {
- "version": "8.x-1.1",
- "datestamp": "1578341583",
+ "version": "8.x-1.2",
+ "datestamp": "1670669515",
"security-coverage": {
"status": "covered",
"message": "Covered by Drupal's security advisory policy"
diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json
index 79f21cbc31e5ea43e2ba7713f71eddbaff36f314..9a7ef02e0e452627d36ed471c95db54bdc65d2c7 100644
--- a/vendor/composer/installed.json
+++ b/vendor/composer/installed.json
@@ -7648,21 +7648,21 @@
},
{
"name": "drupal/userprotect",
- "version": "1.1.0",
- "version_normalized": "1.1.0.0",
+ "version": "1.2.0",
+ "version_normalized": "1.2.0.0",
"source": {
"type": "git",
"url": "https://git.drupalcode.org/project/userprotect.git",
- "reference": "8.x-1.1"
+ "reference": "8.x-1.2"
},
"dist": {
"type": "zip",
- "url": "https://ftp.drupal.org/files/projects/userprotect-8.x-1.1.zip",
- "reference": "8.x-1.1",
- "shasum": "485e240317a7fc1c0523b082f333c983ea3ca639"
+ "url": "https://ftp.drupal.org/files/projects/userprotect-8.x-1.2.zip",
+ "reference": "8.x-1.2",
+ "shasum": "f3246af48c60b85bb8f240cd98c286e5b38eb33c"
},
"require": {
- "drupal/core": "^8 || ^9"
+ "drupal/core": "^8 || ^9 || ^10"
},
"require-dev": {
"drupal/role_delegation": "^1.0"
@@ -7670,8 +7670,8 @@
"type": "drupal-module",
"extra": {
"drupal": {
- "version": "8.x-1.1",
- "datestamp": "1578341583",
+ "version": "8.x-1.2",
+ "datestamp": "1670669515",
"security-coverage": {
"status": "covered",
"message": "Covered by Drupal's security advisory policy"
@@ -7684,13 +7684,13 @@
"GPL-2.0+"
],
"authors": [
- {
- "name": "MegaChriz",
- "homepage": "https://www.drupal.org/user/654114"
- },
{
"name": "karschsp",
"homepage": "https://www.drupal.org/user/138216"
+ },
+ {
+ "name": "MegaChriz",
+ "homepage": "https://www.drupal.org/user/654114"
}
],
"description": "Allows admins to protect users from being edited or cancelled, on a per-user basis.",
diff --git a/vendor/composer/installed.php b/vendor/composer/installed.php
index fa764d734a100c176fac91e39a0ba15cd84164fe..16284cb92ce441e8ffa6e29c5b5b56d3760b2f84 100644
--- a/vendor/composer/installed.php
+++ b/vendor/composer/installed.php
@@ -3,7 +3,7 @@
'name' => 'osu-asc-webservices/d8-upstream',
'pretty_version' => 'dev-master',
'version' => 'dev-master',
- 'reference' => '52c5f239f26a10cfa3c2d3933c105ad12c2230cf',
+ 'reference' => 'da223c6c20ccc82a51dd34259bfae19cded9ab73',
'type' => 'project',
'install_path' => __DIR__ . '/../../',
'aliases' => array(),
@@ -1220,9 +1220,9 @@
'dev_requirement' => false,
),
'drupal/userprotect' => array(
- 'pretty_version' => '1.1.0',
- 'version' => '1.1.0.0',
- 'reference' => '8.x-1.1',
+ 'pretty_version' => '1.2.0',
+ 'version' => '1.2.0.0',
+ 'reference' => '8.x-1.2',
'type' => 'drupal-module',
'install_path' => __DIR__ . '/../../web/modules/userprotect',
'aliases' => array(),
@@ -1549,7 +1549,7 @@
'osu-asc-webservices/d8-upstream' => array(
'pretty_version' => 'dev-master',
'version' => 'dev-master',
- 'reference' => '52c5f239f26a10cfa3c2d3933c105ad12c2230cf',
+ 'reference' => 'da223c6c20ccc82a51dd34259bfae19cded9ab73',
'type' => 'project',
'install_path' => __DIR__ . '/../../',
'aliases' => array(),
diff --git a/web/modules/userprotect/README.txt b/web/modules/userprotect/README.md
similarity index 72%
rename from web/modules/userprotect/README.txt
rename to web/modules/userprotect/README.md
index 08624242eba609c7018fd36ebad72a5d85da924c..a23eb49bbcf1f1a4b382cfde8d3452184439b7b5 100644
--- a/web/modules/userprotect/README.txt
+++ b/web/modules/userprotect/README.md
@@ -1,8 +1,7 @@
User Protect
============
-CONTENTS OF THIS FILE
----------------------
+## CONTENTS OF THIS FILE
* Introduction
* Requirements
@@ -10,9 +9,7 @@ CONTENTS OF THIS FILE
* Configuration
* Maintainers
-
-INTRODUCTION
-------------
+## INTRODUCTION
The User Protect module allows fine-grained access control of user
administrators, by providing various editing protection for users. The
@@ -28,29 +25,23 @@ The following protections are supported:
* Edit operation (user/X/edit)
* Delete operation (user/X/cancel)
- * For a full description of the module visit:
- https://www.drupal.org/project/userprotect
-
- * To submit bug reports and feature suggestions, or to track changes visit:
- https://www.drupal.org/project/issues/userprotect
+For a full description of the module visit:
+<https://www.drupal.org/project/userprotect>
+To submit bug reports and feature suggestions, or to track changes visit:
+<https://www.drupal.org/project/issues/userprotect>
-REQUIREMENTS
-------------
+## REQUIREMENTS
This module requires no modules outside of Drupal core.
