Code Coverage for /Users/ericduran/Sites/drupal/drupal/core/lib/Drupal/Core/Menu/DefaultMenuLinkTreeManipulators.php

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	71.43% covered (warning)	71.43%	5 / 7	CRAP	91.38% covered (success)	91.38%	53 / 58
DefaultMenuLinkTreeManipulators	0.00% covered (danger)	0.00%	0 / 1	71.43% covered (warning)	71.43%	5 / 7	24.37	91.38% covered (success)	91.38%	53 / 58
__construct				0.00% covered (danger)	0.00%	0 / 1	2	0.00% covered (danger)	0.00%	0 / 4
checkAccess				100.00% covered (success)	100.00%	1 / 1	5	100.00% covered (success)	100.00%	9 / 9
checkNodeAccess				0.00% covered (danger)	0.00%	0 / 1	5.01	93.75% covered (success)	93.75%	15 / 16
collectNodeLinks				100.00% covered (success)	100.00%	1 / 1	4	100.00% covered (success)	100.00%	8 / 8
menuLinkCheckAccess				100.00% covered (success)	100.00%	1 / 1	3	100.00% covered (success)	100.00%	8 / 8
generateIndexAndSort				100.00% covered (success)	100.00%	1 / 1	3	100.00% covered (success)	100.00%	8 / 8
flatten				100.00% covered (success)	100.00%	1 / 1	3	100.00% covered (success)	100.00%	5 / 5

1	<?php
2
3	/**
4	* @file
5	* Contains \Drupal\Core\Menu\DefaultMenuLinkTreeManipulators.
6	*/
7
8	namespace Drupal\Core\Menu;
9
10	use Drupal\Core\Access\AccessManagerInterface;
11	use Drupal\Core\Access\AccessResult;
12	use Drupal\Core\Entity\Query\QueryFactory;
13	use Drupal\Core\Session\AccountInterface;
14
15	/**
16	* Provides a couple of menu link tree manipulators.
17	*
18	* This class provides menu link tree manipulators to:
19	* - perform render cached menu-optimized access checking
20	* - optimized node access checking
21	* - generate a unique index for the elements in a tree and sorting by it
22	* - flatten a tree (i.e. a 1-dimensional tree)
23	*/
24	class DefaultMenuLinkTreeManipulators {
25
26	/**
27	* The access manager.
28	*
29	* @var \Drupal\Core\Access\AccessManagerInterface
30	*/
31	protected $accessManager;
32
33	/**
34	* The current user.
35	*
36	* @var \Drupal\Core\Session\AccountInterface
37	*/
38	protected $account;
39
40	/**
41	* The entity query factory.
42	*
43	* @var \Drupal\Core\Entity\Query\QueryFactory
44	*/
45	protected $queryFactory;
46
47	/**
48	* Constructs a \Drupal\Core\Menu\DefaultMenuLinkTreeManipulators object.
49	*
50	* @param \Drupal\Core\Access\AccessManagerInterface $access_manager
51	* The access manager.
52	* @param \Drupal\Core\Session\AccountInterface $account
53	* The current user.
54	* @param \Drupal\Core\Entity\Query\QueryFactory $query_factory
55	* The entity query factory.
56	*/
57	public function __construct(AccessManagerInterface $access_manager, AccountInterface $account, QueryFactory $query_factory) {
58	$this->accessManager = $access_manager;
59	$this->account = $account;
60	$this->queryFactory = $query_factory;
61	}
62
63	/**
64	* Performs access checks of a menu tree.
65	*
66	* Sets the 'access' property to AccessResultInterface objects on menu link
67	* tree elements. Descends into subtrees if the root of the subtree is
68	* accessible. Inaccessible subtrees are deleted, except the top-level
69	* inaccessible link, to be compatible with render caching.
