/** * {@inheritdoc} * * @param array $form * An associative array containing the structure of the form. * @param \Drupal\Core\Form\FormStateInterface $form_state * The current state of the form. * @param \Drupal\Core\Session\AccountInterface $user * User requesting reset. * @param string $expiration_date * Formatted expiration date for the login link, or NULL if the link does * not expire. * @param int $timestamp * The current timestamp. * @param string $hash * Login link hash. */ public function buildForm(array $form, FormStateInterface $form_state, AccountInterface $user = NULL, $expiration_date = NULL, $timestamp = NULL, $hash = NULL) { if ($expiration_date) { $form['message'] = array('#markup' => $this->t('<p>This is a one-time login for %user_name and will expire on %expiration_date.</p><p>Click on this button to log in to the site and change your password.</p>', array('%user_name' => $user->getUsername(), '%expiration_date' => $expiration_date))); } else { // No expiration for first time login. $form['message'] = array('#markup' => $this->t('<p>This is a one-time login for %user_name.</p><p>Click on this button to log in to the site and change your password.</p>', array('%user_name' => $user->getUsername()))); } $form['#title'] = 'Reset Password'; $form['user'] = array('#type' => 'value', '#value' => $user); $form['timestamp'] = array('#type' => 'value', '#value' => $timestamp); $form['help'] = array('#markup' => '<p>' . $this->t('This login can be used only once.') . '</p>'); $form['actions'] = array('#type' => 'actions'); $form['actions']['submit'] = array('#type' => 'submit', '#value' => $this->t('Log in')); return $form; }
/** * {@inheritdoc} */ public function collect(Request $request, Response $response, \Exception $exception = NULL) { $this->data['name'] = $this->currentUser->getUsername(); $this->data['authenticated'] = $this->currentUser->isAuthenticated(); $this->data['roles'] = []; $storage = $this->entityManager->getStorage('user_role'); foreach ($this->currentUser->getRoles() as $role) { $entity = $storage->load($role); $this->data['roles'][] = $entity->label(); } foreach ($this->providerCollector->getSortedProviders() as $provider_id => $provider) { if ($provider->applies($request)) { $this->data['provider'] = $provider_id; } } $this->data['anonymous'] = $this->configFactory->get('user.settings')->get('anonymous'); }
/** * {@inheritdoc} */ protected function drupalLogin(AccountInterface $account) { if ($this->loggedInUser) { $this->drupalLogout(); } $this->drupalGet('user'); $this->submitForm(array('name' => $account->getUsername(), 'pass' => $account->passRaw), t('Log in')); // @see BrowserTestBase::drupalUserIsLoggedIn() $account->sessionId = $this->getSession()->getCookie($this->getSessionName()); $this->assertTrue($this->drupalUserIsLoggedIn($account), SafeMarkup::format('User %name successfully logged in.', array('name' => $account->getUsername()))); $this->loggedInUser = $account; $this->container->get('current_user')->setAccount($account); }
/** * Log in a user with the internal browser. * * If a user is already logged in, then the current user is logged out before * logging in the specified user. * * Please note that neither the current user nor the passed-in user object is * populated with data of the logged in user. If you need full access to the * user object after logging in, it must be updated manually. If you also need * access to the plain-text password of the user (set by drupalCreateUser()), * e.g. to log in the same user again, then it must be re-assigned manually. * For example: * @code * // Create a user. * $account = $this->drupalCreateUser(array()); * $this->drupalLogin($account); * // Load real user object. * $pass_raw = $account->pass_raw; * $account = User::load($account->id()); * $account->pass_raw = $pass_raw; * @endcode * * @param \Drupal\Core\Session\AccountInterface $account * User object representing the user to log in. * * @see drupalCreateUser() */ protected function drupalLogin(AccountInterface $account) { if ($this->loggedInUser) { $this->drupalLogout(); } $edit = array('name' => $account->getUsername(), 'pass' => $account->pass_raw); $this->drupalPostForm('user/login', $edit, t('Log in')); // @see WebTestBase::drupalUserIsLoggedIn() if (isset($this->sessionId)) { $account->session_id = $this->sessionId; } $pass = $this->assert($this->drupalUserIsLoggedIn($account), format_string('User %name successfully logged in.', array('%name' => $account->getUsername())), 'User login'); if ($pass) { $this->loggedInUser = $account; $this->container->get('current_user')->setAccount($account); } }
