ExceptionController.php 17.7 KB
Newer Older
1 2
<?php

Crell's avatar
Crell committed
3 4
/**
 * @file
5
 * Contains \Drupal\Core\Controller\ExceptionController.
Crell's avatar
Crell committed
6
 */
7

8
namespace Drupal\Core\Controller;
9

10
use Drupal\Core\Logger\LoggerChannelFactoryInterface;
11
use Drupal\Core\Page\DefaultHtmlPageRenderer;
12
use Drupal\Core\Page\HtmlFragmentRendererInterface;
13
use Drupal\Core\Page\HtmlPageRendererInterface;
14
use Drupal\Core\Routing\UrlGeneratorInterface;
15 16
use Symfony\Component\DependencyInjection\ContainerAwareInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
17 18
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
19
use Symfony\Component\HttpFoundation\JsonResponse;
20
use Symfony\Component\HttpKernel\HttpKernelInterface;
21
use Drupal\Component\Utility\SafeMarkup;
22
use Drupal\Component\Utility\String;
23
use Symfony\Component\Debug\Exception\FlattenException;
24
use Drupal\Core\ContentNegotiation;
25
use Drupal\Core\Utility\Error;
26 27
use Drupal\Core\StringTranslation\StringTranslationTrait;
use Drupal\Core\StringTranslation\TranslationInterface;
28

29
/**
Crell's avatar
Crell committed
30
 * This controller handles HTTP errors generated by the routing system.
31
 */
32
class ExceptionController extends HtmlControllerBase implements ContainerAwareInterface {
33
  use StringTranslationTrait;
Crell's avatar
Crell committed
34 35

  /**
36
   * The content negotiation library.
Crell's avatar
Crell committed
37
   *
38
   * @var \Drupal\Core\ContentNegotiation
Crell's avatar
Crell committed
39
   */
40 41
  protected $negotiation;

42 43 44 45 46 47 48 49 50 51 52 53
  /**
   * The service container.
   *
   * @var \Symfony\Component\DependencyInjection\ContainerInterface
   */
  protected $container;

  /**
   * The page rendering service.
   *
   * @var \Drupal\Core\Page\HtmlPageRendererInterface
   */
54 55 56 57 58 59 60 61
  protected $htmlPageRenderer;

  /**
   * The fragment rendering service.
   *
   * @var \Drupal\Core\Page\HtmlFragmentRendererInterface
   */
  protected $fragmentRenderer;
62

63 64 65 66 67 68 69
  /**
   * The logger factory service.
   *
   * @var \Drupal\Core\Logger\LoggerChannelFactoryInterface
   */
  protected $loggerFactory;

Crell's avatar
Crell committed
70
  /**
71
   * Constructor.
72
   *
73
   * @param \Drupal\Core\ContentNegotiation $negotiation
Crell's avatar
Crell committed
74 75
   *   The content negotiation library to use to determine the correct response
   *   format.
76 77 78 79
   * @param \Drupal\Core\Controller\TitleResolverInterface $title_resolver
   *   The title resolver.
   * @param \Drupal\Core\Page\HtmlPageRendererInterface $renderer
   *   The page renderer.
80 81
   * @param \Drupal\Core\Page\HtmlFragmentRendererInterface $fragment_renderer
   *   The fragment rendering service.
82 83 84
   * @param \Drupal\Core\StringTranslation\TranslationInterface $string_translation
   *   The url generator.
   * @param \Drupal\Core\Routing\UrlGeneratorInterface $url_generator
85 86 87
   *   The URL generator.
   * @param \Drupal\Core\Logger\LoggerChannelFactoryInterface $logger_factory
   *   The logger factory.
Crell's avatar
Crell committed
88
   */
89
  public function __construct(ContentNegotiation $negotiation, TitleResolverInterface $title_resolver, HtmlPageRendererInterface $renderer, HtmlFragmentRendererInterface $fragment_renderer, TranslationInterface $string_translation, UrlGeneratorInterface $url_generator, LoggerChannelFactoryInterface $logger_factory) {
90
    parent::__construct($title_resolver, $url_generator);
91
    $this->negotiation = $negotiation;
92 93
    $this->htmlPageRenderer = $renderer;
    $this->fragmentRenderer = $fragment_renderer;
94
    $this->stringTranslation = $string_translation;
95
    $this->loggerFactory = $logger_factory;
96 97 98 99 100 101 102 103 104 105 106 107
  }

