Commit 8db8dd08 authored by alexpott's avatar alexpott

Issue #2328645 by andypost, Berdir, almaudoh: Remove remaining global $user

parent 8d87f7fa
......@@ -740,7 +740,7 @@ function drupal_bootstrap($phase = NULL) {
* Returns the time zone of the current user.
*/
function drupal_get_user_timezone() {
global $user;
$user = \Drupal::currentUser();
$config = \Drupal::config('system.date');
if ($user && $config->get('timezone.user.configurable') && $user->isAuthenticated() && $user->getTimezone()) {
......
......@@ -85,8 +85,6 @@ public function applies(Request $request) {
* {@inheritdoc}
*/
public function authenticate(Request $request) {
global $user;
$account = NULL;
// Iterate the allowed providers.
......@@ -114,11 +112,6 @@ public function authenticate(Request $request) {
// for later access.
$request->attributes->set('_authentication_provider', $this->triggeredProviderId);
// The global $user object is included for backward compatibility only and
// should be considered deprecated.
// @todo Remove this line once global $user is no longer used.
$user = $account;
return $account;
}
......
......@@ -28,11 +28,10 @@ public function applies(Request $request) {
* {@inheritdoc}
*/
public function authenticate(Request $request) {
// Global $user is deprecated, but the session system is still based on it.
global $user;
if ($request->getSession()->start()) {
return $user;
// @todo Remove global in https://www.drupal.org/node/2286971
global $_session_user;
return $_session_user;
}
return NULL;
......
......@@ -10,7 +10,7 @@
/**
* Defines the TimeZoneCacheContext service, for "per time zone" caching.
*
* @see \Drupal\Core\Session\SessionManager::initialize()
* @see \Drupal\Core\Session\AccountProxy::setAccount()
*/
class TimeZoneCacheContext implements CacheContextInterface {
......@@ -25,7 +25,7 @@ public static function getLabel() {
* {@inheritdoc}
*/
public function getContext() {
// date_default_timezone_set() is called in SessionManager::initialize(), so
// date_default_timezone_set() is called in AccountProxy::setAccount(), so
// we can safely retrieve the timezone.
return date_default_timezone_get();
}
......
......@@ -66,11 +66,6 @@ public function enhance(array $defaults, Request $request) {
$anonymous_user = new AnonymousUserSession();
$this->currentUser->setAccount($anonymous_user);
// The global $user object is included for backward compatibility only
// and should be considered deprecated.
// @todo Remove this line once global $user is no longer used.
$GLOBALS['user'] = $anonymous_user;
}
}
return $defaults;
......
......@@ -67,6 +67,7 @@ public function setAccount(AccountInterface $account) {
$account = $account->getAccount();
}
$this->account = $account;
date_default_timezone_set(drupal_get_user_timezone());
}
/**
......
......@@ -64,13 +64,14 @@ public function open($save_path, $name) {
* {@inheritdoc}
*/
public function read($sid) {
global $user;
// @todo Remove global in https://www.drupal.org/node/2286971
global $_session_user;
// Handle the case of first time visitors and clients that don't store
// cookies (eg. web crawlers).
$cookies = $this->requestStack->getCurrentRequest()->cookies;
if (empty($sid) || !$cookies->has($this->getName())) {
$user = new UserSession();
$_session_user = new UserSession();
return '';
}
......@@ -86,29 +87,29 @@ public function read($sid) {
':uid' => $values['uid'],
))->fetchCol();
$values['roles'] = array_merge(array(DRUPAL_AUTHENTICATED_RID), $rids);
$user = new UserSession($values);
$_session_user = new UserSession($values);
}
elseif ($values) {
// The user is anonymous or blocked. Only preserve two fields from the
// {sessions} table.
$user = new UserSession(array(
$_session_user = new UserSession(array(
'session' => $values['session'],
'access' => $values['access'],
));
}
else {
// The session has expired.
$user = new UserSession();
$_session_user = new UserSession();
}
return $user->session;
return $_session_user->session;
}
/**
* {@inheritdoc}
*/
public function write($sid, $value) {
global $user;
$user = \Drupal::currentUser();
// The exception handler is not active at this point, so we need to do it
// manually.
......@@ -155,17 +156,17 @@ public function close() {
* {@inheritdoc}
*/
public function destroy($sid) {
global $user;
// Delete session data.
$this->connection->delete('sessions')
->condition('sid', Crypt::hashBase64($sid))
->execute();
// Reset $_SESSION and $user to prevent a new session from being started
// in \Drupal\Core\Session\SessionManager::save().
// Reset $_SESSION and current user to prevent a new session from being
// started in \Drupal\Core\Session\SessionManager::save().
$_SESSION = array();
$user = new AnonymousUserSession();
\Drupal::currentUser()->setAccount(new AnonymousUserSession());
// Unset the session cookies.
$this->deleteCookie($this->getName());
......
......@@ -105,8 +105,6 @@ public function __construct(RequestStack $request_stack, Connection $connection,
* {@inheritdoc}
*/
public function start() {
global $user;
if (($this->started || $this->startedLazy) && !$this->closed) {
return $this->started;
}
......@@ -123,7 +121,9 @@ public function start() {
}
if (empty($result)) {
$user = new AnonymousUserSession();
// @todo Remove global in https://www.drupal.org/node/2286971
global $_session_user;
$_session_user = new AnonymousUserSession();
// Randomly generate a session identifier for this request. This is
// necessary because \Drupal\user\TempStoreFactory::get() wants to know
......@@ -146,7 +146,6 @@ public function start() {
$result = FALSE;
}
date_default_timezone_set(drupal_get_user_timezone());
return $result;
}
......@@ -181,7 +180,7 @@ protected function startNow() {
* {@inheritdoc}
*/
public function save() {
global $user;
$user = \Drupal::currentUser();
if ($this->isCli()) {
// We don't have anything to do if we are not allowed to save the session.