+## INSTALLATION
-INSTALLATION
-------------
-
- * Install the User Protect module as you would normally install a contributed
- Drupal module. Visit https://www.drupal.org/node/1897420 for further
- information.
+Install the User Protect module as you would normally install a contributed
+Drupal module. Visit <https://www.drupal.org/node/1897420> for further
+information.
-
-CONFIGURATION
--------------
+## CONFIGURATION
1. Navigate to Administration > Extend and enable the module.
2. Navigate to Administration > Configuration > People > User protect for
@@ -58,11 +49,11 @@ CONFIGURATION
There are two types of protection rules:
- * User based protection rules:
+ * User based protection rules:\
This user will be protected for all users except: "User 1" (admin), the
protected user itself, and users with the permissions to "Bypass all user
protections".
- * Role based protection rules:
+ * Role based protection rules:\
This role will be protected for all users except: "User 1" (admin), and users
with the permissions to "Bypass all user protections".
@@ -81,8 +72,6 @@ Protected fields will be disabled or hidden on the form at user/X/edit. The edit
and delete operations are protected by controlling entity access for the
operations 'update' and 'delete'.
+## MAINTAINERS
-MAINTAINERS
------------
-
- * Youri van Koppen (MegaChriz) - https://www.drupal.org/user/654114
+ * Youri van Koppen (MegaChriz) - <https://www.drupal.org/user/654114>
diff --git a/web/modules/userprotect/src/Access/UserProtectRoleAccessCheck.php b/web/modules/userprotect/src/Access/UserProtectRoleAccessCheck.php
index a127d27cdc306f1d52b6f81681abf528260ad0ef..f7480773568c50ee50bf2d19a355d7c7923a3353 100644
--- a/web/modules/userprotect/src/Access/UserProtectRoleAccessCheck.php
+++ b/web/modules/userprotect/src/Access/UserProtectRoleAccessCheck.php
@@ -8,7 +8,7 @@
use Drupal\user\UserInterface;
/**
- * Class UserProtectRoleAccessCheck.
+ * Defines an access control handler for user roles.
*
* @package Drupal\userprotect\Access
*/
diff --git a/web/modules/userprotect/src/Routing/RouteSubscriber.php b/web/modules/userprotect/src/Routing/RouteSubscriber.php
index 0d68e36c06eb1b89a0015c16b9153d2425cf5fd2..738182cb1fded7a3f5badd4e38988a6539f4c6be 100644
--- a/web/modules/userprotect/src/Routing/RouteSubscriber.php
+++ b/web/modules/userprotect/src/Routing/RouteSubscriber.php
@@ -6,7 +6,9 @@
use Symfony\Component\Routing\RouteCollection;
/**
- * Class RouteSubscriber.
+ * Subscriber for user related routes.
+ *
+ * Adds an access requirement for a role_delegation route.
*
* @package Drupal\userprotect\Routing
*/
diff --git a/web/modules/userprotect/tests/modules/userprotect_test/userprotect_test.info.yml b/web/modules/userprotect/tests/modules/userprotect_test/userprotect_test.info.yml
index b5b1ca38b4003c00f848b7d6d511232321cfb310..9278665a467e4c384db49a5aaede2edd8414b353 100644
--- a/web/modules/userprotect/tests/modules/userprotect_test/userprotect_test.info.yml
+++ b/web/modules/userprotect/tests/modules/userprotect_test/userprotect_test.info.yml
@@ -2,12 +2,10 @@ name: User protect test
type: module
description: 'Support module for the User protect tests.'