  /**
   * Sets the Container associated with this Controller.
   *
   * @param \Symfony\Component\DependencyInjection\ContainerInterface $container
   *   A ContainerInterface instance.
   *
   * @api
   */
  public function setContainer(ContainerInterface $container = NULL) {
    $this->container = $container;
108 109
  }

Crell's avatar
Crell committed
110 111 112
  /**
   * Handles an exception on a request.
   *
113
   * @param \Symfony\Component\Debug\Exception\FlattenException $exception
Crell's avatar
Crell committed
114
   *   The flattened exception.
115
   * @param \Symfony\Component\HttpFoundation\Request $request
Crell's avatar
Crell committed
116
   *   The request that generated the exception.
117
   *
118
   * @return \Symfony\Component\HttpFoundation\Response
119
   *   A response object.
Crell's avatar
Crell committed
120
   */
121 122 123 124 125 126 127
  public function execute(FlattenException $exception, Request $request) {
    $method = 'on' . $exception->getStatusCode() . $this->negotiation->getContentType($request);

    if (method_exists($this, $method)) {
      return $this->$method($exception, $request);
    }

128
    return new Response('A fatal error occurred: ' . $exception->getMessage(), $exception->getStatusCode(), $exception->getHeaders());
129 130 131 132 133
  }

  /**
   * Processes a MethodNotAllowed exception into an HTTP 405 response.
   *
134
   * @param \Symfony\Component\Debug\Exception\FlattenException $exception
135
   *   The flattened exception.
136
   * @param \Symfony\Component\HttpFoundation\Request $request
137
   *   The request object that triggered this exception.
138 139 140
   *
   * @return \Symfony\Component\HttpFoundation\Response
   *   A response object.
141 142
   */
  public function on405Html(FlattenException $exception, Request $request) {
143
    return new Response('Method Not Allowed', 405);
144 145 146 147 148
  }

  /**
   * Processes an AccessDenied exception into an HTTP 403 response.
   *
149
   * @param \Symfony\Component\Debug\Exception\FlattenException $exception
150
   *   The flattened exception.
151
   * @param \Symfony\Component\HttpFoundation\Request $request
152
   *   The request object that triggered this exception.
153 154 155
   *
   * @return \Symfony\Component\HttpFoundation\Response
   *   A response object.
156 157
   */
  public function on403Html(FlattenException $exception, Request $request) {
158 159
    // @todo Remove dependency on the internal _system_path attribute:
    //   https://www.drupal.org/node/2293523.
160
    $system_path = $request->attributes->get('_system_path');
161
    $this->loggerFactory->get('access denied')->warning($system_path);
162

163
    $system_config = $this->container->get('config.factory')->get('system.site');
164
    $path = $this->container->get('path.alias_manager')->getPathByAlias($system_config->get('page.403'));
165
    if ($path && $path != $system_path) {
166 167 168 169 170 171
      if ($request->getMethod() === 'POST') {
        $subrequest = Request::create($request->getBaseUrl() . '/' . $path, 'POST', array('destination' => $system_path, '_exception_statuscode' => 403) + $request->request->all(), $request->cookies->all(), array(), $request->server->all());
      }
      else {
        $subrequest = Request::create($request->getBaseUrl() . '/' . $path, 'GET', array('destination' => $system_path, '_exception_statuscode' => 403), $request->cookies->all(), array(), $request->server->all());
      }
172

