/**
  * Authenticates user on request.
  *
  * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
  *   The request event.
  *
  * @see \Drupal\Core\Authentication\AuthenticationProviderInterface::authenticate()
  */
 public function onKernelRequestAuthenticate(GetResponseEvent $event)
 {
     if ($event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
         $request = $event->getRequest();
         if ($this->authenticationProvider->applies($request)) {
             $account = $this->authenticationProvider->authenticate($request);
             if ($account) {
                 $this->accountProxy->setAccount($account);
             }
         }
     }
 }
Ejemplo n.º 2
0
 /**
  * Authenticates user on request.
  *
  * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
  *   The request event.
  *
  * @see \Drupal\Core\Authentication\AuthenticationProviderInterface::authenticate()
  */
 public function onKernelRequestAuthenticate(GetResponseEvent $event)
 {
     if ($event->getRequestType() === HttpKernelInterface::MASTER_REQUEST) {
         $request = $event->getRequest();
         if ($this->authenticationProvider->applies($request)) {
             $account = $this->authenticationProvider->authenticate($request);
             if ($account) {
                 $this->accountProxy->setAccount($account);
                 return;
             }
         }
         // No account has been set explicitly, initialize the timezone here.
         date_default_timezone_set(drupal_get_user_timezone());
     }
 }
Ejemplo n.º 3
0
 /**
  * {@inheritdoc}
  */
 public function run()
 {
     // Allow execution to continue even if the request gets cancelled.
     @ignore_user_abort(TRUE);
     // Prevent session information from being saved while cron is running.
     $original_session_saving = $this->sessionManager->isEnabled();
     $this->sessionManager->disable();
     // Force the current user to anonymous to ensure consistent permissions on
     // cron runs.
     $original_user = $this->currentUser->getAccount();
     $this->currentUser->setAccount(new AnonymousUserSession());
     // Try to allocate enough time to run all the hook_cron implementations.
     drupal_set_time_limit(240);
     $return = FALSE;
     // Try to acquire cron lock.
     if (!$this->lock->acquire('cron', 900.0)) {
         // Cron is still running normally.
         $this->logger->warning('Attempting to re-run cron while it is already running.');
     } else {
         $this->invokeCronHandlers();
         $this->setCronLastTime();
         // Release cron lock.
         $this->lock->release('cron');
         // Return TRUE so other functions can check if it did run successfully
         $return = TRUE;
     }
     // Process cron queues.
     $this->processQueues();
     // Restore the user.
     $this->currentUser->setAccount($original_user);
     if ($original_session_saving) {
         $this->sessionManager->enable();
     }
     return $return;
 }
Ejemplo n.º 4
0
 /**
  * {@inheritdoc}
  */
 public function switchBack()
 {
     // Restore the previous account from the stack.
     if (!empty($this->accountStack)) {
         $this->currentUser->setAccount(array_pop($this->accountStack));
     } else {
         throw new \RuntimeException('No more accounts to revert to.');
     }
     // Restore original session saving status if all account switches are
     // reverted.
     if (empty($this->accountStack)) {
         if ($this->originalSessionSaving) {
             $this->writeSafeHandler->setSessionWritable(TRUE);
         }
     }
     return $this;
 }
 /**
  * {@inheritdoc}
  */
 public function enhance(array $defaults, Request $request)
 {
     $auth_provider_triggered = $request->attributes->get('_authentication_provider');
     if (!empty($auth_provider_triggered)) {
         $route = isset($defaults[RouteObjectInterface::ROUTE_OBJECT]) ? $defaults[RouteObjectInterface::ROUTE_OBJECT] : NULL;
         $auth_providers = $route && $route->getOption('_auth') ? $route->getOption('_auth') : array($this->manager->defaultProviderId());
         // If the request was authenticated with a non-permitted provider,
         // force the user back to anonymous.
         if (!in_array($auth_provider_triggered, $auth_providers)) {
             $anonymous_user = new AnonymousUserSession();
             $this->currentUser->setAccount($anonymous_user);
             // The global $user object is included for backward compatibility only
             // and should be considered deprecated.
             // @todo Remove this line once global $user is no longer used.
             $GLOBALS['user'] = $anonymous_user;
         }
     }
     return $defaults;
 }
Ejemplo n.º 6
0
  /**
   * {@inheritdoc}
   */
  public function preprocessIndexItems(array &$items) {
    // Change the current user to our dummy implementation to ensure we are
    // using the configured roles.
    $original_user = $this->currentUser->getAccount();
    // @todo Why not just use \Drupal\Core\Session\UserSession directly here?
    $this->currentUser->setAccount(new UserSession(array('roles' => $this->configuration['roles'])));

    // Count of items that don't have a view mode.
    $unset_view_modes = 0;

    // Annoyingly, this doc comment is needed for PHPStorm. See
    // http://youtrack.jetbrains.com/issue/WI-23586
    /** @var \Drupal\search_api\Item\ItemInterface $item */
    foreach ($items as $item) {
      if (!($field = $item->getField('rendered_item'))) {
        continue;
      }