package: Testing
-core: 8.x
-core_version_requirement: ^8 || ^9
dependencies:
- - userprotect
+ - userprotect:userprotect
-# Information added by Drupal.org packaging script on 2020-01-06
-version: '8.x-1.1'
+# Information added by Drupal.org packaging script on 2022-12-10
+version: '8.x-1.2'
project: 'userprotect'
-datestamp: 1578341587
+datestamp: 1670669517
diff --git a/web/modules/userprotect/tests/src/Functional/InstallTest.php b/web/modules/userprotect/tests/src/Functional/InstallTest.php
index c2e19d1ee5a62f72e7759aac45e742c1d7b253d5..16c5cf96b39ef2e0b7bd9d888eff4a9ea1c22995 100644
--- a/web/modules/userprotect/tests/src/Functional/InstallTest.php
+++ b/web/modules/userprotect/tests/src/Functional/InstallTest.php
@@ -14,7 +14,7 @@ class InstallTest extends BrowserTestBase {
/**
* {@inheritdoc}
*/
- public static $modules = [];
+ protected static $modules = [];
/**
* Module handler to ensure installed modules.
@@ -38,7 +38,7 @@ class InstallTest extends BrowserTestBase {
/**
* {@inheritdoc}
*/
- public function setUp() {
+ public function setUp(): void {
parent::setUp();
$this->moduleHandler = $this->container->get('module_handler');
$this->moduleInstaller = $this->container->get('module_installer');
@@ -62,7 +62,7 @@ public function testInstallationAndUninstallation() {
// Ensure an authenticated user can edit its own account.
$this->drupalLogin($account);
$this->drupalGet('user/' . $account->id() . '/edit');
- $this->assertResponse(200, 'Authenticated user has access to edit page of own account.');
+ $this->assertSession()->statusCodeEquals(200);
// Uninstall userprotect.
$this->moduleInstaller->uninstall(['userprotect']);
diff --git a/web/modules/userprotect/tests/src/Functional/ProtectionRuleCrudTest.php b/web/modules/userprotect/tests/src/Functional/ProtectionRuleCrudTest.php
index 40a2309e005e135444b81e117c445eb959f7b096..b45e1375450693a51284753177224da459f91fb7 100644
--- a/web/modules/userprotect/tests/src/Functional/ProtectionRuleCrudTest.php
+++ b/web/modules/userprotect/tests/src/Functional/ProtectionRuleCrudTest.php
@@ -22,7 +22,7 @@ class ProtectionRuleCrudTest extends UserProtectBrowserTestBase {
/**
* {@inheritdoc}
*/
- protected function setUp() {
+ protected function setUp(): void {
parent::setUp();
$this->account = $this->drupalCreateUser(['userprotect.administer']);
@@ -44,7 +44,8 @@ public function testCrudRoleProtectionRule() {
'entity_id' => $rid,
'protection[user_mail]' => TRUE,
];
- $this->drupalPostForm('admin/config/people/userprotect/add', $edit, t('Save'));
+ $this->drupalGet('admin/config/people/userprotect/add');
+ $this->submitForm($edit, 'Save');
// Assert that the rule was created.
$protection_rule = ProtectionRule::load($rule_id);
@@ -65,7 +66,8 @@ public function testCrudRoleProtectionRule() {
'protection[user_name]' => TRUE,
'protection[user_mail]' => FALSE,
];
- $this->drupalPostForm('admin/config/people/userprotect/manage/' . $rule_id, $edit, t('Save'));
+ $this->drupalGet('admin/config/people/userprotect/manage/' . $rule_id);
+ $this->submitForm($edit, 'Save');
// Assert that the rule was updated with the expected values.
$protection_rule = ProtectionRule::load($rule_id);
@@ -85,15 +87,17 @@ public function testCrudRoleProtectionRule() {
'entity_id' => $rid,
'protection[user_mail]' => TRUE,
];
- $this->drupalPostForm('admin/config/people/userprotect/add', $edit, t('Save'));
+ $this->drupalGet('admin/config/people/userprotect/add');
+ $this->submitForm($edit, 'Save');
$this->assertSession()->pageTextContains('The machine-readable name is already in use. It must be unique.');
// Assert only one protection rule exists.
$entities = ProtectionRule::loadMultiple(NULL);
$this->assertCount(1, $entities, 'Only one protection rule exists.');
+ $this->drupalGet('admin/config/people/userprotect/manage/' . $rule_id . '/delete');
// Delete rule.
- $this->drupalPostForm('admin/config/people/userprotect/manage/' . $rule_id . '/delete', [], t('Delete'));
+ $this->submitForm([], 'Delete');
// Assert the rule no longer exists.