173
      $response = $this->container->get('http_kernel')->handle($subrequest, HttpKernelInterface::SUB_REQUEST);
174 175 176
      $response->setStatusCode(403, 'Access denied');
    }
    else {
177
      $page_content = array(
178 179
        '#markup' => $this->t('You are not authorized to access this page.'),
        '#title' => $this->t('Access denied'),
180
      );
181

182
      $fragment = $this->createHtmlFragment($page_content, $request);
183 184
      $page = $this->fragmentRenderer->render($fragment, 403);
      $response = new Response($this->htmlPageRenderer->render($page), $page->getStatusCode());
185
      return $response;
186 187 188
    }

    return $response;
189 190
  }

191
  /**
192
   * Processes a NotFound exception into an HTTP 404 response.
193
   *
194
   * @param \Symfony\Component\Debug\Exception\FlattenException $exception
195
   *   The flattened exception.
196
   * @param \Symfony\Component\HttpFoundation\Request $request
197
   *   The request object that triggered this exception.
198 199 200
   *
   * @return \Symfony\Component\HttpFoundation\Response
   *   A response object.
201 202
   */
  public function on404Html(FlattenException $exception, Request $request) {
203
    $this->loggerFactory->get('page not found')->warning(String::checkPlain($request->attributes->get('_system_path')));
204 205

    // Check for and return a fast 404 page if configured.
206
    $config = \Drupal::config('system.performance');
207

208 209 210
    $exclude_paths = $config->get('fast_404.exclude_paths');
    if ($config->get('fast_404.enabled') && $exclude_paths && !preg_match($exclude_paths, $request->getPathInfo())) {
      $fast_paths = $config->get('fast_404.paths');
211
      if ($fast_paths && preg_match($fast_paths, $request->getPathInfo())) {
212
        $fast_404_html = $config->get('fast_404.html');
213
        $fast_404_html = strtr($fast_404_html, array('@path' => String::checkPlain($request->getUri())));
214 215 216
        return new Response($fast_404_html, 404);
      }
    }
217

218 219
    // @todo Remove dependency on the internal _system_path attribute:
    //   https://www.drupal.org/node/2293523.
220
    $system_path = $request->attributes->get('_system_path');
221

222
    $path = $this->container->get('path.alias_manager')->getPathByAlias(\Drupal::config('system.site')->get('page.404'));
223 224 225 226 227
    if ($path && $path != $system_path) {
      // @todo Um, how do I specify an override URL again? Totally not clear. Do
      //   that and sub-call the kernel rather than using meah().
      // @todo The create() method expects a slash-prefixed path, but we store a
      //   normal system path in the site_404 variable.
228 229 230 231 232 233
      if ($request->getMethod() === 'POST') {
        $subrequest = Request::create($request->getBaseUrl() . '/' . $path, 'POST', array('destination' => $system_path, '_exception_statuscode' => 404) + $request->request->all(), $request->cookies->all(), array(), $request->server->all());
      }
      else {
        $subrequest = Request::create($request->getBaseUrl() . '/' . $path, 'GET', array('destination' => $system_path, '_exception_statuscode' => 404), $request->cookies->all(), array(), $request->server->all());
      }
234

235
      $response = $this->container->get('http_kernel')->handle($subrequest, HttpKernelInterface::SUB_REQUEST);
236 237 238
      $response->setStatusCode(404, 'Not Found');
    }
    else {
239
      $page_content = array(
240 241
        '#markup' => $this->t('The requested page "@path" could not be found.', array('@path' => $request->getPathInfo())),
        '#title' => $this->t('Page not found'),
242 243 244
      );

      $fragment = $this->createHtmlFragment($page_content, $request);
245 246
      $page = $this->fragmentRenderer->render($fragment, 404);
      $response = new Response($this->htmlPageRenderer->render($page), $page->getStatusCode());
247
      return $response;
248 249 250 251 252
    }

    return $response;
  }

253 254 255
  /**
   * Processes a generic exception into an HTTP 500 response.
   *
256
   * @param \Symfony\Component\Debug\Exception\FlattenException $exception
257
   *   Metadata about the exception that was thrown.
258
   * @param \Symfony\Component\HttpFoundation\Request $request
259
   *   The request object that triggered this exception.
260 261 262
   *
   * @return \Symfony\Component\HttpFoundation\Response
   *   A response object.
263 264 265 266 267 268 269 270 271 272 273
   */
  public function on500Html(FlattenException $exception, Request $request) {
    $error = $this->decodeException($exception);

    // Because the kernel doesn't run until full bootstrap, we know that
    // most subsystems are already initialized.