      $datasource_id = $item->getDatasourceId();
      $datasource = $item->getDatasource();
      $bundle = $datasource->getItemBundle($item->getOriginalObject());
      if (empty($this->configuration['view_mode'][$datasource_id][$bundle])) {
        if (!isset($this->configuration['view_mode'][$datasource_id][$bundle])) {
          ++$unset_view_modes;
        }
        continue;
      }
      else {
        $view_mode = (string) $this->configuration['view_mode'][$datasource_id][$bundle];
      }

      $build = $datasource->viewItem($item->getOriginalObject(), $view_mode);
      $value = (string) $this->getRenderer()->renderPlain($build);
      if ($value) {
        $field->addValue($value);
      }
    }

    if ($unset_view_modes > 0) {
      $context = array(
        '%index' => $this->index->label(),
        '%processor' => $this->label(),
        '@count' => $unset_view_modes,
      );
      $this->getLogger()->warning('Warning: While indexing items on search index %index, @count item(s) did not have a view mode configured for the %processor processor.', $context);
    }

    // Restore the original user.
    $this->currentUser->setAccount($original_user);
  }
Ejemplo n.º 7
0
 /**
  * Switches to a different user.
  *
  * We don't call session_save_session() because we really want to change users.
  * Usually unsafe!
  *
  * @param string $name
  *   The username to switch to, or NULL to log out.
  *
  * @return \Symfony\Component\HttpFoundation\RedirectResponse
  *   A redirect response object.
  *
  * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
  */
 public function switchUser($name = NULL)
 {
     if (empty($name) || !($account = $this->userStorage->loadByProperties(['name' => $name]))) {
         throw new AccessDeniedHttpException();
     }
     $account = reset($account);
     // Call logout hooks when switching from original user.
     $this->moduleHandler->invokeAll('user_logout', [$this->account]);
     // Regenerate the session ID to prevent against session fixation attacks.
     $this->sessionManager->regenerate();
     // Based off masquarade module as:
     // https://www.drupal.org/node/218104 doesn't stick and instead only
     // keeps context until redirect.
     $this->account->setAccount($account);
     $this->session->set('uid', $account->id());
     // Call all login hooks when switching to masquerading user.
     $this->moduleHandler->invokeAll('user_login', [$account]);
     return $this->redirect('<front>');
 }
Ejemplo n.º 8
0
 /**
  * {@inheritdoc}
  */
 public function preprocessIndexItems(array &$items)
 {
     // Change the current user to our dummy implementation to ensure we are
     // using the configured roles.
     $original_user = $this->currentUser->getAccount();
     // @todo Why not just use \Drupal\Core\Session\UserSession directly here?
     $this->currentUser->setAccount(new UserSession(array('roles' => $this->configuration['roles'])));
     // Annoyingly, this doc comment is needed for PHPStorm. See
     // http://youtrack.jetbrains.com/issue/WI-23586
     /** @var \Drupal\search_api\Item\ItemInterface $item */
     foreach ($items as $item) {
         if (empty($this->configuration['view_mode'][$item->getDatasourceId()])) {
             continue;
         }
         if (!($field = $item->getField('rendered_item'))) {
             continue;
         }
         $build = $item->getDatasource()->viewItem($item->getOriginalObject(), $this->configuration['view_mode'][$item->getDatasourceId()]);
         $field->addValue($this->getRenderer()->renderPlain($build));
     }
     // Restore the original user.
     $this->currentUser->setAccount($original_user);
 }
Ejemplo n.º 9
0
 /**
  * Switching back to previous user.
  *
  * @return bool
  *   TRUE when switched back, FALSE otherwise.
  */
 public function switchBack()
 {
     if (empty($_SESSION['masquerading'])) {
         return FALSE;
     }
     $new_user = $this->entityTypeManager->getStorage('user')->load($_SESSION['masquerading']);
     // Ensure the flag is cleared.
     unset($_SESSION['masquerading']);
     if (!$new_user) {
         return FALSE;
     }
     $account = $this->currentUser;
     // Call logout hooks when switching from masquerading user.
     $this->moduleHandler->invokeAll('user_logout', [$account]);
     // Regenerate the session ID to prevent against session fixation attacks.
     // @todo Maybe session service migrate.
     $this->sessionManager->regenerate();
     $this->currentUser->setAccount($new_user);
     \Drupal::service('session')->set('uid', $new_user->id());
     // Call all login hooks when switching back to original user.
     $this->moduleHandler->invokeAll('user_login', [$new_user]);
     $this->logger->info('User %username stopped masquerading as %old_username.', array('%username' => $new_user->getDisplayName(), '%old_username' => $account->getDisplayName(), 'link' => $this->l($this->t('view'), $new_user->toUrl())));
     return TRUE;
 }