composer update

2019-01-24 08:00:03 +00:00 · 2019-01-24 08:00:03 +00:00 · 71dfaca858
commit 71dfaca858
parent f6abc3dce2
1753 changed files with 45274 additions and 14619 deletions
--- a/web/modules/contrib/webform/webform.module
+++ b/web/modules/contrib/webform/webform.module
@ -10,6 +10,7 @@ use Drupal\Component\Serialization\Json;
 use Drupal\Core\Access\AccessResult;
 use Drupal\Core\Asset\AttachedAssetsInterface;
 use Drupal\Core\Breadcrumb\Breadcrumb;
+use Drupal\Core\Cache\Cache;
 use Drupal\Core\Database\Query\AlterableInterface;
 use Drupal\Core\Render\Element;
 use Drupal\Core\Render\Markup;
@ -23,6 +24,7 @@ use Drupal\webform\Entity\Webform;
 use Drupal\webform\Entity\WebformSubmission;
 use Drupal\webform\Element\WebformMessage;
 use Drupal\webform\Plugin\WebformElement\ManagedFile;
+use Drupal\webform\Utility\Mail;
 use Drupal\webform\Utility\WebformArrayHelper;
 use Drupal\webform\Utility\WebformElementHelper;
 use Drupal\webform\Utility\WebformDialogHelper;
@ -149,6 +151,10 @@ function webform_local_tasks_alter(&$local_tasks) {
    $local_tasks['config_translation.local_tasks:entity.webform.config_translation_overview']['base_route'] = 'entity.webform.canonical';
  }
  if (isset($local_tasks['config_translation.local_tasks:config_translation.item.overview.webform.config'])) {
+    // Set weight to 110 so that the 'Translate' tab comes after
+    // the 'Advanced' tab.
+    // @see webform.links.task.yml
+    $local_tasks['config_translation.local_tasks:config_translation.item.overview.webform.config']['weight'] = 110;
    $local_tasks['config_translation.local_tasks:config_translation.item.overview.webform.config']['parent_id'] = 'webform.config';
  }

@ -163,10 +169,18 @@ function webform_local_tasks_alter(&$local_tasks) {
 * Implements hook_menu_local_tasks_alter().
 */
 function webform_menu_local_tasks_alter(&$data, $route_name) {
-  // Change 'Translate *' tab to be just label 'Translate'.
-  if (isset($data['tabs'][0]['config_translation.local_tasks:entity.webform.config_translation_overview']['#link']['title'])) {
-    $data['tabs'][0]['config_translation.local_tasks:entity.webform.config_translation_overview']['#link']['title'] = t('Translate');
+  // Change config entities 'Translate *' tab to be just label 'Translate'.
+  $webform_entities = [
+    'webform',
+    'webform_options',
+  ];
+  foreach ($webform_entities as $webform_entity) {
+    if (isset($data['tabs'][0]["config_translation.local_tasks:entity.$webform_entity.config_translation_overview"]['#link']['title'])) {
+      $data['tabs'][0]["config_translation.local_tasks:entity.$webform_entity.config_translation_overview"]['#link']['title'] = t('Translate');
+    }
  }
+
+  // Change simple config 'Translate *' tab to be just label 'Translate'.
  if (isset($data['tabs'][1]['config_translation.local_tasks:config_translation.item.overview.webform.config'])) {
    $data['tabs'][1]['config_translation.local_tasks:config_translation.item.overview.webform.config']['#link']['title'] = t('Translate');
  }
@ -384,10 +398,19 @@ function webform_token_info_alter(&$data) {
  }
 }

+/**
+ * Implements hook_entity_presave().
+ */
+function webform_entity_presave(EntityInterface $entity) {
+  _webform_clear_webform_submission_list_cache_tag($entity);
+}
+
 /**
 * Implements hook_entity_delete().
 */
 function webform_entity_delete(EntityInterface $entity) {
+  _webform_clear_webform_submission_list_cache_tag($entity);
+
  /** @var \Drupal\webform\WebformEntityReferenceManagerInterface $entity_reference_manager */
  $entity_reference_manager = \Drupal::service('webform.entity_reference_manager');

@ -399,6 +422,27 @@ function webform_entity_delete(EntityInterface $entity) {
  }
 }

