/**
* Access callback for json() callback.
*/
public function access()
{
$request = \Drupal::request();
$nonce = $request->get('nonce', FALSE);
$connector_config = $this->config('acquia_connector.settings');
// If we don't have all the query params, leave now.
if (!$nonce) {
return AccessResultForbidden::forbidden();
}
$sub_data = $connector_config->get('subscription_data');
$sub_uuid = $this->getIdFromSub($sub_data);
if (!empty($sub_uuid)) {
$expected_hash = hash('sha1', "{$sub_uuid}:{$nonce}");
// If the generated hash matches the hash from $_GET['key'], we're good.
if ($request->get('key', FALSE) === $expected_hash) {
return AccessResultAllowed::allowed();
}
}
// Log the request if validation failed and debug is enabled.
if ($connector_config->get('debug')) {
$info = array('sub_data' => $sub_data, 'sub_uuid_from_data' => $sub_uuid, 'expected_hash' => $expected_hash, 'get' => $request->query->all(), 'server' => $request->server->all(), 'request' => $request->request->all());
\Drupal::logger('acquia_agent')->notice('Site status request: @data', array('@data' => var_export($info, TRUE)));
}
return AccessResultForbidden::forbidden();
}
/**
* Access callback for sendModuleData() callback.
*/
public function access()
{
$request = \Drupal::request();
$data = json_decode($request->getContent(), TRUE);
// We only do this if we are on SSL
$via_ssl = $request->isSecure();
if ($this->config('acquia_connector.settings')->get('spi.ssl_override')) {
$via_ssl = TRUE;
}
if ($this->config('acquia_connector.settings')->get('spi.module_diff_data') && $via_ssl) {
if (Subscription::hasCredentials() && isset($data['body']['file']) && $this->isValidRequest($data, $data['body']['file'])) {
return AccessResultAllowed::allowed();
}
// Log the request if validation failed and debug is enabled.
if ($this->config('acquia_connector.settings')->get('debug')) {
$info = array('data' => $data, 'get' => $request->query->all(), 'server' => $request->server->all(), 'request' => $request->request->all());
\Drupal::logger('acquia module data')->notice('Site Module Data request: @data', array('@data' => var_export($info, TRUE)));
}
}
return AccessResultForbidden::forbidden();
}
/**
* @return bool
*/
public function access()
{
return AccessResultAllowed::allowed();
}
/**
* {@inheritdoc}
*/
public function access(AccountInterface $account, $return_as_object = FALSE)
{
return AccessResultAllowed::allowedIfHasPermission($account, 'access alexandrie library');
}
/**
* Checks if the user is user 1 and grants access if so.
*
* @param \Drupal\Core\Session\AccountInterface $account
* The current user account.
*
* @return \Drupal\Core\Access\AccessResult
* The access result.
*/
public function checkAccess(AccountInterface $account)
{
// The access result is uncacheable because it is just limiting access to
// the migrate UI which is not worth caching.
return AccessResultAllowed::allowedIf((int) $account->id() === 1)->mergeCacheMaxAge(0);
}
/**
* Access callback check for SPI send independent call.
*/
public function sendAccess()
{
$request = \Drupal::request();
$acquia_key = $this->config('acquia_connector.settings')->get('key');
if (!empty($acquia_key) && $request->get('key')) {
$key = sha1(\Drupal::service('private_key')->get());
if ($key === $request->get('key')) {
return AccessResultAllowed::allowed();
}
}
return AccessResultForbidden::forbidden();
}