view core/lib/Drupal/Core/EventSubscriber/RouteEnhancerSubscriber.php @ 13:5fb285c0d0e3

Update Drupal core to 8.4.7 via Composer. Security update; I *think* we've been lucky to get away with this so far, as we don't support self-registration which seems to be used by the so-called "drupalgeddon 2" attack that 8.4.5 was vulnerable to.
author Chris Cannam
date Mon, 23 Apr 2018 09:33:26 +0100
parents 4c8ae668cc8c
children
line wrap: on
line source
<?php

namespace Drupal\Core\EventSubscriber;

use Drupal\Core\Routing\LazyRouteEnhancer;
use Drupal\Core\Routing\RouteBuildEvent;
use Drupal\Core\Routing\RoutingEvents;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;

/**
 * Listens to the new routes before they get saved.
 */
class RouteEnhancerSubscriber implements EventSubscriberInterface {

  /**
   * @var \Drupal\Core\Routing\LazyRouteEnhancer
   */
  protected $routeEnhancer;

  /**
   * Constructs the RouteEnhancerSubscriber object.
   *
   * @param \Drupal\Core\Routing\LazyRouteEnhancer $route_enhancer
   *   The lazy route enhancer.
   */
  public function __construct(LazyRouteEnhancer $route_enhancer) {
    $this->routeEnhancer = $route_enhancer;
  }

  /**
   * Adds the route_enhancer object to the route collection.
   *
   * @param \Drupal\Core\Routing\RouteBuildEvent $event
   *   The route build event.
   */
  public function onRouteAlter(RouteBuildEvent $event) {
    $this->routeEnhancer->setEnhancers($event->getRouteCollection());
  }

  /**
   * {@inheritdoc}
   */
  public static function getSubscribedEvents() {
    $events[RoutingEvents::ALTER][] = ['onRouteAlter', -300];
    return $events;
  }

}