+/**
+ * Invalidate 'webform_submission_list' cache tag when user or role is updated.
+ *
+ * Once the below issue is resolved we should rework this approach.
+ *
+ * Issue #2811041: Allow views base tables to define additional
+ * cache tags and max age.
+ * https://www.drupal.org/project/drupal/issues/2811041
+ *
+ * @param \Drupal\Core\Entity\EntityInterface $entity
+ *   An entity.
+ *
+ * @see \Drupal\webform\Entity\WebformSubmission
+ * @see webform_query_webform_submission_access_alter()
+ */
+function _webform_clear_webform_submission_list_cache_tag(EntityInterface $entity) {
+  if (in_array($entity->getEntityTypeId(), ['user', 'user_role'])) {
+    Cache::invalidateTags(['webform_submission_list']);
+  }
+}
+
 /**
 * Implements hook_mail().
 */
@ -426,11 +470,11 @@ function webform_mail($key, &$message, $params) {
  $message['body'][] = $params['body'];

  // Set the header 'From'.
-  // Usingthe 'from_mail' so that the webform's email from value is used
+  // Using the 'from_mail' so that the webform's email from value is used
  // instead of site's email address.
  // @see: \Drupal\Core\Mail\MailManager::mail.
  if (!empty($params['from_mail'])) {
-    $message['from'] = $message['headers']['From'] = (!empty($params['from_name'])) ? Unicode::mimeHeaderEncode($params['from_name'], TRUE) . ' <' . $params['from_mail'] . '>' : $params['from_mail'];
+    $message['from'] = $message['headers']['From'] = (!empty($params['from_name'])) ? Mail::formatDisplayName($params['from_name']) . ' <' . $params['from_mail'] . '>' : $params['from_mail'];
  }

  // Set header 'Cc'.
@ -463,7 +507,7 @@ function webform_mail($key, &$message, $params) {
  $sender_mail = $params['sender_mail'] ?: '';
  $sender_name = $params['sender_name'] ?: $params['from_name'] ?: '';
  if ($sender_mail) {
-    $message['headers']['Sender'] = ($sender_name) ? Unicode::mimeHeaderEncode($sender_name, TRUE) . ' <' . $sender_mail . '>' : $sender_mail;
+    $message['headers']['Sender'] = ($sender_name) ? Mail::formatDisplayName($sender_name) . ' <' . $sender_mail . '>' : $sender_mail;
  }
 }

@ -557,6 +601,9 @@ function _webform_page_attachments(array &$attachments) {
    $attachments['#attached']['library'][] = 'webform/webform.element.details.save';
  }

+  // Add 'info' message style to all webform pages.
+  $attachments['#attached']['library'][] = 'webform/webform.element.message';
+
  // Assets: Add custom shared and webform specific CSS and JS.
  // @see webform_library_info_build()
  /** @var \Drupal\webform\WebformRequestInterface $request_handler */
@ -907,21 +954,21 @@ function _webform_entity_element_validate_rendering_exception_handler($exception
  throw $exception;
 }

+/******************************************************************************/
+// Query alter functions.
+/******************************************************************************/
+
 /**
- * Implements hook_query_alter().
+ * Implements hook_query_TAG_alter().
 *
 * Append EAV sort to webform_submission entity query.
 *
 * @see http://stackoverflow.com/questions/12893314/sorting-eav-database
 * @see \Drupal\webform\WebformSubmissionListBuilder::getEntityIds
 */
-function webform_query_alter(AlterableInterface $query) {
+function webform_query_webform_submission_list_builder_alter(AlterableInterface $query) {
  /** @var \Drupal\Core\Database\Query\SelectInterface $query */
  $name = $query->getMetaData('webform_submission_element_name');
-  if (!$name) {
-    return;
-  }
-
  $direction = $query->getMetaData('webform_submission_element_direction');
  $property_name = $query->getMetaData('webform_submission_element_property_name');

