Example #1
0
 /**
  * {@inheritdoc}
  */
 public function prepareForm($form_id, &$form, FormStateInterface &$form_state)
 {
     $user = $this->currentUser();
     $form['#type'] = 'form';
     // Only update the action if it is not already set.
     if (!isset($form['#action'])) {
         // Instead of setting an actual action URL, we set the placeholder, which
         // will be replaced at the very last moment. This ensures forms with
         // dynamically generated action URLs don't have poor cacheability.
         // Use the proper API to generate the placeholder, when we have one. See
         // https://www.drupal.org/node/2562341.
         $placeholder = 'form_action_' . hash('crc32b', __METHOD__);
         $form['#attached']['placeholders'][$placeholder] = ['#lazy_builder' => ['form_builder:renderPlaceholderFormAction', []]];
         $form['#action'] = $placeholder;
     }
     // Fix the form method, if it is 'get' in $form_state, but not in $form.
     if ($form_state->isMethodType('get') && !isset($form['#method'])) {
         $form['#method'] = 'get';
     }
     // GET forms should not use a CSRF token.
     if (isset($form['#method']) && $form['#method'] === 'get') {
         // Merges in a default, this means if you've explicitly set #token to the
         // the $form_id on a GET form, which we don't recommend, it will work.
         $form += ['#token' => FALSE];
     }
     // Generate a new #build_id for this form, if none has been set already.
     // The form_build_id is used as key to cache a particular build of the form.
     // For multi-step forms, this allows the user to go back to an earlier
     // build, make changes, and re-submit.
     // @see self::buildForm()
     // @see self::rebuildForm()
     if (!isset($form['#build_id'])) {
         $form['#build_id'] = 'form-' . Crypt::randomBytesBase64();
     }
     $form['form_build_id'] = array('#type' => 'hidden', '#value' => $form['#build_id'], '#id' => $form['#build_id'], '#name' => 'form_build_id', '#parents' => array('form_build_id'));
     // Add a token, based on either #token or form_id, to any form displayed to
     // authenticated users. This ensures that any submitted form was actually
     // requested previously by the user and protects against cross site request
     // forgeries.
     // This does not apply to programmatically submitted forms. Furthermore,
     // since tokens are session-bound and forms displayed to anonymous users are
     // very likely cached, we cannot assign a token for them.
     // During installation, there is no $user yet.
     // Form constructors may explicitly set #token to FALSE when cross site
     // request forgery is irrelevant to the form, such as search forms.
     if ($form_state->isProgrammed() || isset($form['#token']) && $form['#token'] === FALSE) {
         unset($form['#token']);
     } else {
         $form['#cache']['contexts'][] = 'user.roles:authenticated';
         if ($user && $user->isAuthenticated()) {
             // Generate a public token based on the form id.
             $form['#token'] = $form_id;
             $form['form_token'] = array('#id' => Html::getUniqueId('edit-' . $form_id . '-form-token'), '#type' => 'token', '#default_value' => $this->csrfToken->get($form['#token']), '#parents' => array('form_token'), '#cache' => ['max-age' => 0]);
         }
     }
     if (isset($form_id)) {
         $form['form_id'] = array('#type' => 'hidden', '#value' => $form_id, '#id' => Html::getUniqueId("edit-{$form_id}"), '#parents' => array('form_id'));
     }
     if (!isset($form['#id'])) {
         $form['#id'] = Html::getUniqueId($form_id);
         // Provide a selector usable by JavaScript. As the ID is unique, its not
         // possible to rely on it in JavaScript.
         $form['#attributes']['data-drupal-selector'] = Html::getId($form_id);
     }
     $form += $this->elementInfo->getInfo('form');
     $form += array('#tree' => FALSE, '#parents' => array());
     $form['#validate'][] = '::validateForm';
     $form['#submit'][] = '::submitForm';
     $build_info = $form_state->getBuildInfo();
     // If no #theme has been set, automatically apply theme suggestions.
     // The form theme hook itself, which is rendered by form.html.twig,
     // is in #theme_wrappers. Therefore, the #theme function only has to care
     // for rendering the inner form elements, not the form itself.
     if (!isset($form['#theme'])) {
         $form['#theme'] = array($form_id);
         if (isset($build_info['base_form_id'])) {
             $form['#theme'][] = $build_info['base_form_id'];
         }
     }
     // Invoke hook_form_alter(), hook_form_BASE_FORM_ID_alter(), and
     // hook_form_FORM_ID_alter() implementations.