$protection_rule = ProtectionRule::load($rule_id);
$this->assertEmpty($protection_rule, 'The protection rule was deleted.');
@@ -114,7 +118,8 @@ public function testCrudUserProtectionRule() {
'entity_id' => $account->getAccountName(),
'protection[user_mail]' => TRUE,
];
- $this->drupalPostForm('admin/config/people/userprotect/add/user', $edit, t('Save'));
+ $this->drupalGet('admin/config/people/userprotect/add/user');
+ $this->submitForm($edit, 'Save');
// Assert that the rule was created.
$protection_rule = ProtectionRule::load($rule_id);
@@ -135,7 +140,8 @@ public function testCrudUserProtectionRule() {
'protection[user_name]' => TRUE,
'protection[user_mail]' => FALSE,
];
- $this->drupalPostForm('admin/config/people/userprotect/manage/' . $rule_id, $edit, t('Save'));
+ $this->drupalGet('admin/config/people/userprotect/manage/' . $rule_id);
+ $this->submitForm($edit, 'Save');
// Assert that the rule was updated with the expected values.
$protection_rule = ProtectionRule::load($rule_id);
@@ -155,7 +161,8 @@ public function testCrudUserProtectionRule() {
'entity_id' => $account->getAccountName(),
'protection[user_mail]' => TRUE,
];
- $this->drupalPostForm('admin/config/people/userprotect/add/user', $edit, t('Save'));
+ $this->drupalGet('admin/config/people/userprotect/add/user');
+ $this->submitForm($edit, 'Save');
$this->assertSession()->pageTextContains('The machine-readable name is already in use. It must be unique.');
// Assert only one protection rule exists.
@@ -163,7 +170,8 @@ public function testCrudUserProtectionRule() {
$this->assertCount(1, $entities, 'Only one protection rule exists.');
// Delete rule.
- $this->drupalPostForm('admin/config/people/userprotect/manage/' . $rule_id . '/delete', [], t('Delete'));
+ $this->drupalGet('admin/config/people/userprotect/manage/' . $rule_id . '/delete');
+ $this->submitForm([], 'Delete');
// Assert the rule no longer exists.
$protection_rule = ProtectionRule::load($rule_id);
$this->assertEmpty($protection_rule, 'The protection rule was deleted.');
diff --git a/web/modules/userprotect/tests/src/Functional/RoleDelegation/RoleDelegationIntegrationTest.php b/web/modules/userprotect/tests/src/Functional/RoleDelegation/RoleDelegationIntegrationTest.php
index 71f7f5cb03fd5f43d21b29511b42423e40e98dab..3110ba24b5cff81550885984f9b0d9525aa676b7 100644
--- a/web/modules/userprotect/tests/src/Functional/RoleDelegation/RoleDelegationIntegrationTest.php
+++ b/web/modules/userprotect/tests/src/Functional/RoleDelegation/RoleDelegationIntegrationTest.php
@@ -17,7 +17,7 @@ class RoleDelegationIntegrationTest extends BrowserTestBase {
*
* @var array
*/
- public static $modules = ['userprotect', 'user', 'role_delegation'];
+ protected static $modules = ['userprotect', 'user', 'role_delegation'];
/**
* {@inheritdoc}
@@ -62,7 +62,7 @@ class RoleDelegationIntegrationTest extends BrowserTestBase {
/**
* {@inheritdoc}
*/
- public function setUp() {
+ public function setUp(): void {
parent::setUp();
$admin_role = $this->createAdminRole();
diff --git a/web/modules/userprotect/tests/src/Functional/UnsavedUserFieldAccessTest.php b/web/modules/userprotect/tests/src/Functional/UnsavedUserFieldAccessTest.php
index bd35f4f15a22a3913e07b7ba24567f4a0b4f37a5..b210e839b600a79a37d448668404801980c94fc9 100644
--- a/web/modules/userprotect/tests/src/Functional/UnsavedUserFieldAccessTest.php
+++ b/web/modules/userprotect/tests/src/Functional/UnsavedUserFieldAccessTest.php
@@ -24,10 +24,14 @@ class UnsavedUserFieldAccessTest extends UserProtectBrowserTestBase {
/**
* {@inheritdoc}
*/
- protected function setUp() {
+ protected function setUp(): void {
parent::setUp();
- $this->account = $this->drupalCreateUser(['administer users', 'administer permissions']);
+ $this->account = $this->drupalCreateUser(
+ [
+ 'administer users',
+ 'administer permissions',
+ ]);
$this->drupalLogin($this->account);
}
@@ -44,8 +48,9 @@ public function testUserCreate() {
'pass[pass2]' => $pass,
'notify' => FALSE,
];
- $this->drupalPostForm('admin/people/create', $edit, t('Create new account'));
- $this->assertSession()->pageTextContains(t('Created a new user account for @name. No email has been sent.', ['@name' => $edit['name']]), 'User created');
+ $this->drupalGet('admin/people/create');
+ $this->submitForm($edit, 'Create new account');
+ $this->assertSession()->pageTextContains(strtr('Created a new user account for @name. No email has been sent.', ['@name' => $edit['name']]));
// Try to create an user with the same name and assert that it doesn't
// result into a fatal error.
