/** * Access control for the subscription settings user page. * * The user is checked for both global permissions and permissions to edit * his own subscriptions. * * @param \Drupal\Core\Entity\EntityInterface $user * The user object from the route. * * @return \Drupal\Core\Access\AccessResult * An access result object carrying the result of the check. */ public function access(EntityInterface $user) { if ($this->currentUser->hasPermission('manage all subscriptions')) { return AccessResult::allowed(); } elseif (!$this->currentUser->isAnonymous() && $this->currentUser->id() == $user->id() && $this->currentUser->hasPermission('manage own subscriptions')) { return AccessResult::allowed(); } return AccessResult::forbidden(); }
/** * Perform the anonymous user redirection, if needed. * * This method is called whenever the KernelEvents::REQUEST event is * dispatched. * * @param GetResponseEvent $event */ public function redirect(GetResponseEvent $event) { // Skip if maintenance mode is enabled. if ($this->state->get('system.maintenance_mode')) { return; } // Skip if running from the command-line. if (PHP_SAPI === 'cli') { return; } // Skip if no paths are configured for redirecting. if (!($paths = $this->paths()) || empty($paths['include'])) { return; } // Skip if the user is not anonymous. if (!$this->current_user->isAnonymous()) { return; } // Determine the current path and alias. $current = [ 'path' => $this->path_current->getPath(), 'alias' => \Drupal::request()->getRequestUri(), ]; // Ignore PHP file requests. if (substr($current['path'], -4) == '.php') { return; } // Ignore the user login page. if ($current['path'] == '/user/login') { return; } // Convert the path to the front page token, if needed. $current['path'] = ($current['path'] != '/') ? $current['path'] : '<front>'; // Track if we should redirect. $redirect = FALSE; // Iterate the current path and alias. foreach ($current as &$check) { // Remove the leading slash. $check = substr($check, 1); // Check if there is a trailer slash. if (substr($check, -1) == '/') { // Remove it. $check = substr($check, 0, strlen($check) - 1); } // Redirect if the path is a match for included paths. if ($this->path_matcher->matchPath($check, implode("\n", $paths['include']))) { $redirect = TRUE; } // Do not redirect if the path is a match for excluded paths. if ($this->path_matcher->matchPath($check, implode("\n", $paths['exclude']))) { $redirect = FALSE; // Matching an excluded path is a hard-stop. break; } } // See if we're going to redirect. if ($redirect) { // See if we have a message to display. if ($message = $this->config_factory->get('anonymous_login.settings')->get('message')) { // @todo: translation? // @todo: This does not show after the redirect.. drupal_set_message($message); } // Redirect to the login, keeping the requested alias as the destination. $response = new RedirectResponse('/user/login?destination=' . $current['alias']); $response->send(); exit(); } }