-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathsecurepages.module
103 lines (84 loc) · 3.37 KB
/
securepages.module
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<?php
/**
* @file
* Allows certain pages to be viewable only via HTTPS.
*/
use Drupal\Component\Utility\UrlHelper;
use Drupal\Core\Url;
function securepages_form_alter(&$form, &$form_state, $form_id) {
global $is_https, $user, $language;
$config = \Drupal::config('securepages.settings');
$securepages_enable = $config->get('securepages_enable');
$securepages_switch = $config->get('securepages_switch');
$securepagesservice = \Drupal::service('securepages.securepagesservice');
if (!$securepages_enable) {
return;
}
$securePagesCanAlterUrl = $securepagesservice->securePagesCanAlterUrl($form['#action']);
if (isset($form['#action']) && $securePagesCanAlterUrl) {
// Remove the base_path, and extract the path component.
$url = substr(rawurldecode($form['#action']), strlen(base_path()));
// Filter out any language prefixes as it will be automatically added to
// the URL again.
// @todo: language prefix
$langcode = \Drupal::languageManager()->getCurrentLanguage()->getId();
if (!empty($language->prefix) && preg_match('/^' . $language->prefix . '/', $url) > 0) {
$url = preg_replace('/^' . $language->prefix . '\//', '', $url);
}
$url = UrlHelper::parse($url);
$path = \Drupal::service('path.alias_manager')->getPathByAlias($url['path'], $langcode);
$page_match = $securepagesservice->securePagesMatch($path);
$role_match = $securepagesservice->securePagesRoles($user);
if ($role_match) {
if (!$is_https) {
$form['#https'] = TRUE;
}
return;
}
if (isset($form['#https'])) {
// if the #https is set don't reset it as module that set it knows better.
}
elseif ($page_match && !$is_https) {
$form['#https'] = TRUE;
}
elseif ($page_match === 0 && $is_https && $securepages_switch) {
$url['https'] = FALSE;
$url['absolute'] = TRUE;
$form['#action'] = Url::fromUri($url['path'], $url)->toString();
}
}
// Check to see if this form needs to be secured.
$args = $form_state->getBuildInfo()['args'];
$secure_form = securepages_match_form($form_id, $args);
if (!$is_https && $secure_form) {
$form['#https'] = TRUE;
}
}
/**
* Check form Id to see if this form should be secured.
*/
function securepages_match_form($form_id, $args = array()) {
$forms = & drupal_static(__FUNCTION__);
$securepagesservice = \Drupal::service('securepages.securepagesservice');
$config = \Drupal::config('securepages.settings');
$securepages_forms = $config->get('securepages_forms');
$form_match = \Drupal::service('path.matcher')->matchPath($form_id, $securepages_forms);
if ($form_match) {
$securepagesservice->securePagesLog('Secure Form (Form: "@path", Line: @line, Pattern: "@pattern")', $form_id, $securepages_forms);
return TRUE;
}
if (!isset($forms)) {
//$forms = module_invoke_all('forms', $form_id, $args);
//@todo:check functionality
\Drupal::moduleHandler()->invokeAll('forms', $args);
}
if (isset($forms[$form_id])) {
$form_definition = $forms[$form_id];
$form_callback_match = \Drupal::service('path.matcher')->matchPath($form_definition['callback'], $securepages_forms);
if ($form_callback_match) {
$securepagesservice->securePagesLog('Secure Form (Path: "@path", Line: @line, Pattern: "@pattern")', $form_definition['callback'], $securepages_forms);
return TRUE;
}
}
return FALSE;
}