@@ -56,8 +61,9 @@ public function testUserCreate() {
'pass[pass2]' => $pass,
'notify' => FALSE,
];
- $this->drupalPostForm('admin/people/create', $edit, t('Create new account'));
- $this->assertSession()->pageTextContains(t('The username @name is already taken.', ['@name' => $edit['name']]));
+ $this->drupalGet('admin/people/create');
+ $this->submitForm($edit, 'Create new account');
+ $this->assertSession()->pageTextContains(strtr('The username @name is already taken.', ['@name' => $edit['name']]));
}
/**
diff --git a/web/modules/userprotect/tests/src/Functional/UserProtectBrowserTestBase.php b/web/modules/userprotect/tests/src/Functional/UserProtectBrowserTestBase.php
index a0f6d8ed7c8f1b0e540a8a4699d2c405f4ba2492..4d8849e86b7576a9494fc0769eb47f6eeca3011a 100644
--- a/web/modules/userprotect/tests/src/Functional/UserProtectBrowserTestBase.php
+++ b/web/modules/userprotect/tests/src/Functional/UserProtectBrowserTestBase.php
@@ -16,7 +16,7 @@ abstract class UserProtectBrowserTestBase extends BrowserTestBase {
/**
* {@inheritdoc}
*/
- public static $modules = ['userprotect', 'userprotect_test'];
+ protected static $modules = ['userprotect', 'userprotect_test'];
/**
* {@inheritdoc}
diff --git a/web/modules/userprotect/tests/src/Functional/UserProtectionPermissionsTest.php b/web/modules/userprotect/tests/src/Functional/UserProtectionPermissionsTest.php
index 5b618eb191a0a7f23927f5ec1059bb66fa8ffb2f..56a3e05af306259ed8612fa05aab73f9a5ea7d27 100644
--- a/web/modules/userprotect/tests/src/Functional/UserProtectionPermissionsTest.php
+++ b/web/modules/userprotect/tests/src/Functional/UserProtectionPermissionsTest.php
@@ -26,7 +26,7 @@ class UserProtectionPermissionsTest extends UserProtectBrowserTestBase {
/**
* {@inheritdoc}
*/
- protected function setUp() {
+ protected function setUp(): void {
parent::setUp();
// Revoke default permissions on the authenticated user role that are
@@ -47,13 +47,18 @@ protected function setUp() {
*/
public function testEditOwnMail() {
// Create account that may edit its own mail address.
- $account = $this->drupalCreateUser(['userprotect.mail.edit', 'userprotect.account.edit']);
+ $account = $this->drupalCreateUser(
+ [
+ 'userprotect.mail.edit',
+ 'userprotect.account.edit',
+ ]);
$this->drupalLogin($account);
$edit = [
'mail' => $this->randomMachineName() . '@example.com',
];
- $this->drupalPostForm('user/' . $account->id() . '/edit', $edit, t('Save'));
+ $this->drupalGet('user/' . $account->id() . '/edit');
+ $this->submitForm($edit, 'Save');
// Assert the mail address changed.
$account = $this->reloadEntity($account);
@@ -69,7 +74,6 @@ public function testEditOwnMail() {
public function testNoEditOwnMail() {
// Create account that may NOT edit its own mail address.
$account = $this->drupalCreateUser(['userprotect.account.edit']);
- $expected_mail = $account->getEmail();
$this->drupalLogin($account);
$this->drupalGet('user/' . $account->id() . '/edit');
@@ -84,7 +88,11 @@ public function testNoEditOwnMail() {
*/
public function testEditOwnPass() {
// Create account that may edit its own password.
- $account = $this->drupalCreateUser(['userprotect.pass.edit', 'userprotect.account.edit']);
+ $account = $this->drupalCreateUser(
+ [
+ 'userprotect.pass.edit',
+ 'userprotect.account.edit',
+ ]);
$this->drupalLogin($account);
$new_pass = $this->randomMachineName();
@@ -93,7 +101,8 @@ public function testEditOwnPass() {
'pass[pass1]' => $new_pass,
'pass[pass2]' => $new_pass,
];
- $this->drupalPostForm('user/' . $account->id() . '/edit', $edit, t('Save'));
+ $this->drupalGet('user/' . $account->id() . '/edit');
+ $this->submitForm($edit, 'Save');
// Assert the password changed.