/** * Log in a user via HTTPS. * * Note that the parents $session_id and $loggedInUser is not updated. */ protected function loginHttps(AccountInterface $account) { $this->drupalGet('user/login'); // Alter the form action to submit the login form through https.php, which // creates a mock HTTPS request on HTTP test environments. $form = $this->xpath('//form[@id="user-login-form"]'); $form[0]['action'] = $this->httpsUrl('user/login'); $edit = array('name' => $account->getUsername(), 'pass' => $account->pass_raw); // When posting directly to the HTTP or HTTPS mock front controller, the // location header on the returned response is an absolute URL. That URL // needs to be converted into a request to the respective mock front // controller in order to retrieve the target page. Because the URL in the // location header needs to be modified, it is necessary to disable the // automatic redirects normally performed by parent::curlExec(). $maximum_redirects = $this->maximumRedirects; $this->maximumRedirects = 0; $this->drupalPostForm(NULL, $edit, t('Log in')); $this->maximumRedirects = $maximum_redirects; // When logging in via the HTTPS mock, the child site will issue a session // cookie with the secure attribute set. While this cookie will be stored in // the curl handle, it will not be used on subsequent requests via the HTTPS // mock, unless when operating in a true HTTPS environment. Therefore it is // necessary to manually collect the session cookie and add it to the // curlCookies property such that it will be used on subsequent requests via // the HTTPS mock. $this->curlCookies = array($this->secureSessionName . '=' . $this->cookies[$this->secureSessionName]['value']); // Follow the location header. $path = $this->getPathFromLocationHeader(TRUE); $this->drupalGet($this->httpsUrl($path)); $this->assertResponse(200); }
/** * Overrides Drupal\Core\Entity\EntityForm::form(). */ public function form(array $form, FormStateInterface $form_state) { /** @var \Drupal\comment\CommentInterface $comment */ $comment = $this->entity; $entity = $this->entityManager->getStorage($comment->getCommentedEntityTypeId())->load($comment->getCommentedEntityId()); $field_name = $comment->getFieldName(); $field_definition = $this->entityManager->getFieldDefinitions($entity->getEntityTypeId(), $entity->bundle())[$comment->getFieldName()]; // Use #comment-form as unique jump target, regardless of entity type. $form['#id'] = drupal_html_id('comment_form'); $form['#theme'] = array('comment_form__' . $entity->getEntityTypeId() . '__' . $entity->bundle() . '__' . $field_name, 'comment_form'); $anonymous_contact = $field_definition->getSetting('anonymous'); $is_admin = $comment->id() && $this->currentUser->hasPermission('administer comments'); if (!$this->currentUser->isAuthenticated() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT) { $form['#attached']['library'][] = 'core/drupal.form'; $form['#attributes']['data-user-info-from-browser'] = TRUE; } // If not replying to a comment, use our dedicated page callback for new // Comments on entities. if (!$comment->id() && !$comment->hasParentComment()) { $form['#action'] = $this->url('comment.reply', array('entity_type' => $entity->getEntityTypeId(), 'entity' => $entity->id(), 'field_name' => $field_name)); } $comment_preview = $form_state->get('comment_preview'); if (isset($comment_preview)) { $form += $comment_preview; } $form['author'] = array(); // Display author information in a details element for comment moderators. if ($is_admin) { $form['author'] += array('#type' => 'details', '#title' => $this->t('Administration')); } // Prepare default values for form elements. if ($is_admin) { $author = $comment->getAuthorName(); $status = $comment->getStatus(); if (empty($comment_preview)) { $form['#title'] = $this->t('Edit comment %title', array('%title' => $comment->getSubject())); } } else { if ($this->currentUser->isAuthenticated()) { $author = $this->currentUser->getUsername(); } else { $author = $comment->getAuthorName() ? $comment->getAuthorName() : ''; } $status = $this->currentUser->hasPermission('skip comment approval') ? CommentInterface::PUBLISHED : CommentInterface::NOT_PUBLISHED; } $date = ''; if ($comment->id()) { $date = !empty($comment->date) ? $comment->date : DrupalDateTime::createFromTimestamp($comment->getCreatedTime()); } // Add the author name field depending on the current user. $form['author']['name'] = array('#type' => 'textfield', '#title' => $this->t('Your name'), '#default_value' => $author, '#required' => $this->currentUser->isAnonymous() && $anonymous_contact == COMMENT_ANONYMOUS_MUST_CONTACT, '#maxlength' => 60, '#size' => 30); if ($is_admin) { $form['author']['name']['#title'] = $this->t('Authored by'); $form['author']['name']['#description'] = $this->t('Leave blank for %anonymous.', array('%anonymous' => $this->config('user.settings')->get('anonymous'))); $form['author']['name']['#autocomplete_route_name'] = 'user.autocomplete'; } elseif ($this->currentUser->isAuthenticated()) { $form['author']['name']['#type'] = 'item'; $form['author']['name']['#value'] = $form['author']['name']['#default_value']; $form['author']['name']['#theme'] = 'username'; $form['author']['name']['#account'] = $this->currentUser; } elseif ($this->currentUser->isAnonymous()) { $form['author']['name']['#attributes']['data-drupal-default-value'] = $this->config('user.settings')->get('anonymous'); } $language_configuration = \Drupal::moduleHandler()->invoke('language', 'get_default_configuration', array('comment', $comment->getTypeId())); $form['langcode'] = array('#title' => t('Language'), '#type' => 'language_select', '#default_value' => $comment->getUntranslated()->language()->getId(), '#languages' => Language::STATE_ALL, '#access' => isset($language_configuration['language_show']) && $language_configuration['language_show']); // Add author email and homepage fields depending on the current user. $form['author']['mail'] = array('#type' => 'email', '#title' => $this->t('Email'), '#default_value' => $comment->getAuthorEmail(), '#required' => $this->currentUser->isAnonymous() && $anonymous_contact == COMMENT_ANONYMOUS_MUST_CONTACT, '#maxlength' => 64, '#size' => 30, '#description' => $this->t('The content of this field is kept private and will not be shown publicly.'), '#access' => $is_admin || $this->currentUser->isAnonymous() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT); $form['author']['homepage'] = array('#type' => 'url', '#title' => $this->t('Homepage'), '#default_value' => $comment->getHomepage(), '#maxlength' => 255, '#size' => 30, '#access' => $is_admin || $this->currentUser->isAnonymous() && $anonymous_contact != COMMENT_ANONYMOUS_MAYNOT_CONTACT); // Add administrative comment publishing options. $form['author']['date'] = array('#type' => 'datetime', '#title' => $this->t('Authored on'), '#default_value' => $date, '#size' => 20, '#access' => $is_admin); $form['author']['status'] = array('#type' => 'radios', '#title' => $this->t('Status'), '#default_value' => $status, '#options' => array(CommentInterface::PUBLISHED => $this->t('Published'), CommentInterface::NOT_PUBLISHED => $this->t('Not published')), '#access' => $is_admin); // Used for conditional validation of author fields. $form['is_anonymous'] = array('#type' => 'value', '#value' => $comment->id() ? !$comment->getOwnerId() : $this->currentUser->isAnonymous()); return parent::form($form, $form_state, $comment); }
/** * Log in a user with the internal browser. * * If a user is already logged in, then the current user is logged out before * logging in the specified user. * * Please note that neither the current user nor the passed-in user object is * populated with data of the logged in user. If you need full access to the * user object after logging in, it must be updated manually. If you also need * access to the plain-text password of the user (set by drupalCreateUser()), * e.g. to log in the same user again, then it must be re-assigned manually. * For example: * @code * // Create a user. * $account = $this->drupalCreateUser(array()); * $this->drupalLogin($account); * // Load real user object. * $pass_raw = $account->pass_raw; * $account = user_load($account->id()); * $account->pass_raw = $pass_raw; * @endcode * * @param \Drupal\Core\Session\AccountInterface $account * User object representing the user to log in. * * @see drupalCreateUser() */ protected function drupalLogin(AccountInterface $account) { if ($this->loggedInUser) { $this->drupalLogout(); } $edit = array('name' => $account->getUsername(), 'pass' => $account->pass_raw); $this->drupalPostForm('user', $edit, t('Log in')); // @see WebTestBase::drupalUserIsLoggedIn() if (isset($this->session_id)) { $account->session_id = $this->session_id; } $pass = $this->assert($this->drupalUserIsLoggedIn($account), format_string('User %name successfully logged in.', array('%name' => $account->getUsername())), 'User login'); if ($pass) { $this->loggedInUser = $account; $this->container->get('current_user')->setAccount($account); // @todo Temporary workaround for not being able to use synchronized // services in non dumped container. $this->container->get('access_subscriber')->setCurrentUser($account); } }
/** * Login a user on a specific domain. * * @param Drupal\domain\DomainInterface $domain * The domain to log the user into. * @param Drupal\Core\Session\AccountInterface $account * The user account to login. */ public function domainLogin(DomainInterface $domain, AccountInterface $account) { if ($this->loggedInUser) { $this->drupalLogout(); } // For this to work, we must reset the password to a known value. $pass = '******'; $user = \Drupal::entityManager()->getStorage('user')->load($account->id()); $user->setPassword($pass)->save(); $url = $domain->getPath() . '/user/login'; $edit = ['name' => $account->getUsername(), 'pass' => $pass]; $this->drupalPostForm($url, $edit, t('Log in')); // @see WebTestBase::drupalUserIsLoggedIn() if (isset($this->sessionId)) { $account->session_id = $this->sessionId; } $pass = $this->assert($this->drupalUserIsLoggedIn($account), format_string('User %name successfully logged in.', array('%name' => $account->getUsername())), 'User login'); if ($pass) { $this->loggedInUser = $account; $this->container->get('current_user')->setAccount($account); } }