class AccessAwareRouter

Same name in other branches
  1. 8.9.x core/lib/Drupal/Core/Routing/AccessAwareRouter.php \Drupal\Core\Routing\AccessAwareRouter
  2. 10 core/lib/Drupal/Core/Routing/AccessAwareRouter.php \Drupal\Core\Routing\AccessAwareRouter
  3. 11.x core/lib/Drupal/Core/Routing/AccessAwareRouter.php \Drupal\Core\Routing\AccessAwareRouter

A router class for Drupal with access check and upcasting.

Hierarchy

Expanded class hierarchy of AccessAwareRouter

1 file declares its use of AccessAwareRouter
AccessAwareRouterTest.php in core/tests/Drupal/Tests/Core/Routing/AccessAwareRouterTest.php
1 string reference to 'AccessAwareRouter'
core.services.yml in core/core.services.yml
core/core.services.yml
1 service uses AccessAwareRouter
router in core/core.services.yml
Drupal\Core\Routing\AccessAwareRouter

File

core/lib/Drupal/Core/Routing/AccessAwareRouter.php, line 21

Namespace

Drupal\Core\Routing
View source
class AccessAwareRouter implements AccessAwareRouterInterface {
    
    /**
     * The router doing the actual routing.
     *
     * @var \Symfony\Component\Routing\Matcher\RequestMatcherInterface
     */
    protected $router;
    
    /**
     * The access manager.
     *
     * @var \Drupal\Core\Access\AccessManagerInterface
     */
    protected $accessManager;
    
    /**
     * The account to use in access checks.
     *
     * @var \Drupal\Core\Session\AccountInterface
     */
    protected $account;
    
    /**
     * Constructs a router for Drupal with access check and upcasting.
     *
     * @param \Symfony\Component\Routing\Matcher\RequestMatcherInterface $router
     *   The router doing the actual routing.
     * @param \Drupal\Core\Access\AccessManagerInterface $access_manager
     *   The access manager.
     * @param \Drupal\Core\Session\AccountInterface $account
     *   The account to use in access checks.
     */
    public function __construct(RequestMatcherInterface $router, AccessManagerInterface $access_manager, AccountInterface $account) {
        $this->router = $router;
        $this->accessManager = $access_manager;
        $this->account = $account;
    }
    
    /**
     * {@inheritdoc}
     */
    public function __call($name, $arguments) {
        // Ensure to call every other function to the router.
        return call_user_func_array([
            $this->router,
            $name,
        ], $arguments);
    }
    
    /**
     * {@inheritdoc}
     */
    public function setContext(SymfonyRequestContext $context) {
        if ($this->router instanceof RequestContextAwareInterface) {
            $this->router
                ->setContext($context);
        }
    }
    
    /**
     * {@inheritdoc}
     */
    public function getContext() {
        if ($this->router instanceof RequestContextAwareInterface) {
            return $this->router
                ->getContext();
        }
    }
    
    /**
     * {@inheritdoc}
     *
     * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
     *   Thrown when access checking failed.
     */
    public function matchRequest(Request $request) : array {
        $parameters = $this->router
            ->matchRequest($request);
        $request->attributes
            ->add($parameters);
        $this->checkAccess($request);
        // We can not return $parameters because the access check can change the
        // request attributes.
        return $request->attributes
            ->all();
    }
    
    /**
     * Apply access check service to the route and parameters in the request.
     *
     * @param \Symfony\Component\HttpFoundation\Request $request
     *   The request to access check.
     */
    protected function checkAccess(Request $request) {
        // The cacheability (if any) of this request's access check result must be
        // applied to the response.
        $access_result = $this->accessManager
            ->checkRequest($request, $this->account, TRUE);
        // Allow a master request to set the access result for a subrequest: if an
        // access result attribute is already set, don't overwrite it.
        if (!$request->attributes
            ->has(AccessAwareRouterInterface::ACCESS_RESULT)) {
            $request->attributes
                ->set(AccessAwareRouterInterface::ACCESS_RESULT, $access_result);
        }
        if (!$access_result->isAllowed()) {
            if ($access_result instanceof CacheableDependencyInterface && $request->isMethodCacheable()) {
                throw new CacheableAccessDeniedHttpException($access_result, $access_result instanceof AccessResultReasonInterface ? $access_result->getReason() : '');
            }
            else {
                throw new AccessDeniedHttpException($access_result instanceof AccessResultReasonInterface ? $access_result->getReason() : '');
            }
        }
    }
    
    /**
     * {@inheritdoc}
     */
    public function getRouteCollection() : RouteCollection {
        if ($this->router instanceof RouterInterface) {
            return $this->router
                ->getRouteCollection();
        }
    }
    
    /**
     * {@inheritdoc}
     */
    public function generate($name, $parameters = [], $referenceType = self::ABSOLUTE_PATH) : string {
        if ($this->router instanceof UrlGeneratorInterface) {
            return $this->router
                ->generate($name, $parameters, $referenceType);
        }
    }
    
    /**
     * {@inheritdoc}
     *
     * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
     *   Thrown when access checking failed.
     */
    public function match($pathinfo) : array {
        return $this->matchRequest(Request::create($pathinfo));
    }

}

Members

Title Sort descending Modifiers Object type Summary Overriden Title
AccessAwareRouter::$accessManager protected property The access manager.
AccessAwareRouter::$account protected property The account to use in access checks.
AccessAwareRouter::$router protected property The router doing the actual routing.
AccessAwareRouter::checkAccess protected function Apply access check service to the route and parameters in the request.
AccessAwareRouter::generate public function
AccessAwareRouter::getContext public function
AccessAwareRouter::getRouteCollection public function
AccessAwareRouter::match public function Overrides AccessAwareRouterInterface::match
AccessAwareRouter::matchRequest public function Overrides AccessAwareRouterInterface::matchRequest
AccessAwareRouter::setContext public function
AccessAwareRouter::__call public function
AccessAwareRouter::__construct public function Constructs a router for Drupal with access check and upcasting.
AccessAwareRouterInterface::ACCESS_RESULT constant Attribute name of the access result for the request..

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.