Chris@0: serviceProviderClasses['app']['update_kernel'] = 'Drupal\Core\Update\UpdateServiceProvider'; Chris@0: } Chris@0: Chris@0: /** Chris@0: * {@inheritdoc} Chris@0: */ Chris@0: protected function initializeContainer() { Chris@0: // Always force a container rebuild, in order to be able to override some Chris@0: // services, see \Drupal\Core\Update\UpdateServiceProvider. Chris@0: $this->containerNeedsRebuild = TRUE; Chris@0: $container = parent::initializeContainer(); Chris@0: return $container; Chris@0: } Chris@0: Chris@0: /** Chris@0: * {@inheritdoc} Chris@0: */ Chris@0: protected function cacheDrupalContainer(array $container_definition) { Chris@0: // Don't save this particular container to cache, so it does not leak into Chris@0: // the main site at all. Chris@0: return FALSE; Chris@0: } Chris@0: Chris@0: /** Chris@0: * {@inheritdoc} Chris@0: */ Chris@0: public function handle(Request $request, $type = self::MASTER_REQUEST, $catch = TRUE) { Chris@0: try { Chris@0: static::bootEnvironment(); Chris@0: Chris@0: // First boot up basic things, like loading the include files. Chris@0: $this->initializeSettings($request); Chris@0: $this->boot(); Chris@0: $container = $this->getContainer(); Chris@0: /** @var \Symfony\Component\HttpFoundation\RequestStack $request_stack */ Chris@0: $request_stack = $container->get('request_stack'); Chris@0: $request_stack->push($request); Chris@0: $this->preHandle($request); Chris@0: Chris@0: // Handle the actual request. We need the session both for authentication Chris@0: // as well as the DB update, like Chris@0: // \Drupal\system\Controller\DbUpdateController::batchFinished. Chris@0: $this->bootSession($request, $type); Chris@0: $result = $this->handleRaw($request); Chris@0: $this->shutdownSession($request); Chris@0: Chris@0: return $result; Chris@0: } Chris@0: catch (\Exception $e) { Chris@0: return $this->handleException($e, $request, $type); Chris@0: } Chris@0: } Chris@0: Chris@0: /** Chris@0: * Generates the actual result of update.php. Chris@0: * Chris@0: * The actual logic of the update is done in the db update controller. Chris@0: * Chris@0: * @param \Symfony\Component\HttpFoundation\Request $request Chris@0: * The incoming request. Chris@0: * Chris@0: * @return \Symfony\Component\HttpFoundation\Response Chris@0: * A response object. Chris@0: * Chris@0: * @see \Drupal\system\Controller\DbUpdateController Chris@0: */ Chris@0: protected function handleRaw(Request $request) { Chris@0: $container = $this->getContainer(); Chris@0: Chris@0: $this->handleAccess($request, $container); Chris@0: Chris@0: /** @var \Drupal\Core\Controller\ControllerResolverInterface $controller_resolver */ Chris@0: $controller_resolver = $container->get('controller_resolver'); Chris@0: Chris@0: /** @var callable $db_update_controller */ Chris@0: $db_update_controller = $controller_resolver->getControllerFromDefinition('\Drupal\system\Controller\DbUpdateController::handle'); Chris@0: Chris@0: $this->setupRequestMatch($request); Chris@0: Chris@0: $arguments = $controller_resolver->getArguments($request, $db_update_controller); Chris@0: return call_user_func_array($db_update_controller, $arguments); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Boots up the session. Chris@0: * Chris@0: * bootSession() + shutdownSession() basically simulates what Chris@0: * \Drupal\Core\StackMiddleware\Session does. Chris@0: * Chris@0: * @param \Symfony\Component\HttpFoundation\Request $request Chris@0: * The incoming request. Chris@0: */ Chris@0: protected function bootSession(Request $request) { Chris@0: $container = $this->getContainer(); Chris@0: /** @var \Symfony\Component\HttpFoundation\Session\SessionInterface $session */ Chris@0: $session = $container->get('session'); Chris@0: $session->start(); Chris@0: $request->setSession($session); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Ensures that the session is saved. Chris@0: * Chris@0: * @param \Symfony\Component\HttpFoundation\Request $request Chris@0: * The incoming request. Chris@0: */ Chris@0: protected function shutdownSession(Request $request) { Chris@0: if ($request->hasSession()) { Chris@0: $request->getSession()->save(); Chris@0: } Chris@0: } Chris@0: Chris@0: /** Chris@0: * Set up the request with fake routing data for update.php. Chris@0: * Chris@0: * This fake routing data is needed in order to make batch API work properly. Chris@0: * Chris@0: * @param \Symfony\Component\HttpFoundation\Request $request Chris@0: * The incoming request. Chris@0: */ Chris@0: protected function setupRequestMatch(Request $request) { Chris@0: $path = $request->getPathInfo(); Chris@0: $args = explode('/', ltrim($path, '/')); Chris@0: Chris@0: $request->attributes->set(RouteObjectInterface::ROUTE_NAME, 'system.db_update'); Chris@0: $request->attributes->set(RouteObjectInterface::ROUTE_OBJECT, $this->getContainer()->get('router.route_provider')->getRouteByName('system.db_update')); Chris@0: $op = $args[0] ?: 'info'; Chris@0: $request->attributes->set('op', $op); Chris@0: $request->attributes->set('_raw_variables', new ParameterBag(['op' => $op])); Chris@0: } Chris@0: Chris@0: /** Chris@0: * Checks if the current user has rights to access updates page. Chris@0: * Chris@0: * If the current user does not have the rights, an exception is thrown. Chris@0: * Chris@0: * @param \Symfony\Component\HttpFoundation\Request $request Chris@0: * The incoming request. Chris@0: * Chris@0: * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException Chris@0: * Thrown when update.php should not be accessible. Chris@0: */ Chris@0: protected function handleAccess(Request $request) { Chris@0: /** @var \Drupal\Core\Authentication\AuthenticationManager $authentication_manager */ Chris@0: $authentication_manager = $this->getContainer()->get('authentication'); Chris@0: $account = $authentication_manager->authenticate($request) ?: new AnonymousUserSession(); Chris@0: Chris@0: /** @var \Drupal\Core\Session\AccountProxyInterface $current_user */ Chris@0: $current_user = $this->getContainer()->get('current_user'); Chris@0: $current_user->setAccount($account); Chris@0: Chris@0: /** @var \Drupal\system\Access\DbUpdateAccessCheck $db_update_access */ Chris@0: $db_update_access = $this->getContainer()->get('access_check.db_update'); Chris@0: Chris@0: if (!Settings::get('update_free_access', FALSE) && !$db_update_access->access($account)->isAllowed()) { Chris@16: throw new AccessDeniedHttpException('In order to run update.php you need to either have "Administer software updates" permission or have set $settings[\'update_free_access\'] in your settings.php.'); Chris@0: } Chris@0: } Chris@0: Chris@0: }