......@@ -212,7 +211,7 @@ public function save() {
* {@inheritdoc}
*/
public function regenerate($destroy = FALSE, $lifetime = NULL) {
global $user;
$user = \Drupal::currentUser();
// Nothing to do if we are not allowed to change the session.
if ($this->isCli()) {
......@@ -241,13 +240,8 @@ public function regenerate($destroy = FALSE, $lifetime = NULL) {
if (!$this->isStarted()) {
// Start the session when it doesn't exist yet.
// Preserve the logged in user, as it will be reset to anonymous
// by \Drupal\Core\Session\SessionHandler::read().
$account = $user;
$this->startNow();
$user = $account;
}
date_default_timezone_set(drupal_get_user_timezone());
}
/**
......
......@@ -138,7 +138,7 @@ public function cleanup(Request $request) {}
*/
public function handleException(GetResponseForExceptionEvent $event) {
$exception = $event->getException();
if ($GLOBALS['user']->isAnonymous() && $exception instanceof AccessDeniedHttpException) {
if (\Drupal::currentUser()->isAnonymous() && $exception instanceof AccessDeniedHttpException) {
if (!$this->applies($event->getRequest())) {
$site_name = $this->configFactory->get('system.site')->get('name');
global $base_url;
......
......@@ -9,6 +9,7 @@
use Drupal\simpletest\WebTestBase;
use Drupal\Core\Datetime\DrupalDateTime;
use Drupal\user\Entity\User;
/**
* Tests DrupalDateTime functionality.
......@@ -51,8 +52,6 @@ public function testSystemTimezone() {
* stated timezones.
*/
public function testDateTimezone() {
global $user;
$date_string = '2007-01-31 21:00:00';
// Make sure no site timezone has been set.
......@@ -93,28 +92,15 @@ public function testDateTimezone() {
$edit = array('mail' => $test_user->getEmail(), 'timezone' => 'Asia/Manila');
$this->drupalPostForm('user/' . $test_user->id() . '/edit', $edit, t('Save'));
// Disable session saving as we are about to modify the global $user.
\Drupal::service('session_handler.write_safe')->setSessionWritable(FALSE);
// Save the original user and then replace it with the test user.
$real_user = $user;
$user = user_load($test_user->id(), TRUE);
// Simulate a Drupal bootstrap with the logged-in user.
date_default_timezone_set(drupal_get_user_timezone());
// Reload the user and reset the timezone in AccountProxy::setAccount().
\Drupal::entityManager()->getStorage('user')->resetCache();
$this->container->get('current_user')->setAccount(User::load($test_user->id()));
// Create a date object with an unspecified timezone, which should
// end up using the user timezone.
$date = new DrupalDateTime($date_string);
$timezone = $date->getTimezone()->getName();
$this->assertTrue($timezone == 'Asia/Manila', 'DrupalDateTime uses the user timezone, if configurable timezones are used and it is set.');
// Restore the original user, and enable session saving.
$user = $real_user;
// Restore default time zone.
date_default_timezone_set(drupal_get_user_timezone());
\Drupal::service('session_handler.write_safe')->setSessionWritable(TRUE);
}
}
......@@ -232,15 +232,6 @@ function user_load_multiple(array $uids = NULL, $reset = FALSE) {
/**
* Loads a user object.
*
* Drupal has a global $user object, which represents the currently-logged-in
* user. So to avoid confusion and to avoid clobbering the global $user object,
* it is a good idea to assign the result of this function to a different local
* variable, generally $account. If you actually do want to act as the user you
* are loading, it is essential to call drupal_save_session(FALSE); first.
* See
* @link http://drupal.org/node/218104 Safely impersonating another user @endlink
* for more information.
*
* @param int $uid
* Integer specifying the user ID to load.
* @param bool $reset
......@@ -576,7 +567,7 @@ function template_preprocess_username(&$variables) {
* session, saves the login timestamp, calls hook_user_login(), and generates a
* new session.
*
* The global $user object is replaced with the passed in account.
* The current user is replaced with the passed in account.
*
* @param \Drupal\user\UserInterface $account
* The account to log in.
......@@ -584,8 +575,7 @@ function template_preprocess_username(&$variables) {
* @see hook_user_login()
*/
function user_login_finalize(UserInterface $account) {
global $user;
$user = $account;
\Drupal::currentUser()->setAccount($account);
\Drupal::logger('user')->notice('Session opened for %name.', array('%name' => $account->getUsername()));
// Update the user table timestamp noting user has logged in.
// This is also used to invalidate one-time login links.
......@@ -785,7 +775,6 @@ function user_cancel($edit, $uid, $method) {
* @see user_cancel()
*/
function _user_cancel($edit, $account, $method) {
global $user;
$logger = \Drupal::logger('user');
switch ($method) {
......@@ -818,8 +807,8 @@ function _user_cancel($edit, $account, $method) {
// their session though, as we might have information in it, and we can't
// regenerate it because batch API uses the session ID, we will regenerate it
// in _user_cancel_session_regenerate().
if ($account->id() == $user->id()) {
$user = new AnonymousUserSession();
if ($account->id() == \Drupal::currentUser()->id()) {
\Drupal::currentUser()->setAccount(new AnonymousUserSession());
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment