/** * Determines if redirect may be performed. * * @param Request $request * The current request object. * @param string $route_name * The current route name. * * @return bool * TRUE if redirect may be performed. */ public function canRedirect(Request $request, $route_name = NULL) { $can_redirect = TRUE; if (isset($route_name)) { $route = $this->routeProvider->getRouteByName($route_name); if ($this->config->get('access_check')) { // Do not redirect if is a protected page. $can_redirect &= $this->accessManager->check($route, $request, $this->account); } } else { $route = $request->attributes->get(RouteObjectInterface::ROUTE_OBJECT); } if (strpos($request->getScriptName(), 'index.php') === FALSE) { // Do not redirect if the root script is not /index.php. $can_redirect = FALSE; } elseif (!($request->isMethod('GET') || $request->isMethod('HEAD'))) { // Do not redirect if this is other than GET request. $can_redirect = FALSE; } elseif ($this->state->get('system.maintenance_mode') || defined('MAINTENANCE_MODE')) { // Do not redirect in offline or maintenance mode. $can_redirect = FALSE; } elseif ($this->config->get('ignore_admin_path') && isset($route)) { // Do not redirect on admin paths. $can_redirect &= !(bool) $route->getOption('_admin_route'); } return $can_redirect; }
/** * Checks access to the route. * * @param string $route_name * The current route name. * @param \Symfony\Component\HttpFoundation\Request $request * The current request. * * @return bool * TRUE if access is granted. */ public function canRedirect($route_name, Request $request) { $do_redirect = TRUE; /** @var \Symfony\Component\Routing\Route $route */ $route = $this->routeProvider->getRouteByName($route_name); if ($this->config->get('access_check')) { $do_redirect &= $this->accessManager->check($route, $request, $this->account); } if ($this->config->get('ignore_admin_path')) { $do_redirect &= !(bool) $route->getOption('_admin_route'); } return $do_redirect; }
/** * {@inheritdoc} */ public function isValid($path) { // External URLs and the front page are always valid. if ($path == '<front>' || UrlHelper::isExternal($path)) { return TRUE; } // Check the routing system. $collection = $this->routeProvider->getRoutesByPattern('/' . $path); if ($collection->count() == 0) { return FALSE; } $request = RequestHelper::duplicate($this->requestStack->getCurrentRequest(), '/' . $path); $request->attributes->set('_system_path', $path); // We indicate that a menu administrator is running the menu access check. $request->attributes->set('_menu_admin', TRUE); // Attempt to match this path to provide a fully built request to the // access checker. try { $request->attributes->add($this->requestMatcher->matchRequest($request)); } catch (ParamNotConvertedException $e) { return FALSE; } // Consult the access manager. $routes = $collection->all(); $route = reset($routes); return $this->accessManager->check($route, $request, $this->account); }
/** * Verifies that the current user can access the requested path. * * @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event * The Event to process. * * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException * Thrown when the access got denied. */ public function onKernelRequestAccessCheck(GetResponseEvent $event) { $request = $event->getRequest(); // The controller is being handled by the HTTP kernel, so add an attribute // to tell us this is the controller request. $request->attributes->set('_controller_request', TRUE); if (!$request->attributes->has(RouteObjectInterface::ROUTE_OBJECT)) { // If no Route is available it is likely a static resource and access is // handled elsewhere. return; } // Wrap this in a try/catch to ensure the '_controller_request' attribute // can always be removed. try { $access = $this->accessManager->check($request->attributes->get(RouteObjectInterface::ROUTE_OBJECT), $request, $this->currentUser); } catch (\Exception $e) { $request->attributes->remove('_controller_request'); throw $e; } $request->attributes->remove('_controller_request'); if (!$access) { throw new AccessDeniedHttpException(); } }
/** * Test \Drupal\Core\Access\AccessManager::check() with conjunctions. * * @dataProvider providerTestCheckConjunctions */ public function testCheckConjunctions($name, $condition_one, $condition_two, $expected_access) { $this->setupAccessChecker(); $access_check = new DefinedTestAccessCheck(); $this->container->register('test_access_defined', $access_check); $this->checkProvider->addCheckService('test_access_defined', 'access', array('_test_access')); $route_collection = new RouteCollection(); // Setup a test route for each access configuration. $requirements = array('_access' => $condition_one, '_test_access' => $condition_two); $route = new Route($name, array(), $requirements); $route_collection->add($name, $route); $this->checkProvider->setChecks($route_collection); $this->setupAccessArgumentsResolverFactory(); $route_match = new RouteMatch($name, $route, array(), array()); $this->assertEquals($expected_access->isAllowed(), $this->accessManager->check($route_match, $this->account)); $this->assertEquals($expected_access, $this->accessManager->check($route_match, $this->account, NULL, TRUE)); }
/** * Test \Drupal\Core\Access\AccessManager::check() with conjunctions. * * @dataProvider providerTestCheckConjunctions */ public function testCheckConjunctions($conjunction, $name, $condition_one, $condition_two, $expected_access) { $this->setupAccessChecker(); $access_check = new DefinedTestAccessCheck(); $this->container->register('test_access_defined', $access_check); $this->accessManager->addCheckService('test_access_defined', 'access', array('_test_access')); $request = new Request(); $route_collection = new RouteCollection(); // Setup a test route for each access configuration. $requirements = array('_access' => static::convertAccessCheckInterfaceToString($condition_one), '_test_access' => static::convertAccessCheckInterfaceToString($condition_two)); $options = $conjunction ? array('_access_mode' => $conjunction) : array(); $route = new Route($name, array(), $requirements, $options); $route_collection->add($name, $route); $this->argumentsResolver->expects($this->any())->method('getArguments')->will($this->returnCallback(function ($callable, $route, $request, $account) { return array($route, $request, $account); })); $this->accessManager->setChecks($route_collection); $this->assertSame($this->accessManager->check($route, $request, $this->account), $expected_access); }