projects / yaffs-website / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Backup of database 9 Nov 17
[yaffs-website] / web / modules / contrib / permissions_by_term / src / Listener / KernelEventListener.php
1 <?php
2
3 namespace Drupal\permissions_by_term\Listener;
4
5 use Drupal\Component\EventDispatcher\ContainerAwareEventDispatcher;
6 use Drupal\permissions_by_term\Event\PermissionsByTermDeniedEvent;
7 use Symfony\Component\EventDispatcher\EventSubscriberInterface;
8 use Symfony\Component\HttpKernel\KernelEvents;
9 use Symfony\Component\HttpFoundation\JsonResponse;
10 use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
11 use Symfony\Component\HttpKernel\Event\GetResponseEvent;
12 use Symfony\Component\HttpFoundation\RedirectResponse;
13 use Symfony\Component\HttpFoundation\Request;
14 use Drupal\permissions_by_term\Service\AccessCheck;
15 use Drupal\permissions_by_term\Service\Term;
16
17 /**
18  * Class KernelEventListener.
19  *
20  * @package Drupal\permissions_by_term
21  */
22 class KernelEventListener implements EventSubscriberInterface
23 {
24
25   /**
26    * @var AccessCheck
27    */
28   private $accessCheckService;
29
30   /**
31    * @var Term
32    */
33   private $term;
34
35   /**
36    * @var ContainerAwareEventDispatcher
37    */
38   private $eventDispatcher;
39
40   /**
41    * Instantiating of objects on class construction.
42    */
43   public function __construct()
44   {
45     $this->accessCheckService = \Drupal::service('permissions_by_term.access_check');
46     $this->term = \Drupal::service('permissions_by_term.term');
47     $this->eventDispatcher = \Drupal::service('event_dispatcher');
48   }
49
50   /**
51    * Access restriction on kernel request.
52    */
53   public function onKernelRequest(GetResponseEvent $event)
54   {
55     // Restricts access to nodes (views/edit).
56     if ($this->canRequestGetNode($event->getRequest())) {
57       $nid = $event->getRequest()->attributes->get('node')->get('nid')->getValue()['0']['value'];
58       if (!$this->accessCheckService->canUserAccessByNodeId($nid)) {
59         $accessDeniedEvent = new PermissionsByTermDeniedEvent($nid);
60         $this->eventDispatcher->dispatch(PermissionsByTermDeniedEvent::NAME, $accessDeniedEvent);
61
62         $this->sendUserToAccessDeniedPage();
63       }
64     }
65
66     // Restrict access to taxonomy terms by autocomplete list.
67     if ($event->getRequest()->attributes->get('target_type') == 'taxonomy_term' &&
68       $event->getRequest()->attributes->get('_route') == 'system.entity_autocomplete') {
69       $query_string = $event->getRequest()->get('q');
70       $query_string = trim($query_string);
71
72       $tid = $this->term->getTermIdByName($query_string);
73       if (!$this->accessCheckService->isAccessAllowedByDatabase($tid)) {
74         $this->sendUserToAccessDeniedPage();
75       }
76     }
77   }
78
79   /**
80    * Restricts access on kernel response.
81    */
82   public function onKernelResponse(FilterResponseEvent $event) {
83     $this->restrictTermAccessAtAutoCompletion($event);
84   }
85
86   /**
87    * Restricts access to terms on AJAX auto completion.
88    */
89   private function restrictTermAccessAtAutoCompletion(FilterResponseEvent $event) {
90     if ($event->getRequest()->attributes->get('target_type') == 'taxonomy_term' &&
91       $event->getRequest()->attributes->get('_route') == 'system.entity_autocomplete'
92     ) {
93       $json_suggested_terms = $event->getResponse()->getContent();
94       $suggested_terms = json_decode($json_suggested_terms);
95       $allowed_terms = [];
96       foreach ($suggested_terms as $term) {
97         $tid = $this->term->getTermIdByName($term->label);
98         if ($this->accessCheckService->isAccessAllowedByDatabase($tid)) {
99           $allowed_terms[] = [
100             'value' => $term->value,
101             'label' => $term->label,
102           ];
103         }
104       }
105
106       $json_response = new JsonResponse($allowed_terms);
107       $event->setResponse($json_response);
108     }
109   }
110
111   /**
112    * The subscribed events.
113    */
114   public static function getSubscribedEvents()
115   {
116     return [
117       KernelEvents::REQUEST => 'onKernelRequest',
118       KernelEvents::RESPONSE => 'onKernelResponse',
119     ];
120   }
121
122   private function canRequestGetNode(Request $request) {
123     if (method_exists($request->attributes, 'get') && !empty($request->attributes->get('node'))) {
124       if (method_exists($request->attributes->get('node'), 'get')) {
125         return TRUE;
126       }
127     }
128
129     return FALSE;
130   }
131
132   private function sendUserToAccessDeniedPage() {
133     $redirect_url = new \Drupal\Core\Url('system.403');
134     $response = new RedirectResponse($redirect_url->toString());
135     $response->send();
136     return $response;
137   }
138
139 }
Unnamed repository; edit this file 'description' to name the repository.