forked from eileenmcnaughton/civicrm_entity
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge remote-tracking branch 'upstream/4.0.x' into search-api
* upstream/4.0.x: Support for basefield overrides (eileenmcnaughton#496) update tests, 10.3 official, and 5.75 (eileenmcnaughton#490) check for metatag_computed field, for Drupal entity based saves with Metatag 2.0 (eileenmcnaughton#489) use LoggerChannelFactoryInterface instead of default service (eileenmcnaughton#488) update tests for 10.3 and 11 (eileenmcnaughton#484) fix edge case updating base field definition for bundles (eileenmcnaughton#487) Add patch from https://www.drupal.org/project/civicrm_entity/issues/3447309. (eileenmcnaughton#486) Fix metatag not loading. (eileenmcnaughton#481) update settings form for D11 compatibility (eileenmcnaughton#485) adding logger parameter to ModulerInstaller service (eileenmcnaughton#483) update composer.json for Drupal 11 (eileenmcnaughton#482) deprecation fixes for D11 (eileenmcnaughton#480) Adds Checksum validation solution for Drupal Views (eileenmcnaughton#478) Add pcp. (eileenmcnaughton#477) supportedentities update AllCoreTables function (eileenmcnaughton#479)
- Loading branch information
Showing
14 changed files
with
315 additions
and
22 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,87 @@ | ||
<?php | ||
|
||
namespace Drupal\civicrm_entity\Access; | ||
|
||
use Civi\Api4\Contact; | ||
use Drupal\civicrm_entity\CiviCrmApiInterface; | ||
use Drupal\Core\Access\AccessResult; | ||
use Drupal\Core\Logger\LoggerChannelTrait; | ||
use Drupal\Core\Routing\Access\AccessInterface; | ||
use Drupal\Core\Session\AccountInterface; | ||
use Symfony\Component\HttpFoundation\RequestStack; | ||
use Symfony\Component\Routing\Route; | ||
|
||
/** | ||
* Checks access for displaying views using the ContactChecksum plugin. | ||
*/ | ||
class ContactChecksumCheckAccess implements AccessInterface { | ||
|
||
use LoggerChannelTrait; | ||
|
||
/** | ||
* The request stack. | ||
* | ||
* @var \Symfony\Component\HttpFoundation\RequestStack | ||
*/ | ||
protected $requestStack; | ||
|
||
/** | ||
* The CiviCRM API service. | ||
* | ||
* @var \Drupal\civicrm_entity\CiviCrmApiInterface | ||
*/ | ||
protected $civicrmApi; | ||
|
||
/** | ||
* Constructs a ContactChecksumCheckAccess object. | ||
* | ||
* @param \Symfony\Component\HttpFoundation\RequestStack $request_stack | ||
* The request stack. | ||
* @param \Drupal\civicrm_entity\CiviCrmApiInterface $civicrm_api | ||
* The CiviCRM API bridge. | ||
*/ | ||
public function __construct(RequestStack $request_stack, CiviCrmApiInterface $civicrm_api) { | ||
$this->requestStack = $request_stack; | ||
$this->civicrmApi = $civicrm_api; | ||
} | ||
|
||
/** | ||
* A custom access check. | ||
* | ||
* @param \Drupal\Core\Session\AccountInterface $account | ||
* Run access checks for this account. | ||
* @param \Symfony\Component\Routing\Route $route | ||
* The route for which an access check is being done. | ||
* | ||
* @return \Drupal\Core\Access\AccessResultInterface | ||
* The access result. | ||
*/ | ||
public function access(AccountInterface $account, Route $route) { | ||
$options = unserialize($route->getRequirement('var_options')); | ||
|
||
$access_by_role = !empty(array_intersect(array_filter($options['role']), $account->getRoles())); | ||
if ($access_by_role) { | ||
$this->getlogger('ContactChecksumCheckAccess')->info('Access by role'); | ||
return AccessResult::allowed(); | ||
} | ||
$request = $this->requestStack->getCurrentRequest(); | ||
|
||
$cid1 = filter_var($request->query->get('cid1'), FILTER_VALIDATE_INT, ['options' => ['min_range' => 1]]); | ||
$checksum = $request->query->get('cs'); | ||
|
||
if (empty($cid1) || empty($checksum)) { | ||
$this->getlogger('ContactChecksumCheckAccess')->info('No cid1 or cs param'); | ||
return AccessResult::forbidden(); | ||
} | ||
|
||
// This forces a call to Civicrm initialize. | ||
$this->civicrmApi->getFields('Contact'); | ||
|
||
$results = Contact::validateChecksum(FALSE) | ||
->setContactId($cid1) | ||
->setChecksum($checksum) | ||
->execute(); | ||
return empty($results[0]['valid']) ? AccessResult::forbidden() : AccessResult::allowed(); | ||
} | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.