@ -934,3 +981,138 @@ function webform_query_alter(AlterableInterface $query) {
  }
  $query->orderBy('value', $direction);
 }
+
+/**
+ * Implements hook_query_TAG_alter().
+ */
+function webform_query_entity_reference_alter(AlterableInterface $query) {
+  /** @var \Drupal\Core\Entity\Plugin\EntityReferenceSelection\DefaultSelection $handler */
+  $handler = $query->getMetaData('entity_reference_selection_handler');
+
+  // Get webform settings used to limit and randomize results.
+  // @see \Drupal\webform\Plugin\WebformElement\WebformEntityReferenceTrait::getTestValues
+  // @see \Drupal\webform\Plugin\WebformElement\WebformEntityReferenceTrait::setOptions
+  // @see \Drupal\webform\Element\WebformEntityTrait::setOptions
+  $configuration = $handler->getConfiguration() + ['_webform_settings' => []];
+  $settings = $configuration['_webform_settings'];
+  if (!empty($settings['random'])) {
+    $query->orderRandom();
+  }
+  if (!empty($settings['limit'])) {
+    $query->range(0, $settings['limit']);
+  }
+}
+
+/**
+ * Implements hook_query_TAG_alter().
+ *
+ * This hook implementation adds webform submission access checks for the
+ * account stored in the 'account' meta-data (or current user if not provided),
+ * for an operation stored in the 'op' meta-data (or 'view' if not provided).
+ */
+function webform_query_webform_submission_access_alter(AlterableInterface $query) {
+  /** @var \Drupal\Core\Database\Query\SelectInterface $query */
+  $op = $query->getMetaData('op') ?: 'view';
+  $account = $query->getMetaData('account') ?: \Drupal::currentUser();
+
+  $entity_type = \Drupal::entityTypeManager()->getDefinition('webform_submission');
+
+  // Get webform submission tables which are used to build the alter query.
+  $webform_submission_tables = [];
+  foreach ($query->getTables() as $table) {
+    if (is_string($table['table']) && $table['table'] === $entity_type->getBaseTable()) {
+      $webform_submission_tables[] = [
+        'alias' => $table['alias'],
+        'condition' => $query->orConditionGroup(),
+      ];
+    }
+  }
+
+  // If there are no webform submission tables then nothing needs to be altered.
+  if (empty($webform_submission_tables)) {
+    return;
+  }
+
+  // If the user has administer access then exit.
+  if ($account->hasPermission('administer webform submission')
+    || $account->hasPermission('administer webform')) {
+    return;
+  }
+
+  // Apply operation specific any and own permissions.
+  if (in_array($op, ['view', 'edit', 'delete'])) {
+    $permission_any = "$op any webform submission";
+    $permission_own = "$op own webform submission";
+
+    // If the user has any permission the query does not have to be altered.
+    if ($account->hasPermission($permission_any)) {
+      return;
+    }
+
+    // If the user has own permission, then add the account id to all
+    // webform submission tables conditions.
+    if ($account->hasPermission($permission_own)) {
+      foreach ($webform_submission_tables as $table) {
+        $table['condition']->condition($table['alias'] . '.uid', $account->id());
+      }
+    }
+  }
+
+  // Alter query based on access rules.
+  /** @var \Drupal\webform\WebformAccessRulesManagerInterface $access_rules_manager */
+  $access_rules_manager = \Drupal::service('webform.access_rules_manager');
+
+  // Get cached webform access rules and cache tags so that we don't have
+  // to continually load every webform.
+  $cached = \Drupal::cache()->get('webform_submission_access__webform_access_rules');
+  if ($cached) {
+    $webform_access_rules = $cached->data;
+  }
+  else {
+    /** @var \Drupal\webform\WebformInterface[] $webforms */
+    $webforms = Webform::loadMultiple();
+    $webform_access_rules = [];
+    foreach ($webforms as $webform_id => $webform) {
+      $webform_access_rules[$webform_id] = $access_rules_manager->getAccessRules($webform) ?: [];
+    }
+    \Drupal::cache()->set(
+      'webform_submission_access__webform_access_rules',
+      $webform_access_rules,
+      Cache::PERMANENT,
+      ['config:webform_list']
+    );
+  }
+
+  foreach ($webform_access_rules as $webform_id => $access_rules) {
+    // Check basic and any access rules and add webform id to all
+    // webform submission tables conditions.
+    if ($access_rules_manager->checkAccessRules($op, $account, $access_rules)
+      || $access_rules_manager->checkAccessRules($op . '_any', $account, $access_rules)) {
+      foreach ($webform_submission_tables as $table) {
+        $table['condition']->condition($table['alias'] . '.webform_id', $webform_id);
+      }
+    }
+    // If the user has own access rules, then add the account id to all
+    // webform submission tables conditions.
+    elseif ($access_rules_manager->checkAccessRules($op . '_own', $account, $access_rules)) {
+      foreach ($webform_submission_tables as $table) {
+        /** @var \Drupal\Core\Database\Query\SelectInterface $query */
+        $condition = $query->andConditionGroup();
+        $condition->condition($table['alias'] . '.uid', $account->id());
+        $condition->condition($table['alias'] . '.webform_id', $webform_id);
+        $table['condition']->condition($condition);
+      }
+    }
+  }
+
+  // Apply webform submission table conditions to query.
+  foreach ($webform_submission_tables as $table) {
+    // If a webform submission table does not have any conditions,
+    // we have to block access to the table.
+    if (count($table['condition']->conditions()) === 1) {
+      $table['condition']->where('1 = 0');
+    }
+
+    $query->condition($table['condition']);
+  }
+}