Chris@0: addCommand(new SetSubtreesCommand($subtrees)); Chris@0: Chris@0: // The Expires HTTP header is the heart of the client-side HTTP caching. The Chris@0: // additional server-side page cache only takes effect when the client Chris@0: // accesses the callback URL again (e.g., after clearing the browser cache Chris@0: // or when force-reloading a Drupal page). Chris@0: $max_age = 365 * 24 * 60 * 60; Chris@0: $response->setPrivate(); Chris@0: $response->setMaxAge($max_age); Chris@0: Chris@0: $expires = new \DateTime(); Chris@0: $expires->setTimestamp(REQUEST_TIME + $max_age); Chris@0: $response->setExpires($expires); Chris@0: Chris@0: return $response; Chris@0: } Chris@0: Chris@0: /** Chris@0: * Checks access for the subtree controller. Chris@0: * Chris@0: * @param string $hash Chris@0: * The hash of the toolbar subtrees. Chris@0: * Chris@0: * @return \Drupal\Core\Access\AccessResultInterface Chris@0: * The access result. Chris@0: */ Chris@0: public function checkSubTreeAccess($hash) { Chris@0: $expected_hash = _toolbar_get_subtrees_hash()[0]; Chris@0: return AccessResult::allowedIf($this->currentUser()->hasPermission('access toolbar') && Crypt::hashEquals($expected_hash, $hash))->cachePerPermissions(); Chris@0: } Chris@0: Chris@0: }