70	*
71	* (This means that top-level inaccessible links are not removed; it is up
72	* to the code doing something with the tree to exclude inaccessible links,
73	* just like MenuLinkTree::build() does. This allows those things to specify
74	* the necessary cacheability metadata.)
75	*
76	* This is compatible with render caching, because of cache context bubbling:
77	* conditionally defined cache contexts (i.e. subtrees that are only
78	* accessible to some users) will bubble just like they do for render arrays.
79	* This is why inaccessible subtrees are deleted, except at the top-level
80	* inaccessible link: if we didn't keep the first (depth-wise) inaccessible
81	* link, we wouldn't be able to know which cache contexts would cause those
82	* subtrees to become accessible again, thus forcing us to conclude that that
83	* subtree is unconditionally inaccessible.
84	*
85	* @param \Drupal\Core\Menu\MenuLinkTreeElement[] $tree
86	* The menu link tree to manipulate.
87	*
88	* @return \Drupal\Core\Menu\MenuLinkTreeElement[]
89	* The manipulated menu link tree.
90	*/
91	public function checkAccess(array $tree) {
92	foreach ($tree as $key => $element) {
93	// Other menu tree manipulators may already have calculated access, do not
94	// overwrite the existing value in that case.
95	if (!isset($element->access)) {
96	$tree[$key]->access = $this->menuLinkCheckAccess($element->link);
97	}
98	if ($tree[$key]->access->isAllowed()) {
99	if ($tree[$key]->subtree) {
100	$tree[$key]->subtree = $this->checkAccess($tree[$key]->subtree);
101	}
102	}
103	else {
104	// Replace the link with an InaccessibleMenuLink object, so that if it
105	// is accidentally rendered, no sensitive information is divulged.
106	$tree[$key]->link = new InaccessibleMenuLink($tree[$key]->link);
107	// Always keep top-level inaccessible links: their cacheability metadata
108	// that indicates why they're not accessible by the current user must be
109	// bubbled. Otherwise, those subtrees will not be varied by any cache
110	// contexts at all, therefore forcing them to remain empty for all users
111	// unless some other part of the menu link tree accidentally varies by
112	// the same cache contexts.
113	// For deeper levels, we can remove the subtrees and therefore also
114	// not perform access checking on the subtree, thanks to bubbling/cache
115	// redirects. This therefore allows us to still do significantly less
116	// work in case of inaccessible subtrees, which is the entire reason why
117	// this deletes subtrees in the first place.
118	$tree[$key]->subtree = [];
119	}
120	}
121	return $tree;
122	}
123
124	/**
125	* Performs access checking for nodes in an optimized way.
126	*
127	* This manipulator should be added before the generic ::checkAccess() one,
128	* because it provides a performance optimization for ::checkAccess().
129	*
130	* @param \Drupal\Core\Menu\MenuLinkTreeElement[] $tree
131	* The menu link tree to manipulate.
132	*
133	* @return \Drupal\Core\Menu\MenuLinkTreeElement[]
134	* The manipulated menu link tree.
135	*/
136	public function checkNodeAccess(array $tree) {
137	$node_links = array();
138	$this->collectNodeLinks($tree, $node_links);
139	if ($node_links) {
140	$nids = array_keys($node_links);
141
142	$query = $this->queryFactory->get('node');
143	$query->condition('nid', $nids, 'IN');
144
145	// Allows admins to view all nodes, by both disabling node_access
146	// query rewrite as well as not checking for the node status. The
147	// 'view own unpublished nodes' permission is ignored to not require cache
148	// entries per user.
149	$access_result = AccessResult::allowed()->cachePerPermissions();
150	if ($this->account->hasPermission('bypass node access')) {
151	$query->accessCheck(FALSE);
152	}
153	else {
154	$access_result->addCacheContexts(['user.node_grants:view']);
155	$query->condition('status', NODE_PUBLISHED);
156	}
157
158	$nids = $query->execute();
159	foreach ($nids as $nid) {
160	foreach ($node_links[$nid] as $key => $link) {
161	$node_links[$nid][$key]->access = $access_result;
162	}
163	}
164	}
165
166	return $tree;
167	}
168
169	/**
170	* Collects the node links in the menu tree.