    $headers = array();

    // When running inside the testing framework, we relay the errors
    // to the tested site by the way of HTTP headers.
274
    if (DRUPAL_TEST_IN_CHILD_SITE && !headers_sent() && (!defined('SIMPLETEST_COLLECT_ERRORS') || SIMPLETEST_COLLECT_ERRORS)) {
275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290
      // $number does not use drupal_static as it should not be reset
      // as it uniquely identifies each PHP error.
      static $number = 0;
      $assertion = array(
        $error['!message'],
        $error['%type'],
        array(
          'function' => $error['%function'],
          'file' => $error['%file'],
          'line' => $error['%line'],
        ),
      );
      $headers['X-Drupal-Assertion-' . $number] = rawurlencode(serialize($assertion));
      $number++;
    }

291
    $this->loggerFactory->get('php')->log($error['severity_level'], '%type: !message in %function (line %line of %file).', $error);
292 293 294 295 296 297 298

    // Display the message if the current error reporting level allows this type
    // of message to be displayed, and unconditionnaly in update.php.
    if (error_displayable($error)) {
      $class = 'error';

      // If error type is 'User notice' then treat it as debug information
299 300
      // instead of an error message.
      // @see debug()
301 302 303 304 305
      if ($error['%type'] == 'User notice') {
        $error['%type'] = 'Debug';
        $class = 'status';
      }

306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331
      // Attempt to reduce verbosity by removing DRUPAL_ROOT from the file path
      // in the message. This does not happen for (false) security.
      $root_length = strlen(DRUPAL_ROOT);
      if (substr($error['%file'], 0, $root_length) == DRUPAL_ROOT) {
        $error['%file'] = substr($error['%file'], $root_length + 1);
      }
      // Should not translate the string to avoid errors producing more errors.
      $message = String::format('%type: !message in %function (line %line of %file).', $error);

      // Check if verbose error reporting is on.
      $error_level = $this->container->get('config.factory')->get('system.logging')->get('error_level');

      if ($error_level == ERROR_REPORTING_DISPLAY_VERBOSE) {
        $backtrace_exception = $exception;
        while ($backtrace_exception->getPrevious()) {
          $backtrace_exception = $backtrace_exception->getPrevious();
        }
        $backtrace = $backtrace_exception->getTrace();
        // First trace is the error itself, already contained in the message.
        // While the second trace is the error source and also contained in the
        // message, the message doesn't contain argument values, so we output it
        // once more in the backtrace.
        array_shift($backtrace);
        // Generate a backtrace containing only scalar argument values.
        $message .= '<pre class="backtrace">' . Error::formatFlattenedBacktrace($backtrace) . '</pre>';
      }
332
      drupal_set_message(SafeMarkup::set($message), $class, TRUE);
333 334
    }

335 336
    $content = $this->t('The website has encountered an error. Please try again later.');
    $output = DefaultHtmlPageRenderer::renderPage($content, $this->t('Error'));
337
    $response = new Response($output);
338 339 340 341 342
    $response->setStatusCode(500, '500 Service unavailable (with message)');

    return $response;
  }

343
  /**
344
   * Processes an AccessDenied exception that occurred on a JSON request.
345
   *
346
   * @param \Symfony\Component\Debug\Exception\FlattenException $exception
347
   *   The flattened exception.
348
   * @param \Symfony\Component\HttpFoundation\Request $request
349
   *   The request object that triggered this exception.
350 351 352
   *
   * @return \Symfony\Component\HttpFoundation\JsonResponse
   *   A JSON response object.
353 354 355 356 357 358 359 360
   */
  public function on403Json(FlattenException $exception, Request $request) {
    $response = new JsonResponse();
    $response->setStatusCode(403, 'Access Denied');
    return $response;
  }

  /**
361
   * Processes a NotFound exception that occurred on a JSON request.
362
   *
363
   * @param \Symfony\Component\Debug\Exception\FlattenException $exception
364
   *   The flattened exception.
365
   * @param \Symfony\Component\HttpFoundation\Request $request
366
   *   The request object that triggered this exception.
367 368 369
   *
   * @return \Symfony\Component\HttpFoundation\JsonResponse
   *   A JSON response object.
370 371 372 373 374 375 376 377
   */
  public function on404Json(FlattenException $exception, Request $request) {
    $response = new JsonResponse();
    $response->setStatusCode(404, 'Not Found');
    return $response;
  }

  /**
378
   * Processes a MethodNotAllowed exception that occurred on a JSON request.
379
   *
380
   * @param \Symfony\Component\Debug\Exception\FlattenException $exception
381
   *   The flattened exception.
382
   * @param \Symfony\Component\HttpFoundation\Request $request
383
   *   The request object that triggered this exception.
384 385 386
   *
   * @return \Symfony\Component\HttpFoundation\JsonResponse
   *   A JSON response object.
387 388 389 390 391 392 393 394
   */
  public function on405Json(FlattenException $exception, Request $request) {
    $response = new JsonResponse();
    $response->setStatusCode(405, 'Method Not Allowed');
    return $response;
  }


395 396 397
  /**
   * This method is a temporary port of _drupal_decode_exception().
   *
398 399
   * @todo This should get refactored. FlattenException could use some
   *   improvement as well.
400
   *
401 402 403
   * @param \Symfony\Component\Debug\Exception\FlattenException $exception
   *  The flattened exception.
   *
404
   * @return array
405 406
   *   An array of string-substitution tokens for formatting a message about the
   *   exception.
407 408 409 410 411 412 413 414 415 416
   */
  protected function decodeException(FlattenException $exception) {
    $message = $exception->getMessage();

    $backtrace = $exception->getTrace();

    // This value is missing from the stack for some reason in the
    // FlattenException version of the backtrace.
    $backtrace[0]['line'] = $exception->getLine();

417
    // For database errors, we try to return the initial caller,
418
    // skipping internal functions of the database layer.
419 420 421 422 423 424 425
    if (strpos($exception->getClass(), 'DatabaseExceptionWrapper') !== FALSE) {
      // A DatabaseExceptionWrapper exception is actually just a courier for
      // the original PDOException.  It's the stack trace from that exception
      // that we care about.
      $backtrace = $exception->getPrevious()->getTrace();
      $backtrace[0]['line'] = $exception->getLine();

426 427 428 429 430
      // The first element in the stack is the call, the second element gives us the caller.
      // We skip calls that occurred in one of the classes of the database layer
      // or in one of its global functions.
      $db_functions = array('db_query',  'db_query_range');
      while (!empty($backtrace[1]) && ($caller = $backtrace[1]) &&
431 432
          ((strpos($caller['namespace'], 'Drupal\Core\Database') !== FALSE || strpos($caller['class'], 'PDO') !== FALSE)) ||
          in_array($caller['function'], $db_functions)) {
433 434 435 436
        // We remove that call.
        array_shift($backtrace);
      }
    }
437 438

    $caller = Error::getLastCaller($backtrace);
439 440 441 442 443

    return array(
      '%type' => $exception->getClass(),
      // The standard PHP exception handler considers that the exception message
      // is plain-text. We mimick this behavior here.
444
      '!message' => String::checkPlain($message),
445 446 447 448 449 450 451
      '%function' => $caller['function'],
      '%file' => $caller['file'],
      '%line' => $caller['line'],
      'severity_level' => WATCHDOG_ERROR,
    );
  }

452
}