Chris@0: <?php
Chris@0: 
Chris@0: namespace Drupal\Core\Session;
Chris@0: 
Chris@0: /**
Chris@0:  * An implementation of AccountSwitcherInterface.
Chris@0:  *
Chris@0:  * This allows for safe switching of user accounts by ensuring that session
Chris@0:  * data for one user is not leaked in to others. It also provides a stack that
Chris@0:  * allows reverting to a previous user after switching.
Chris@0:  */
Chris@0: class AccountSwitcher implements AccountSwitcherInterface {
Chris@0: 
Chris@0:   /**
Chris@0:    * A stack of previous overridden accounts.
Chris@0:    *
Chris@0:    * @var \Drupal\Core\Session\AccountInterface[]
Chris@0:    */
Chris@0:   protected $accountStack = [];
Chris@0: 
Chris@0:   /**
Chris@0:    * The current user service.
Chris@0:    *
Chris@0:    * @var \Drupal\Core\Session\AccountProxyInterface
Chris@0:    */
Chris@0:   protected $currentUser = [];
Chris@0: 
Chris@0:   /**
Chris@0:    * The write-safe session handler.
Chris@0:    *
Chris@0:    * @var \Drupal\Core\Session\WriteSafeSessionHandlerInterface
Chris@0:    */
Chris@0:   protected $writeSafeHandler;
Chris@0: 
Chris@0:   /**
Chris@0:    * The original state of session saving prior to account switching.
Chris@0:    *
Chris@0:    * @var bool
Chris@0:    */
Chris@0:   protected $originalSessionSaving;
Chris@0: 
Chris@0:   /**
Chris@0:    * Constructs a new AccountSwitcher.
Chris@0:    *
Chris@0:    * @param \Drupal\Core\Session\AccountProxyInterface $current_user
Chris@0:    *   The current user service.
Chris@0:    * @param \Drupal\Core\Session\WriteSafeSessionHandlerInterface $write_safe_handler
Chris@0:    *   The write-safe session handler.
Chris@0:    */
Chris@0:   public function __construct(AccountProxyInterface $current_user, WriteSafeSessionHandlerInterface $write_safe_handler) {
Chris@0:     $this->currentUser = $current_user;
Chris@0:     $this->writeSafeHandler = $write_safe_handler;
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * {@inheritdoc}
Chris@0:    */
Chris@0:   public function switchTo(AccountInterface $account) {
Chris@0:     // Prevent session information from being saved and push previous account.
Chris@0:     if (!isset($this->originalSessionSaving)) {
Chris@0:       // Ensure that only the first session saving status is saved.
Chris@0:       $this->originalSessionSaving = $this->writeSafeHandler->isSessionWritable();
Chris@0:     }
Chris@0:     $this->writeSafeHandler->setSessionWritable(FALSE);
Chris@0:     array_push($this->accountStack, $this->currentUser->getAccount());
Chris@0:     $this->currentUser->setAccount($account);
Chris@0:     return $this;
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * {@inheritdoc}
Chris@0:    */
Chris@0:   public function switchBack() {
Chris@0:     // Restore the previous account from the stack.
Chris@0:     if (!empty($this->accountStack)) {
Chris@0:       $this->currentUser->setAccount(array_pop($this->accountStack));
Chris@0:     }
Chris@0:     else {
Chris@0:       throw new \RuntimeException('No more accounts to revert to.');
Chris@0:     }
Chris@0:     // Restore original session saving status if all account switches are
Chris@0:     // reverted.
Chris@0:     if (empty($this->accountStack)) {
Chris@0:       if ($this->originalSessionSaving) {
Chris@0:         $this->writeSafeHandler->setSessionWritable(TRUE);
Chris@0:       }
Chris@0:     }
Chris@0:     return $this;
Chris@0:   }
Chris@0: 
Chris@0: }