3 namespace Drupal\permissions_by_term;
5 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
6 use Symfony\Component\HttpKernel\KernelEvents;
7 use Symfony\Component\HttpFoundation\JsonResponse;
8 use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
9 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
10 use Symfony\Component\HttpFoundation\RedirectResponse;
11 use Symfony\Component\HttpFoundation\Request;
14 * Class KernelEventListener.
16 * @package Drupal\permissions_by_term
18 class KernelEventListener implements EventSubscriberInterface
22 * Instantiating of objects on class construction.
24 public function __construct()
26 $this->accessCheckService = \Drupal::service('permissions_by_term.access_check');
27 $this->accessStorageService = \Drupal::service('permissions_by_term.access_storage');
31 * Access restriction on kernel request.
33 public function onKernelRequest(GetResponseEvent $event)
35 // Restricts access to nodes (views/edit).
36 if ($this->canRequestGetNode($event->getRequest())) {
37 $nid = $event->getRequest()->attributes->get('node')->get('nid')->getValue()['0']['value'];
38 if (!$this->accessCheckService->canUserAccessByNodeId($nid)) {
39 $this->sendUserToAccessDeniedPage();
43 // Restrict access to taxonomy terms by autocomplete list.
44 if ($event->getRequest()->attributes->get('target_type') == 'taxonomy_term' &&
45 $event->getRequest()->attributes->get('_route') == 'system.entity_autocomplete') {
46 $query_string = $event->getRequest()->get('q');
47 $query_string = trim($query_string);
49 $tid = $this->accessStorageService->getTermIdByName($query_string);
50 if (!$this->accessCheckService->isAccessAllowedByDatabase($tid)) {
51 $this->sendUserToAccessDeniedPage();
57 * Restricts access on kernel response.
59 public function onKernelResponse(FilterResponseEvent $event) {
60 $this->restrictTermAccessAtAutoCompletion($event);
64 * Restricts access to terms on AJAX auto completion.
66 private function restrictTermAccessAtAutoCompletion(FilterResponseEvent $event) {
67 if ($event->getRequest()->attributes->get('target_type') == 'taxonomy_term' &&
68 $event->getRequest()->attributes->get('_route') == 'system.entity_autocomplete'
70 $json_suggested_terms = $event->getResponse()->getContent();
71 $suggested_terms = json_decode($json_suggested_terms);
73 foreach ($suggested_terms as $term) {
74 $tid = $this->accessStorageService->getTermIdByName($term->label);
75 if ($this->accessCheckService->isAccessAllowedByDatabase($tid)) {
77 'value' => $term->value,
78 'label' => $term->label,
83 $json_response = new JsonResponse($allowed_terms);
84 $event->setResponse($json_response);
89 * The subscribed events.
91 public static function getSubscribedEvents()
94 KernelEvents::REQUEST => 'onKernelRequest',
95 KernelEvents::RESPONSE => 'onKernelResponse',
99 private function canRequestGetNode(Request $request) {
100 if (method_exists($request->attributes, 'get') && !empty($request->attributes->get('node'))) {
101 if (method_exists($request->attributes->get('node'), 'get')) {
109 private function sendUserToAccessDeniedPage() {
110 $redirect_url = new \Drupal\Core\Url('system.403');
111 $response = new RedirectResponse($redirect_url->toString());