ToggleController.php in Security Review 8
File
src/Controller/ToggleController.php
View source
<?php
namespace Drupal\security_review\Controller;
use Drupal\Core\Access\CsrfTokenGenerator;
use Drupal\Core\Controller\ControllerBase;
use Drupal\Core\Messenger\MessengerInterface;
use Drupal\Core\Url;
use Drupal\security_review\Checklist;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\RequestStack;
class ToggleController extends ControllerBase {
protected $checklist;
protected $csrfToken;
protected $request;
public function __construct(CsrfTokenGenerator $csrf_token_generator, RequestStack $request, Checklist $checklist, MessengerInterface $messenger) {
$this->checklist = $checklist;
$this->csrfToken = $csrf_token_generator;
$this->request = $request
->getCurrentRequest();
$this->messenger = $messenger;
}
public static function create(ContainerInterface $container) {
return new static($container
->get('csrf_token'), $container
->get('request_stack'), $container
->get('security_review.checklist'), $container
->get('messenger'));
}
public function index($check_id) {
$ajax = $this->request->query
->get('js') == 1;
$token = $this->request->query
->get('token');
if ($this->csrfToken
->validate($token, $check_id)) {
$check = $this->checklist
->getCheckById($check_id);
if ($check != NULL) {
if ($check
->isSkipped()) {
$check
->enable();
}
else {
$check
->skip();
}
}
if ($ajax) {
return new JsonResponse([
'skipped' => $check
->isSkipped(),
'toggle_text' => $check
->isSkipped() ? $this
->t('Enable') : $this
->t('Skip'),
'toggle_href' => Url::fromRoute('security_review.toggle', [
'check_id' => $check
->id(),
], [
'query' => [
'token' => $this->csrfToken
->get($check
->id()),
'js' => 1,
],
])
->toString(),
]);
}
else {
if ($check
->isSkipped()) {
$this
->messenger()
->addMessage($this
->t('@name check skipped.', [
'@name' => $check
->getTitle(),
]));
}
else {
$this
->messenger()
->addMessage($this
->t('@name check no longer skipped.', [
'@name' => $check
->getTitle(),
]));
}
return $this
->redirect('security_review');
}
}
return $this
->redirect('security_review');
}
}
Classes
Name |
Description |
ToggleController |
Responsible for handling the toggle links on the Run & Review page. |