/** * {@inheritdoc} */ public function isValid($path) { // External URLs and the front page are always valid. if ($path == '<front>' || UrlHelper::isExternal($path)) { return TRUE; } // Check the routing system. $collection = $this->routeProvider->getRoutesByPattern('/' . $path); if ($collection->count() == 0) { return FALSE; } $request = RequestHelper::duplicate($this->requestStack->getCurrentRequest(), '/' . $path); $request->attributes->set('_system_path', $path); // We indicate that a menu administrator is running the menu access check. $request->attributes->set('_menu_admin', TRUE); // Attempt to match this path to provide a fully built request to the // access checker. try { $request->attributes->add($this->requestMatcher->matchRequest($request)); } catch (ParamNotConvertedException $e) { return FALSE; } // Consult the access manager. $routes = $collection->all(); $route = reset($routes); return $this->accessManager->check($route, $request, $this->account); }
/** * Verifies that the current user can access the requested path. * * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event * The Event to process. * * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException * Thrown when the access got denied. */ public function onKernelRequestAccessCheck(GetResponseEvent $event) { $request = $event->getRequest(); // The controller is being handled by the HTTP kernel, so add an attribute // to tell us this is the controller request. $request->attributes->set('_controller_request', TRUE); if (!$request->attributes->has(RouteObjectInterface::ROUTE_OBJECT)) { // If no Route is available it is likely a static resource and access is // handled elsewhere. return; } // Wrap this in a try/catch to ensure the '_controller_request' attribute // can always be removed. try { $access = $this->accessManager->check($request->attributes->get(RouteObjectInterface::ROUTE_OBJECT), $request, $this->currentUser); } catch (\Exception $e) { $request->attributes->remove('_controller_request'); throw $e; } $request->attributes->remove('_controller_request'); if (!$access) { throw new AccessDeniedHttpException(); } }
/** * {@inheritdoc} */ public function build(RouteMatchInterface $route_match) { $breadcrumb = new Breadcrumb(); $links = array(); // General path-based breadcrumbs. Use the actual request path, prior to // resolving path aliases, so the breadcrumb can be defined by simply // creating a hierarchy of path aliases. $path = trim($this->context->getPathInfo(), '/'); $path_elements = explode('/', $path); $exclude = array(); // Don't show a link to the front-page path. $front = $this->config->get('page.front'); $exclude[$front] = TRUE; // /user is just a redirect, so skip it. // @todo Find a better way to deal with /user. $exclude['/user'] = TRUE; // Because this breadcrumb builder is entirely path-based, vary by the // 'url.path' cache context. $breadcrumb->addCacheContexts(['url.path']); while (count($path_elements) > 1) { array_pop($path_elements); // Copy the path elements for up-casting. $route_request = $this->getRequestForPath('/' . implode('/', $path_elements), $exclude); if ($route_request) { $route_match = RouteMatch::createFromRequest($route_request); $access = $this->accessManager->check($route_match, $this->currentUser, NULL, TRUE); // The set of breadcrumb links depends on the access result, so merge // the access result's cacheability metadata. $breadcrumb = $breadcrumb->addCacheableDependency($access); if ($access->isAllowed()) { $title = $this->titleResolver->getTitle($route_request, $route_match->getRouteObject()); if (!isset($title)) { // Fallback to using the raw path component as the title if the // route is missing a _title or _title_callback attribute. $title = str_replace(array('-', '_'), ' ', Unicode::ucfirst(end($path_elements))); } $url = Url::fromRouteMatch($route_match); $links[] = new Link($title, $url); } } } if ($path && '/' . $path != $front) { // Add the Home link, except for the front page. $links[] = Link::createFromRoute($this->t('Home'), '<front>'); } return $breadcrumb->setLinks(array_reverse($links)); }