You are here

class ProtectedUserFieldConstraintValidator in Drupal 8

Same name and namespace in other branches
  1. 9 core/modules/user/src/Plugin/Validation/Constraint/ProtectedUserFieldConstraintValidator.php \Drupal\user\Plugin\Validation\Constraint\ProtectedUserFieldConstraintValidator

Validates the ProtectedUserFieldConstraint constraint.

Hierarchy

Expanded class hierarchy of ProtectedUserFieldConstraintValidator

1 file declares its use of ProtectedUserFieldConstraintValidator
ProtectedUserFieldConstraintValidatorTest.php in core/modules/user/tests/src/Unit/Plugin/Validation/Constraint/ProtectedUserFieldConstraintValidatorTest.php

File

core/modules/user/src/Plugin/Validation/Constraint/ProtectedUserFieldConstraintValidator.php, line 15

Namespace

Drupal\user\Plugin\Validation\Constraint
View source
class ProtectedUserFieldConstraintValidator extends ConstraintValidator implements ContainerInjectionInterface {

  /**
   * User storage handler.
   *
   * @var \Drupal\user\UserStorageInterface
   */
  protected $userStorage;

  /**
   * The current user.
   *
   * @var \Drupal\Core\Session\AccountProxyInterface
   */
  protected $currentUser;

  /**
   * Constructs the object.
   *
   * @param \Drupal\user\UserStorageInterface $user_storage
   *   The user storage handler.
   * @param \Drupal\Core\Session\AccountProxyInterface $current_user
   *   The current user.
   */
  public function __construct(UserStorageInterface $user_storage, AccountProxyInterface $current_user) {
    $this->userStorage = $user_storage;
    $this->currentUser = $current_user;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) {
    return new static($container
      ->get('entity_type.manager')
      ->getStorage('user'), $container
      ->get('current_user'));
  }

  /**
   * {@inheritdoc}
   */
  public function validate($items, Constraint $constraint) {
    if (!isset($items)) {
      return;
    }

    /* @var \Drupal\Core\Field\FieldItemListInterface $items */
    $field = $items
      ->getFieldDefinition();

    /* @var \Drupal\user\UserInterface $account */
    $account = $items
      ->getEntity();
    if (!isset($account) || !empty($account->_skipProtectedUserFieldConstraint)) {

      // Looks like we are validating a field not being part of a user, or the
      // constraint should be skipped, so do nothing.
      return;
    }

    // Only validate for existing entities and if this is the current user.
    if (!$account
      ->isNew() && $account
      ->id() == $this->currentUser
      ->id()) {

      /* @var \Drupal\user\UserInterface $account_unchanged */
      $account_unchanged = $this->userStorage
        ->loadUnchanged($account
        ->id());
      $changed = FALSE;

      // Special case for the password, it being empty means that the existing
      // password should not be changed, ignore empty password fields.
      $value = $items->value;
      if ($field
        ->getName() != 'pass' || !empty($value)) {

        // Compare the values of the field this is being validated on.
        $changed = $items
          ->getValue() != $account_unchanged
          ->get($field
          ->getName())
          ->getValue();
      }
      if ($changed && !$account
        ->checkExistingPassword($account_unchanged)) {
        $this->context
          ->addViolation($constraint->message, [
          '%name' => $field
            ->getLabel(),
        ]);
      }
    }
  }

}

Members

Namesort descending Modifiers Type Description Overrides
ProtectedUserFieldConstraintValidator::$currentUser protected property The current user.
ProtectedUserFieldConstraintValidator::$userStorage protected property User storage handler.
ProtectedUserFieldConstraintValidator::create public static function Instantiates a new instance of this class. Overrides ContainerInjectionInterface::create
ProtectedUserFieldConstraintValidator::validate public function Checks if the passed value is valid.
ProtectedUserFieldConstraintValidator::__construct public function Constructs the object.