You are here

public function WebformExceptionHtmlSubscriber::on403RedirectEntityAccess in Webform 6.x

Same name and namespace in other branches
  1. 8.5 src/EventSubscriber/WebformExceptionHtmlSubscriber.php \Drupal\webform\EventSubscriber\WebformExceptionHtmlSubscriber::on403RedirectEntityAccess()

Redirect to user login when access is denied for webform or submission.

Parameters

\Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event: The event to process.

1 call to WebformExceptionHtmlSubscriber::on403RedirectEntityAccess()
WebformExceptionHtmlSubscriber::on403 in src/EventSubscriber/WebformExceptionHtmlSubscriber.php
Handles a 403 error for HTML.

File

src/EventSubscriber/WebformExceptionHtmlSubscriber.php, line 163

Class

WebformExceptionHtmlSubscriber
Event subscriber to redirect to login form when webform settings instruct to.

Namespace

Drupal\webform\EventSubscriber

Code

public function on403RedirectEntityAccess(GetResponseForExceptionEvent $event) {
  $url = Url::fromUserInput($event
    ->getRequest()
    ->getPathInfo());
  if (!$url) {
    return;
  }
  $route_parameters = $url
    ->isRouted() ? $url
    ->getRouteParameters() : [];
  if (empty($route_parameters['webform']) && empty($route_parameters['webform_submission'])) {
    return;
  }
  $config = $this->configFactory
    ->get('webform.settings');

  // If webform submission, handle login redirect.
  if (!empty($route_parameters['webform_submission'])) {
    $webform_submission = WebformSubmission::load($route_parameters['webform_submission']);
    $webform = $webform_submission
      ->getWebform();
    $submission_access_denied_message = $webform
      ->getSetting('submission_access_denied_message') ?: $config
      ->get('settings.default_submission_access_denied_message');
    switch ($webform
      ->getSetting('submission_access_denied')) {
      case WebformInterface::ACCESS_DENIED_LOGIN:
        $this
          ->redirectToLogin($event, $submission_access_denied_message, $webform_submission);
        break;
      case WebformInterface::ACCESS_DENIED_PAGE:

        // Must manually build access denied path so that base path is not
        // included.
        $this
          ->makeSubrequest($event, '/admin/structure/webform/manage/' . $webform
          ->id() . '/submission/' . $webform_submission
          ->id() . '/access-denied', Response::HTTP_FORBIDDEN);
        break;
      case WebformInterface::ACCESS_DENIED_DEFAULT:
      default:

        // Make the default 403 request so that we can add cacheable dependencies.
        $this
          ->makeSubrequest($event, $this
          ->getSystemSite403Path(), Response::HTTP_FORBIDDEN);
        break;
    }

    // Add cacheable dependencies.
    $response = $event
      ->getResponse();
    if ($response instanceof CacheableResponseInterface) {
      $response
        ->addCacheableDependency($webform);
      $response
        ->addCacheableDependency($webform_submission);
      $response
        ->addCacheableDependency($config);
    }
    return;
  }

  // If webform, handle access denied redirect or page.
  if (!empty($route_parameters['webform'])) {
    $webform = Webform::load($route_parameters['webform']);
    $webform_access_denied_message = $webform
      ->getSetting('form_access_denied_message') ?: $config
      ->get('settings.default_form_access_denied_message');
    switch ($webform
      ->getSetting('form_access_denied')) {
      case WebformInterface::ACCESS_DENIED_LOGIN:
        $this
          ->redirectToLogin($event, $webform_access_denied_message, $webform);
        break;
      case WebformInterface::ACCESS_DENIED_PAGE:

        // Must manually build access denied path so that base path is not
        // included.
        $this
          ->makeSubrequest($event, '/webform/' . $webform
          ->id() . '/access-denied', Response::HTTP_FORBIDDEN);
        break;
      case WebformInterface::ACCESS_DENIED_MESSAGE:

        // Display message.
        $this
          ->setMessage($webform_access_denied_message, $webform);

        // Make the default 403 request so that we can add cacheable dependencies.
        $this
          ->makeSubrequest($event, $this
          ->getSystemSite403Path(), Response::HTTP_FORBIDDEN);
        break;
      case WebformInterface::ACCESS_DENIED_DEFAULT:
      default:

        // Make the default 403 request so that we can add cacheable dependencies.
        $this
          ->makeSubrequest($event, $this
          ->getSystemSite403Path(), Response::HTTP_FORBIDDEN);
        break;
    }

    // Add cacheable dependencies.
    $response = $event
      ->getResponse();
    if ($response instanceof CacheableResponseInterface) {
      $response
        ->addCacheableDependency($webform);
      $response
        ->addCacheableDependency($config);
    }
    return;
  }
}