$account = $this->reloadEntity($account);
@@ -111,7 +120,6 @@ public function testEditOwnPass() {
public function testNoEditOwnPass() {
// Create account that may NOT edit its own password.
$account = $this->drupalCreateUser(['userprotect.account.edit']);
- $expected_pass = $account->pass_raw;
$this->drupalLogin($account);
$this->drupalGet('user/' . $account->id() . '/edit');
@@ -132,7 +140,7 @@ public function testEditOwnAccount() {
// Assert the user can edit its own account.
$this->drupalGet('user/' . $account->id() . '/edit');
- $this->assertResponse(200, "The user may edit its own account.");
+ $this->assertSession()->statusCodeEquals(200);
}
/**
@@ -148,7 +156,7 @@ public function testNoEditOwnAccount() {
// Assert the user can edit its own account.
$this->drupalGet('user/' . $account->id() . '/edit');
- $this->assertResponse(403, "The user may NOT edit its own account.");
+ $this->assertSession()->statusCodeEquals(403);
}
}
diff --git a/web/modules/userprotect/tests/src/Functional/UserProtectionTest.php b/web/modules/userprotect/tests/src/Functional/UserProtectionTest.php
index 72edbfeea25a76416425b04fde1f120987ff996f..286f4fa5aa2619c19e2efeeb39558adf357164ff 100644
--- a/web/modules/userprotect/tests/src/Functional/UserProtectionTest.php
+++ b/web/modules/userprotect/tests/src/Functional/UserProtectionTest.php
@@ -20,10 +20,14 @@ class UserProtectionTest extends UserProtectBrowserTestBase {
/**
* {@inheritdoc}
*/
- protected function setUp() {
+ protected function setUp(): void {
parent::setUp();
- $this->account = $this->drupalCreateUser(['administer users', 'administer permissions']);
+ $this->account = $this->drupalCreateUser(
+ [
+ 'administer users',
+ 'administer permissions',
+ ]);
$this->drupalLogin($this->account);
}
diff --git a/web/modules/userprotect/tests/src/Kernel/Entity/ProtectionRuleUnitTest.php b/web/modules/userprotect/tests/src/Kernel/Entity/ProtectionRuleUnitTest.php
index 8a9f599b65a0cc33c457971750f4790eaad369cb..f5e7160d6f8910d23017459d538ac0dfb5bcfc17 100644
--- a/web/modules/userprotect/tests/src/Kernel/Entity/ProtectionRuleUnitTest.php
+++ b/web/modules/userprotect/tests/src/Kernel/Entity/ProtectionRuleUnitTest.php
@@ -21,7 +21,7 @@ class ProtectionRuleUnitTest extends KernelTestBase {
/**
* {@inheritdoc}
*/
- public static $modules = ['user', 'userprotect', 'field'];
+ protected static $modules = ['user', 'userprotect', 'field'];
/**
* The user protection plugin manager.
@@ -40,7 +40,7 @@ class ProtectionRuleUnitTest extends KernelTestBase {
/**
* {@inheritdoc}
*/
- protected function setUp() {
+ protected function setUp(): void {
parent::setUp();
$this->manager = UserProtect::pluginManager();
$this->protectionRule = ProtectionRule::create([
@@ -60,37 +60,37 @@ protected function setUp() {
* Tests id().
*/
public function testId() {
- $this->assertIdentical('dummy', $this->protectionRule->id());
+ $this->assertSame('dummy', $this->protectionRule->id());
}
/**
* Tests setProtectedEntityTypeId() and getProtectedEntityTypeId().
*/
public function testProtectedEntityTypeId() {
- $this->assertIdentical('user_role', $this->protectionRule->getProtectedEntityTypeId());
+ $this->assertSame('user_role', $this->protectionRule->getProtectedEntityTypeId());
$entity_type = 'user';
$this->assertInstanceOf(ProtectionRuleInterface::class, $this->protectionRule->setProtectedEntityTypeId($entity_type));
- $this->assertIdentical($entity_type, $this->protectionRule->getProtectedEntityTypeId());
+ $this->assertSame($entity_type, $this->protectionRule->getProtectedEntityTypeId());
}
/**
* Tests setProtectedEntityId() and getProtectedEntityId().
