Chris@0: <?php
Chris@0: 
Chris@0: namespace Drupal\user\EventSubscriber;
Chris@0: 
Chris@0: use Drupal\Core\Session\AccountInterface;
Chris@0: use Drupal\Core\Routing\RouteMatch;
Chris@18: use Drupal\Core\Url;
Chris@0: use Symfony\Component\EventDispatcher\EventSubscriberInterface;
Chris@18: use Symfony\Component\HttpFoundation\RedirectResponse;
Chris@0: use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
Chris@0: use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
Chris@0: use Symfony\Component\HttpKernel\KernelEvents;
Chris@0: 
Chris@0: /**
Chris@0:  * Redirects users when access is denied.
Chris@0:  *
Chris@0:  * Anonymous users are taken to the login page when attempting to access the
Chris@0:  * user profile pages. Authenticated users are redirected from the login form to
Chris@0:  * their profile page and from the user registration form to their profile edit
Chris@0:  * form.
Chris@0:  */
Chris@0: class AccessDeniedSubscriber implements EventSubscriberInterface {
Chris@0: 
Chris@0:   /**
Chris@0:    * The current user.
Chris@0:    *
Chris@0:    * @var \Drupal\Core\Session\AccountInterface
Chris@0:    */
Chris@0:   protected $account;
Chris@0: 
Chris@0:   /**
Chris@0:    * Constructs a new redirect subscriber.
Chris@0:    *
Chris@0:    * @param \Drupal\Core\Session\AccountInterface $account
Chris@0:    *   The current user.
Chris@0:    */
Chris@18:   public function __construct(AccountInterface $account) {
Chris@0:     $this->account = $account;
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * Redirects users when access is denied.
Chris@0:    *
Chris@0:    * @param \Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent $event
Chris@0:    *   The event to process.
Chris@0:    */
Chris@0:   public function onException(GetResponseForExceptionEvent $event) {
Chris@0:     $exception = $event->getException();
Chris@0:     if ($exception instanceof AccessDeniedHttpException) {
Chris@0:       $route_name = RouteMatch::createFromRequest($event->getRequest())->getRouteName();
Chris@18:       $redirect_url = NULL;
Chris@0:       if ($this->account->isAuthenticated()) {
Chris@0:         switch ($route_name) {
Chris@0:           case 'user.login';
Chris@0:             // Redirect an authenticated user to the profile page.
Chris@18:             $redirect_url = Url::fromRoute('entity.user.canonical', ['user' => $this->account->id()], ['absolute' => TRUE]);
Chris@0:             break;
Chris@0: 
Chris@0:           case 'user.register';
Chris@0:             // Redirect an authenticated user to the profile form.
Chris@18:             $redirect_url = Url::fromRoute('entity.user.edit_form', ['user' => $this->account->id()], ['absolute' => TRUE]);
Chris@0:             break;
Chris@0:         }
Chris@0:       }
Chris@0:       elseif ($route_name === 'user.page') {
Chris@18:         $redirect_url = Url::fromRoute('user.login', [], ['absolute' => TRUE]);
Chris@18:       }
Chris@18: 
Chris@18:       if ($redirect_url) {
Chris@18:         $event->setResponse(new RedirectResponse($redirect_url->toString()));
Chris@0:       }
Chris@0:     }
Chris@0:   }
Chris@0: 
Chris@0:   /**
Chris@0:    * {@inheritdoc}
Chris@0:    */
Chris@0:   public static function getSubscribedEvents() {
Chris@0:     // Use a higher priority than
Chris@0:     // \Drupal\Core\EventSubscriber\ExceptionLoggingSubscriber, because there's
Chris@0:     // no need to log the exception if we can redirect.
Chris@0:     $events[KernelEvents::EXCEPTION][] = ['onException', 75];
Chris@0:     return $events;
Chris@0:   }
Chris@0: 
Chris@0: }