3 namespace Drupal\rest\Routing;
5 use Drupal\Core\Entity\EntityTypeManagerInterface;
6 use Drupal\Core\Routing\RouteBuildEvent;
7 use Drupal\Core\Routing\RoutingEvents;
8 use Drupal\rest\Plugin\Type\ResourcePluginManager;
9 use Drupal\rest\RestResourceConfigInterface;
10 use Psr\Log\LoggerInterface;
11 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
12 use Symfony\Component\Routing\RouteCollection;
15 * Subscriber for REST-style routes.
17 class ResourceRoutes implements EventSubscriberInterface {
20 * The plugin manager for REST plugins.
22 * @var \Drupal\rest\Plugin\Type\ResourcePluginManager
27 * The REST resource config storage.
29 * @var \Drupal\Core\Entity\EntityManagerInterface
31 protected $resourceConfigStorage;
36 * @var \Psr\Log\LoggerInterface
41 * Constructs a RouteSubscriber object.
43 * @param \Drupal\rest\Plugin\Type\ResourcePluginManager $manager
44 * The resource plugin manager.
45 * @param \Drupal\Core\Entity\EntityTypeManagerInterface $entity_type_manager
46 * The entity type manager
47 * @param \Psr\Log\LoggerInterface $logger
50 public function __construct(ResourcePluginManager $manager, EntityTypeManagerInterface $entity_type_manager, LoggerInterface $logger) {
51 $this->manager = $manager;
52 $this->resourceConfigStorage = $entity_type_manager->getStorage('rest_resource_config');
53 $this->logger = $logger;
57 * Alters existing routes for a specific collection.
59 * @param \Drupal\Core\Routing\RouteBuildEvent $event
60 * The route build event.
63 public function onDynamicRouteEvent(RouteBuildEvent $event) {
64 // Iterate over all enabled REST resource config entities.
65 /** @var \Drupal\rest\RestResourceConfigInterface[] $resource_configs */
66 $resource_configs = $this->resourceConfigStorage->loadMultiple();
67 foreach ($resource_configs as $resource_config) {
68 if ($resource_config->status()) {
69 $resource_routes = $this->getRoutesForResourceConfig($resource_config);
70 $event->getRouteCollection()->addCollection($resource_routes);
76 * Provides all routes for a given REST resource config.
78 * This method determines where a resource is reachable, what path
79 * replacements are used, the required HTTP method for the operation etc.
81 * @param \Drupal\rest\RestResourceConfigInterface $rest_resource_config
82 * The rest resource config.
84 * @return \Symfony\Component\Routing\RouteCollection
85 * The route collection.
87 protected function getRoutesForResourceConfig(RestResourceConfigInterface $rest_resource_config) {
88 $plugin = $rest_resource_config->getResourcePlugin();
89 $collection = new RouteCollection();
91 foreach ($plugin->routes() as $name => $route) {
92 /** @var \Symfony\Component\Routing\Route $route */
93 // @todo: Are multiple methods possible here?
94 $methods = $route->getMethods();
95 // Only expose routes where the method is enabled in the configuration.
96 if ($methods && ($method = $methods[0]) && $supported_formats = $rest_resource_config->getFormats($method)) {
97 $route->setRequirement('_csrf_request_header_token', 'TRUE');
99 // Check that authentication providers are defined.
100 if (empty($rest_resource_config->getAuthenticationProviders($method))) {
101 $this->logger->error('At least one authentication provider must be defined for resource @id', [':id' => $rest_resource_config->id()]);
105 // Check that formats are defined.
106 if (empty($rest_resource_config->getFormats($method))) {
107 $this->logger->error('At least one format must be defined for resource @id', [':id' => $rest_resource_config->id()]);
111 // If the route has a format requirement, then verify that the
113 $format_requirement = $route->getRequirement('_format');
114 if ($format_requirement && !in_array($format_requirement, $rest_resource_config->getFormats($method))) {
118 // The configuration has been validated, so we update the route to:
119 // - set the allowed request body content types/formats for methods that
120 // allow request bodies to be sent
121 // - set the allowed authentication providers
122 if (in_array($method, ['POST', 'PATCH', 'PUT'], TRUE)) {
123 // Restrict the incoming HTTP Content-type header to the allowed
125 $route->addRequirements(['_content_type_format' => implode('|', $rest_resource_config->getFormats($method))]);
127 $route->setOption('_auth', $rest_resource_config->getAuthenticationProviders($method));
128 $route->setDefault('_rest_resource_config', $rest_resource_config->id());
129 $collection->add("rest.$name", $route);
139 public static function getSubscribedEvents() {
140 $events[RoutingEvents::DYNAMIC] = 'onDynamicRouteEvent';