Skip to content
Snippets Groups Projects
Commit b8aa161c authored by catch's avatar catch
Browse files

Issue #3463607 by claudiu.cristea: AccessDeniedSubscriber should extend HttpExceptionSubscriberBase

parent d4342d70
No related branches found
No related tags found
Pipeline #249175 passed
Stage: 🪄 Lint
Stage: 🗜️ Test
Pipeline: drupal

#249201

    Pipeline: drupal

    #249194

      Pipeline: drupal

      #249189

        Hide whitespace changes
        Inline Side-by-side
        core/modules/user/src/EventSubscriber/AccessDeniedSubscriber.php
        + 41
        40
        View file @ b8aa161c
        ......@@ -2,14 +2,12 @@
        namespace Drupal\user\EventSubscriber;
        use Drupal\Core\EventSubscriber\HttpExceptionSubscriberBase;
        use Drupal\Core\Session\AccountInterface;
        use Drupal\Core\Routing\RouteMatch;
        use Drupal\Core\Url;
        use Symfony\Component\EventDispatcher\EventSubscriberInterface;
        use Symfony\Component\HttpFoundation\RedirectResponse;
        use Symfony\Component\HttpKernel\Event\ExceptionEvent;
        use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
        use Symfony\Component\HttpKernel\KernelEvents;
        /**
        * Redirects users when access is denied.
        ......@@ -19,7 +17,7 @@
        * their profile page and from the user registration form to their profile edit
        * form.
        */
        class AccessDeniedSubscriber implements EventSubscriberInterface {
        class AccessDeniedSubscriber extends HttpExceptionSubscriberBase {
        /**
        * The current user.
        ......@@ -38,52 +36,55 @@ public function __construct(AccountInterface $account) {
        $this->account = $account;
        }
        /**
        * {@inheritdoc}
        */
        protected function getHandledFormats(): array {
        return ['html'];
        }
        /**
        * {@inheritdoc}
        */
        protected static function getPriority(): int {
        // Use a higher priority than ExceptionLoggingSubscriber, because there's
        // no need to log the exception if we can redirect.
        // @see Drupal\Core\EventSubscriber\ExceptionLoggingSubscriber
        return 75;
        }
        /**
        * Redirects users when access is denied.
        *
        * @param \Symfony\Component\HttpKernel\Event\ExceptionEvent $event
        * The event to process.
        */
        public function onException(ExceptionEvent $event) {
        $exception = $event->getThrowable();
        if ($exception instanceof AccessDeniedHttpException) {
        $route_name = RouteMatch::createFromRequest($event->getRequest())->getRouteName();
        $redirect_url = NULL;
        if ($this->account->isAuthenticated()) {
        switch ($route_name) {
        case 'user.login';
        // Redirect an authenticated user to the profile page.
        $redirect_url = Url::fromRoute('entity.user.canonical', ['user' => $this->account->id()], ['absolute' => TRUE]);
        break;
        public function on403(ExceptionEvent $event): void {
        $route_name = RouteMatch::createFromRequest($event->getRequest())->getRouteName();
        $redirect_url = NULL;
        if ($this->account->isAuthenticated()) {
        switch ($route_name) {
        case 'user.login';
        // Redirect an authenticated user to the profile page.
        $redirect_url = Url::fromRoute('entity.user.canonical', ['user' => $this->account->id()], ['absolute' => TRUE]);
        break;
        case 'user.register';
        // Redirect an authenticated user to the profile form.
        $redirect_url = Url::fromRoute('entity.user.edit_form', ['user' => $this->account->id()], ['absolute' => TRUE]);
        break;
        }
        }
        elseif ($route_name === 'user.page') {
        $redirect_url = Url::fromRoute('user.login', [], ['absolute' => TRUE]);
        }
        elseif (in_array($route_name, ['user.logout', 'user.logout.confirm'], TRUE)) {
        $redirect_url = Url::fromRoute('<front>', [], ['absolute' => TRUE]);
        }
        if ($redirect_url) {
        $event->setResponse(new RedirectResponse($redirect_url->toString()));
        case 'user.register';
        // Redirect an authenticated user to the profile form.
        $redirect_url = Url::fromRoute('entity.user.edit_form', ['user' => $this->account->id()], ['absolute' => TRUE]);
        break;
        }
        }
        }
        elseif ($route_name === 'user.page') {
        $redirect_url = Url::fromRoute('user.login', [], ['absolute' => TRUE]);
        }
        elseif (in_array($route_name, ['user.logout', 'user.logout.confirm'], TRUE)) {
        $redirect_url = Url::fromRoute('<front>', [], ['absolute' => TRUE]);
        }
        /**
        * {@inheritdoc}
        */
        public static function getSubscribedEvents(): array {
        // Use a higher priority than
        // \Drupal\Core\EventSubscriber\ExceptionLoggingSubscriber, because there's
        // no need to log the exception if we can redirect.
        $events[KernelEvents::EXCEPTION][] = ['onException', 75];
        return $events;
        if ($redirect_url) {
        $event->setResponse(new RedirectResponse($redirect_url->toString()));
        }
        }
        }
        0% or .
        You are about to add 0 people to the discussion. Proceed with caution.
        Finish editing this message first!
        Please register or to comment