You are here

class RedirectOnAccessDeniedSubscriber in Opigno dashboard 3.x

Same name and namespace in other branches
  1. 8 src/EventSubscriber/RedirectOnAccessDeniedSubscriber.php \Drupal\opigno_dashboard\EventSubscriber\RedirectOnAccessDeniedSubscriber

Class RedirectOnAccessDeniedSubscriber.

Hierarchy

Expanded class hierarchy of RedirectOnAccessDeniedSubscriber

1 string reference to 'RedirectOnAccessDeniedSubscriber'
opigno_dashboard.services.yml in ./opigno_dashboard.services.yml
opigno_dashboard.services.yml
1 service uses RedirectOnAccessDeniedSubscriber
opigno_dashboard.redirect_on_access_denied in ./opigno_dashboard.services.yml
Drupal\opigno_dashboard\EventSubscriber\RedirectOnAccessDeniedSubscriber

File

src/EventSubscriber/RedirectOnAccessDeniedSubscriber.php, line 21

Namespace

Drupal\opigno_dashboard\EventSubscriber
View source
class RedirectOnAccessDeniedSubscriber implements EventSubscriberInterface {

  /**
   * The current user.
   *
   * @var \Drupal\Core\Session\AccountInterface
   */
  protected $user;

  /**
   * Constructs a new ResponseSubscriber instance.
   *
   * @param \Drupal\Core\Session\AccountInterface $current_user
   *   The current user.
   */
  public function __construct(AccountInterface $current_user) {
    $this->user = $current_user;
  }

  /**
   * {@inheritdoc}
   */
  public static function create(ContainerInterface $container) {
    return new static($container
      ->get('current_user'));
  }

  /**
   * @return \Drupal\Core\Session\AccountInterface
   */
  public function onKernelRequest(GetResponseEvent $event) {
    $is_anonymous = $this->user
      ->isAnonymous();

    // Add the route name as an extra class to body.
    $route = (string) \Drupal::routeMatch()
      ->getRouteName();
    if ($is_anonymous && !in_array($route, [
      'user.login',
      'user.register',
      'user.pass',
      'view.frontpage.page_1',
      'view.opigno_training_catalog.training_catalogue',
      'system.403',
    ])) {
      $request = $event
        ->getRequest();
      $access_result = AccessResult::neutral();
      if (!$access_result
        ->isAllowed()) {
        if ($access_result instanceof CacheableDependencyInterface && $request
          ->isMethodCacheable()) {
          throw new CacheableAccessDeniedHttpException($access_result, $access_result instanceof AccessResultReasonInterface ? $access_result
            ->getReason() : NULL);
        }
        else {
          throw new AccessDeniedHttpException($access_result instanceof AccessResultReasonInterface ? $access_result
            ->getReason() : NULL);
        }
      }
    }
  }

  /**
   * Redirect if 403 and node an event.
   *
   * @param \Symfony\Component\HttpKernel\Event\FilterResponseEvent $event
   *   The route building event.
   */
  public function redirectOn403(FilterResponseEvent $event) {
    $route_name = \Drupal::routeMatch()
      ->getRouteName();
    $status_code = $event
      ->getResponse()
      ->getStatusCode();
    $is_anonymous = $this->user
      ->isAnonymous();

    // Do not redirect if there is REST request.
    if (strpos($route_name, 'rest.') !== FALSE) {
      return;
    }

    // Do not redirect if there is a token authorization.
    $auth_header = $event
      ->getRequest()->headers
      ->get('Authorization');
    if ($is_anonymous && preg_match('/^Bearer (.*)/', $auth_header)) {
      return;
    }
    if ($is_anonymous && $status_code == 403) {
      $current_path = \Drupal::service('path.current')
        ->getPath();
      $response = new RedirectResponse(\Drupal::request()
        ->getBasePath() . "/user/login/?prev_path={$current_path}");
      $event
        ->setResponse($response);
    }
  }

  /**
   * {@inheritdoc}
   */
  public static function getSubscribedEvents() {
    $events[KernelEvents::RESPONSE][] = [
      'redirectOn403',
    ];
    return $events;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
RedirectOnAccessDeniedSubscriber::$user protected property The current user.
RedirectOnAccessDeniedSubscriber::create public static function
RedirectOnAccessDeniedSubscriber::getSubscribedEvents public static function
RedirectOnAccessDeniedSubscriber::onKernelRequest public function
RedirectOnAccessDeniedSubscriber::redirectOn403 public function Redirect if 403 and node an event.
RedirectOnAccessDeniedSubscriber::__construct public function Constructs a new ResponseSubscriber instance.