*/
public function testProtectedEntityId() {
- $this->assertIdentical('administrator', $this->protectionRule->getProtectedEntityId());
+ $this->assertSame('administrator', $this->protectionRule->getProtectedEntityId());
$entity_id = 'authenticated';
$this->assertInstanceOf(ProtectionRuleInterface::class, $this->protectionRule->setProtectedEntityId($entity_id));
- $this->assertIdentical($entity_id, $this->protectionRule->getProtectedEntityId());
+ $this->assertSame($entity_id, $this->protectionRule->getProtectedEntityId());
}
/**
* Tests setBypassRoles() and getBypassRoles().
*/
public function testBypassRoles() {
- $this->assertIdentical([], $this->protectionRule->getBypassRoles());
+ $this->assertSame([], $this->protectionRule->getBypassRoles());
$roles = ['administrator'];
$this->assertInstanceOf(ProtectionRuleInterface::class, $this->protectionRule->setBypassRoles($roles));
- $this->assertIdentical($roles, $this->protectionRule->getBypassRoles());
+ $this->assertSame($roles, $this->protectionRule->getBypassRoles());
}
/**
@@ -128,23 +128,23 @@ public function testDisableProtection() {
*/
public function testToArray() {
$array = $this->protectionRule->toArray();
- $this->assertIdentical('dummy', $array['name']);
- $this->assertIdentical('Dummy', $array['label']);
+ $this->assertSame('dummy', $array['name']);
+ $this->assertSame('Dummy', $array['label']);
$expected_protections = [
'user_mail' => [
'status' => TRUE,
],
];
- $this->assertIdentical($expected_protections, $array['protections']);
- $this->assertIdentical('user_role', $array['protectedEntityTypeId']);
- $this->assertIdentical('administrator', $array['protectedEntityId']);
+ $this->assertSame($expected_protections, $array['protections']);
+ $this->assertSame('user_role', $array['protectedEntityTypeId']);
+ $this->assertSame('administrator', $array['protectedEntityId']);
}
/**
* Tests getPermissionName().
*/
public function testGetPermissionName() {
- $this->assertIdentical('userprotect.dummy.bypass', $this->protectionRule->getPermissionName());
+ $this->assertSame('userprotect.dummy.bypass', $this->protectionRule->getPermissionName());
}
/**
diff --git a/web/modules/userprotect/tests/src/Kernel/FieldAccessTest.php b/web/modules/userprotect/tests/src/Kernel/FieldAccessTest.php
index 1e132254a78648f2f524d4acb0df8e3c67e63781..9e863d21d5d962b25a30ad7e90bfc2beb552aef9 100644
--- a/web/modules/userprotect/tests/src/Kernel/FieldAccessTest.php
+++ b/web/modules/userprotect/tests/src/Kernel/FieldAccessTest.php
@@ -19,7 +19,7 @@ class FieldAccessTest extends UserProtectKernelTestBase {
/**
* {@inheritdoc}
*/
- protected function setUp() {
+ protected function setUp(): void {
parent::setUp();
// Create an user who administer users. Explicitly set user ID to '2'
diff --git a/web/modules/userprotect/tests/src/Kernel/ProtectionRuleBypassTest.php b/web/modules/userprotect/tests/src/Kernel/ProtectionRuleBypassTest.php
index 20eacbc6d7236fd8a5764d21d1610c0afedeaa77..3e8f7feaf0eb907fb44adda6c0c95d55841fb936 100644
--- a/web/modules/userprotect/tests/src/Kernel/ProtectionRuleBypassTest.php
+++ b/web/modules/userprotect/tests/src/Kernel/ProtectionRuleBypassTest.php
@@ -20,7 +20,7 @@ class ProtectionRuleBypassTest extends UserProtectKernelTestBase {
/**
* {@inheritdoc}
*/
- protected function setUp() {
+ protected function setUp(): void {
parent::setUp();
$this->accessController = \Drupal::entityTypeManager()->getAccessControlHandler('user');
@@ -78,7 +78,11 @@ protected function doRoleProtectionBypassTest($plugin, $operation) {
$protected_account->addRole($rid);
// Create operating account.
- $account = $this->drupalCreateUser(['administer users', 'userprotect.dummy.bypass']);
+ $account = $this->drupalCreateUser(
+ [
+ 'administer users',
+ 'userprotect.dummy.bypass',
+ ]);
// Test if account has the expected access.
$this->assertTrue($this->accessController->access($protected_account, $operation, $account));
@@ -132,7 +136,11 @@ protected function doUserProtectionBypassTest($plugin, $operation) {
$protected_account = $this->createProtectedUser([$plugin]);
// Create operating account.
- $account = $this->drupalCreateUser(['administer users', 'userprotect.dummy.bypass']);
+ $account = $this->drupalCreateUser(
+ [
+ 'administer users',
+ 'userprotect.dummy.bypass',
+ ]);
// Test if account has the expected access.
