drupalorg-1.0.x-dev/src/EventSubscriber/AllowedEntities.php
src/EventSubscriber/AllowedEntities.php
<?php
namespace Drupal\drupalorg\EventSubscriber;
use Drupal\Core\Messenger\MessengerInterface;
use Drupal\Core\Routing\CurrentRouteMatch;
use Drupal\Core\Routing\TrustedRedirectResponse;
use Drupal\Core\Session\AccountInterface;
use Drupal\Core\Site\Settings;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\KernelEvents;
/**
* Event handler that restricts entities that can be seen.
*/
class AllowedEntities implements EventSubscriberInterface {
/**
* The current user.
*
* @var \Drupal\Core\Session\AccountInterface
*/
private $currentUser;
/**
* Route match service.
*
* @var \Drupal\Core\Routing\CurrentRouteMatch
*/
protected $currentRouteMatch;
/**
* The messenger.
*
* @var \Drupal\Core\Messenger\MessengerInterface
*/
protected $messenger;
/**
* AllowedEntities constructor.
*
* @param \Drupal\Core\Session\AccountInterface $current_user
* The current user.
* @param \Drupal\Core\Routing\CurrentRouteMatch $current_route_match
* The current route.
* @param \Drupal\Core\Messenger\MessengerInterface $messenger
* The messenger.
*/
public function __construct(AccountInterface $current_user, CurrentRouteMatch $current_route_match, MessengerInterface $messenger) {
$this->currentUser = $current_user;
$this->currentRouteMatch = $current_route_match;
$this->messenger = $messenger;
}
/**
* {@inheritdoc}
*/
public static function getSubscribedEvents(): array {
$events[KernelEvents::REQUEST][] = ['checkContentType'];
return $events;
}
/**
* Checks the user allowed to log in.
*
* @param \Symfony\Component\HttpKernel\Event\RequestEvent $event
* The Event to process.
*/
public function checkContentType(RequestEvent $event) {
// Users view/edit is not ready yet.
$user = $this->currentRouteMatch->getParameter('user');
if ($user) {
// User credit listing is allowed on the new site.
if (in_array($this->currentRouteMatch->getRouteName(), [
'contribution_records.listing_by_user',
'contribution_records.summary_by_user',
'drupalorg.mailman_subscribe',
])) {
return $event;
}
if (/* $this->currentUser->id() !== $user->id() && */!$this->currentUser->hasPermission('administer users')) {
$response = new TrustedRedirectResponse('https://www.drupal.org/user/' . $user->id());
$event->setResponse($response);
}
else {
$this->messenger->addWarning(t('User information is synced via migrations. Any change made here will be lost.'));
}
}
$term = $this->currentRouteMatch->getParameter('taxonomy_term');
if ($term) {
/** @var \Drupal\taxonomy\TermInterface $term */
$allowed_vocabularies = Settings::get('drupalorg_allowed_vocabularies');
if (is_array($allowed_vocabularies) && array_search('*', $allowed_vocabularies) === FALSE) {
if (!in_array($term->bundle(), $allowed_vocabularies)) {
$legacy_url = 'https://www.drupal.org';
if ($this->currentUser->hasPermission('administer taxonomy')) {
$this->messenger->addWarning(t('%type is not fully enabled in new.drupal.org, this is an admin-only preview.', [
'%type' => $term->bundle(),
]));
}
else {
$response = new TrustedRedirectResponse($legacy_url);
$event->setResponse($response);
}
}
}
}
// Only some content types are allowed to view and edit on the new site.
$allowed_types = Settings::get('drupalorg_allowed_content_types');
$allowed_types_view_only = Settings::get('drupalorg_allowed_content_types_view_only');
if (is_array($allowed_types) && array_search('*', $allowed_types) === FALSE) {
$node = $this->currentRouteMatch->getParameter('node');
if ($node) {
// Organization credit listing is allowed on the new site.
if (
$this->currentRouteMatch->getRouteName() === 'contribution_records.listing_by_organization' ||
$this->currentRouteMatch->getRouteName() === 'contribution_records.listing_by_organization_by_user' ||
$this->currentRouteMatch->getRouteName() === 'contribution_records.summary_by_organization'
) {
return $event;
}
/** @var \Drupal\node\Entity\Node $node */
if (!in_array($node->bundle(), $allowed_types)) {
// /i/{nid} redirects through to the aliased URL on www.drupal.org.
$legacy_url = 'https://www.drupal.org/i/' . $node->id();
if ($this->currentUser->hasPermission('bypass node access')) {
$this->messenger->addWarning(t('%type is not fully migrated to new.drupal.org, this is an admin-only preview. <a href=":url">View on www.drupal.org</a>', [
'%type' => $node->bundle(),
':url' => $legacy_url,
]));
}
// If it is a view-only type, allow viewing.
elseif (is_array($allowed_types_view_only) && in_array($node->bundle(), $allowed_types_view_only)) {
if ($this->currentUser->id() === $node->getOwnerId()) {
$edit_url = 'https://www.drupal.org/node/' . $node->id() . '/edit';
$this->messenger->addWarning(t('If you need to edit this %type, do it on the old site. <a href=":url">Edit</a>', [
'%type' => $node->bundle(),
':url' => $edit_url,
]));
}
}
else {
$response = new TrustedRedirectResponse($legacy_url);
$event->setResponse($response);
}
}
}
// Node add form.
$node_type = $this->currentRouteMatch->getParameter('node_type');
if ($node_type && $this->currentRouteMatch->getRouteName() === 'node.add') {
/** @var \Drupal\Node\Entity\NodeType $node_type */
if (!in_array($node_type->id(), $allowed_types)) {
$this->messenger->addWarning(t('It is not allowed to create %type pages in the site yet.', [
'%type' => $node_type->id(),
]));
$response = new RedirectResponse('/');
$event->setResponse($response);
}
}
}
return $event;
}
}
