/**
* Access control for the subscription settings user page.
*
* The user is checked for both global permissions and permissions to edit
* his own subscriptions.
*
* @param \Drupal\Core\Entity\EntityInterface $user
* The user object from the route.
*
* @return \Drupal\Core\Access\AccessResult
* An access result object carrying the result of the check.
*/
public function access(EntityInterface $user)
{
if ($this->currentUser->hasPermission('manage all subscriptions')) {
return AccessResult::allowed();
} elseif (!$this->currentUser->isAnonymous() && $this->currentUser->id() == $user->id() && $this->currentUser->hasPermission('manage own subscriptions')) {
return AccessResult::allowed();
}
return AccessResult::forbidden();
}
/**
* Perform the anonymous user redirection, if needed.
*
* This method is called whenever the KernelEvents::REQUEST event is
* dispatched.
*
* @param GetResponseEvent $event
*/
public function redirect(GetResponseEvent $event) {
// Skip if maintenance mode is enabled.
if ($this->state->get('system.maintenance_mode')) {
return;
}
// Skip if running from the command-line.
if (PHP_SAPI === 'cli') {
return;
}
// Skip if no paths are configured for redirecting.
if (!($paths = $this->paths()) || empty($paths['include'])) {
return;
}
// Skip if the user is not anonymous.
if (!$this->current_user->isAnonymous()) {
return;
}
// Determine the current path and alias.
$current = [
'path' => $this->path_current->getPath(),
'alias' => \Drupal::request()->getRequestUri(),
];
// Ignore PHP file requests.
if (substr($current['path'], -4) == '.php') {
return;
}
// Ignore the user login page.
if ($current['path'] == '/user/login') {
return;
}
// Convert the path to the front page token, if needed.
$current['path'] = ($current['path'] != '/') ? $current['path'] : '<front>';
// Track if we should redirect.
$redirect = FALSE;
// Iterate the current path and alias.
foreach ($current as &$check) {
// Remove the leading slash.
$check = substr($check, 1);
// Check if there is a trailer slash.
if (substr($check, -1) == '/') {
// Remove it.
$check = substr($check, 0, strlen($check) - 1);
}
// Redirect if the path is a match for included paths.
if ($this->path_matcher->matchPath($check, implode("\n", $paths['include']))) {
$redirect = TRUE;
}
// Do not redirect if the path is a match for excluded paths.
if ($this->path_matcher->matchPath($check, implode("\n", $paths['exclude']))) {
$redirect = FALSE;
// Matching an excluded path is a hard-stop.
break;
}
}
// See if we're going to redirect.
if ($redirect) {
// See if we have a message to display.
if ($message = $this->config_factory->get('anonymous_login.settings')->get('message')) {
// @todo: translation?
// @todo: This does not show after the redirect..
drupal_set_message($message);
}
// Redirect to the login, keeping the requested alias as the destination.
$response = new RedirectResponse('/user/login?destination=' . $current['alias']);
$response->send();
exit();
}
}