     $hooks = array('form');
     if (isset($build_info['base_form_id'])) {
         $hooks[] = 'form_' . $build_info['base_form_id'];
     }
     $hooks[] = 'form_' . $form_id;
     $this->moduleHandler->alter($hooks, $form, $form_state, $form_id);
     $this->themeManager->alter($hooks, $form, $form_state, $form_id);
 }
Example #2
0
 /**
  * {@inheritdoc}
  */
 public function isMethodType($method_type)
 {
     return $this->mainFormState->isMethodType($method_type);
 }
 /**
  * {@inheritdoc}
  */
 public function isMethodType($method_type)
 {
     return $this->decoratedFormState->isMethodType($method_type);
 }
Example #4
0
 /**
  * {@inheritdoc}
  */
 public function prepareForm($form_id, &$form, FormStateInterface &$form_state)
 {
     $user = $this->currentUser();
     $form['#type'] = 'form';
     // Only update the action if it is not already set.
     if (!isset($form['#action'])) {
         $form['#action'] = $this->buildFormAction();
     }
     // Fix the form method, if it is 'get' in $form_state, but not in $form.
     if ($form_state->isMethodType('get') && !isset($form['#method'])) {
         $form['#method'] = 'get';
     }
     // Generate a new #build_id for this form, if none has been set already.
     // The form_build_id is used as key to cache a particular build of the form.
     // For multi-step forms, this allows the user to go back to an earlier
     // build, make changes, and re-submit.
     // @see self::buildForm()
     // @see self::rebuildForm()
     if (!isset($form['#build_id'])) {
         $form['#build_id'] = 'form-' . Crypt::randomBytesBase64();
     }
     $form['form_build_id'] = array('#type' => 'hidden', '#value' => $form['#build_id'], '#id' => $form['#build_id'], '#name' => 'form_build_id', '#parents' => array('form_build_id'));
     // Add a token, based on either #token or form_id, to any form displayed to
     // authenticated users. This ensures that any submitted form was actually
     // requested previously by the user and protects against cross site request
     // forgeries.
     // This does not apply to programmatically submitted forms. Furthermore,
     // since tokens are session-bound and forms displayed to anonymous users are
     // very likely cached, we cannot assign a token for them.
     // During installation, there is no $user yet.
     if ($user && $user->isAuthenticated() && !$form_state->isProgrammed()) {
         // Form constructors may explicitly set #token to FALSE when cross site
         // request forgery is irrelevant to the form, such as search forms.
         if (isset($form['#token']) && $form['#token'] === FALSE) {
             unset($form['#token']);
         } else {
             $form['#token'] = $form_id;
             $form['form_token'] = array('#id' => Html::getUniqueId('edit-' . $form_id . '-form-token'), '#type' => 'token', '#default_value' => $this->csrfToken->get($form['#token']), '#parents' => array('form_token'));
         }
     }
     if (isset($form_id)) {
         $form['form_id'] = array('#type' => 'hidden', '#value' => $form_id, '#id' => Html::getUniqueId("edit-{$form_id}"), '#parents' => array('form_id'));
     }
     if (!isset($form['#id'])) {
         $form['#id'] = Html::getUniqueId($form_id);
         // Provide a selector usable by JavaScript. As the ID is unique, its not
         // possible to rely on it in JavaScript.
         $form['#attributes']['data-drupal-selector'] = Html::getId($form_id);
     }
     $form += $this->elementInfo->getInfo('form');
     $form += array('#tree' => FALSE, '#parents' => array());
     $form['#validate'][] = '::validateForm';
     $form['#submit'][] = '::submitForm';
     $build_info = $form_state->getBuildInfo();
     // If no #theme has been set, automatically apply theme suggestions.
     // The form theme hook itself, which is rendered by form.html.twig,
     // is in #theme_wrappers. Therefore, the #theme function only has to care
     // for rendering the inner form elements, not the form itself.
     if (!isset($form['#theme'])) {
         $form['#theme'] = array($form_id);
         if (isset($build_info['base_form_id'])) {
             $form['#theme'][] = $build_info['base_form_id'];
         }
     }
     // Invoke hook_form_alter(), hook_form_BASE_FORM_ID_alter(), and
     // hook_form_FORM_ID_alter() implementations.
     $hooks = array('form');
     if (isset($build_info['base_form_id'])) {
         $hooks[] = 'form_' . $build_info['base_form_id'];
     }
     $hooks[] = 'form_' . $form_id;
     $this->moduleHandler->alter($hooks, $form, $form_state, $form_id);
     $this->themeManager->alter($hooks, $form, $form_state, $form_id);
 }
 /**
  * @covers ::isMethodType
  *
  * @dataProvider providerIsMethodType
  *
  * @param bool $expected_return_value
  * @param string $method_type
  *   Either "GET" or "POST".
  */
 public function testIsMethodType($expected_return_value, $method_type)
 {
     $this->decoratedFormState->isMethodType($method_type)->willReturn($expected_return_value)->shouldBecalled();
     $this->assertSame($expected_return_value, $this->formStateDecoratorBase->isMethodType($method_type));
 }