171	*
172	* @param \Drupal\Core\Menu\MenuLinkTreeElement[] $tree
173	* The menu link tree to manipulate.
174	* @param array $node_links
175	* Stores references to menu link elements to effectively set access.
176	*
177	* @return \Drupal\Core\Menu\MenuLinkTreeElement[]
178	* The manipulated menu link tree.
179	*/
180	protected function collectNodeLinks(array &$tree, array &$node_links) {
181	foreach ($tree as $key => &$element) {
182	if ($element->link->getRouteName() == 'entity.node.canonical') {
183	$nid = $element->link->getRouteParameters()['node'];
184	$node_links[$nid][$key] = $element;
185	// Deny access by default. checkNodeAccess() will re-add it.
186	$element->access = AccessResult::neutral();
187	}
188	if ($element->hasChildren) {
189	$this->collectNodeLinks($element->subtree, $node_links);
190	}
191	}
192	}
193
194	/**
195	* Checks access for one menu link instance.
196	*
197	* @param \Drupal\Core\Menu\MenuLinkInterface $instance
198	* The menu link instance.
199	*
200	* @return \Drupal\Core\Access\AccessResultInterface
201	* The access result.
202	*/
203	protected function menuLinkCheckAccess(MenuLinkInterface $instance) {
204	$access_result = NULL;
205	if ($this->account->hasPermission('link to any page')) {
206	$access_result = AccessResult::allowed();
207	}
208	else {
209	$url = $instance->getUrlObject();
210
211	// When no route name is specified, this must be an external link.
212	if (!$url->isRouted()) {
213	$access_result = AccessResult::allowed();
214	}
215	else {
216	$access_result = $this->accessManager->checkNamedRoute($url->getRouteName(), $url->getRouteParameters(), $this->account, TRUE);
217	}
218	}
219	return $access_result->cachePerPermissions();
220	}
221
222	/**
223	* Generates a unique index and sorts by it.
224	*
225	* @param \Drupal\Core\Menu\MenuLinkTreeElement[] $tree
226	* The menu link tree to manipulate.
227	*
228	* @return \Drupal\Core\Menu\MenuLinkTreeElement[]
229	* The manipulated menu link tree.
230	*/
231	public function generateIndexAndSort(array $tree) {
232	$new_tree = array();
233	foreach ($tree as $key => $v) {
234	if ($tree[$key]->subtree) {
235	$tree[$key]->subtree = $this->generateIndexAndSort($tree[$key]->subtree);
236	}
237	$instance = $tree[$key]->link;
238	// The weights are made a uniform 5 digits by adding 50000 as an offset.
239	// After $this->menuLinkCheckAccess(), $instance->getTitle() has the
240	// localized or translated title. Adding the plugin id to the end of the
241	// index insures that it is unique.
242	$new_tree[(50000 + $instance->getWeight()) . ' ' . $instance->getTitle() . ' ' . $instance->getPluginId()] = $tree[$key];
243	}
244	ksort($new_tree);
245	return $new_tree;
246	}
247
248	/**
249	* Flattens the tree to a single level.
250	*
251	* @param \Drupal\Core\Menu\MenuLinkTreeElement[] $tree
252	* The menu link tree to manipulate.
253	*
254	* @return \Drupal\Core\Menu\MenuLinkTreeElement[]
255	* The manipulated menu link tree.
256	*/
257	public function flatten(array $tree) {
258	foreach ($tree as $key => $element) {
259	if ($tree[$key]->subtree) {
260	$tree += $this->flatten($tree[$key]->subtree);
261	}
262	$tree[$key]->subtree = array();
263	}
264	return $tree;
265	}
266
267	}