$this->assertTrue($this->accessController->access($protected_account, $operation, $account));
diff --git a/web/modules/userprotect/tests/src/Kernel/UserProtectKernelTestBase.php b/web/modules/userprotect/tests/src/Kernel/UserProtectKernelTestBase.php
index b5b099fbf9ca844604b407fd58e47a2082b8343b..ca0a495f38f7a07cfdc0e7c8db2eb1a40fb6e5de 100644
--- a/web/modules/userprotect/tests/src/Kernel/UserProtectKernelTestBase.php
+++ b/web/modules/userprotect/tests/src/Kernel/UserProtectKernelTestBase.php
@@ -15,12 +15,12 @@ abstract class UserProtectKernelTestBase extends EntityKernelTestBase {
/**
* {@inheritdoc}
*/
- public static $modules = ['userprotect'];
+ protected static $modules = ['userprotect'];
/**
* {@inheritdoc}
*/
- protected function setUp() {
+ protected function setUp(): void {
parent::setUp();
$this->installSchema('user', ['users_data']);
}
diff --git a/web/modules/userprotect/tests/src/Unit/Plugin/UserProtection/UserProtectionBaseUnitTest.php b/web/modules/userprotect/tests/src/Unit/Plugin/UserProtection/UserProtectionBaseUnitTest.php
index 904fc1dac84199e58947911d6570235dc804e536..6f95d8efbda62e6d350e8e659db63bbd8b4daf0c 100644
--- a/web/modules/userprotect/tests/src/Unit/Plugin/UserProtection/UserProtectionBaseUnitTest.php
+++ b/web/modules/userprotect/tests/src/Unit/Plugin/UserProtection/UserProtectionBaseUnitTest.php
@@ -40,7 +40,7 @@ class UserProtectionBaseUnitTest extends UnitTestCase {
/**
* {@inheritdoc}
*/
- public function setUp() {
+ public function setUp(): void {
parent::setUp();
$this->moduleHandler = $this->createMock('\Drupal\Core\Extension\ModuleHandlerInterface');
@@ -52,7 +52,7 @@ public function setUp() {
$this->pluginDefinition,
$this->moduleHandler,
])
- ->setMethods(['t'])
+ ->onlyMethods(['t'])
->getMock();
$this->plugin->expects($this->any())
->method('t')
@@ -90,7 +90,7 @@ public function testGetConfiguration() {
* @covers ::defaultConfiguration
*/
public function testDefaultConfiguration() {
- $this->assertInternalType('array', $this->plugin->defaultConfiguration());
+ $this->assertIsArray($this->plugin->defaultConfiguration());
}
}
diff --git a/web/modules/userprotect/userprotect.info.yml b/web/modules/userprotect/userprotect.info.yml
index e384e9eadd9f90e4a962a33253af2fd5f86abe1f..bf495861a26d986e85cabfce52f55fdddf69ff76 100644
--- a/web/modules/userprotect/userprotect.info.yml
+++ b/web/modules/userprotect/userprotect.info.yml
@@ -2,13 +2,13 @@ name: User Protect
type: module
description: 'Allows admins to protect users from being edited or cancelled, on a per-user basis.'
core: 8.x
-core_version_requirement: ^8 || ^9
+core_version_requirement: ^8 || ^9 || ^10
configure: userprotect.rule_list
dependencies:
- drupal:system (>=8.7.0)
- drupal:user
-# Information added by Drupal.org packaging script on 2020-01-06
-version: '8.x-1.1'
+# Information added by Drupal.org packaging script on 2022-12-10
+version: '8.x-1.2'
project: 'userprotect'
-datestamp: 1578341587
+datestamp: 1670669517
diff --git a/web/modules/userprotect/userprotect.module b/web/modules/userprotect/userprotect.module
index 72d069c5d34c6f8011a8338d5da4dae18662411e..6609ce72107a0188c3225ab88ed418650e93107f 100644
--- a/web/modules/userprotect/userprotect.module
+++ b/web/modules/userprotect/userprotect.module
@@ -29,6 +29,12 @@ function userprotect_rule_load($name) {
* Implements hook_ENTITY_TYPE_access() for entity type "user".
*/
function userprotect_user_access(UserInterface $entity, $op, AccountInterface $account) {
+ // User Protect doesn't limit view access in any way, so bail out early to
+ // save time.
+ if (in_array($op, ['view', 'view label'])) {
+ return AccessResult::neutral();
+ }
+
// Check if the account has the permission "userprotect.bypass_all".
// If so, all protections rules should be ignored.
if (!$account->hasPermission('userprotect.bypass_all')) {