diff --git a/core/includes/common.inc b/core/includes/common.inc index 3706049..fa4c0c9 100644 --- a/core/includes/common.inc +++ b/core/includes/common.inc @@ -699,19 +699,6 @@ function drupal_site_offline() { } /** - * Delivers an "access denied" error to the browser. - * - * Page callback functions wanting to report an "access denied" message should - * return MENU_ACCESS_DENIED instead of calling drupal_access_denied(). However, - * functions that are invoked in contexts where that return value might not - * bubble up to menu_execute_active_handler() should call - * drupal_access_denied(). - */ -function drupal_access_denied() { - throw new AccessDeniedHttpException(); -} - -/** * Performs an HTTP request. * * This is a flexible and powerful HTTP client implementation. Correctly diff --git a/core/includes/file.inc b/core/includes/file.inc index 73aab5f..133d64f 100644 --- a/core/includes/file.inc +++ b/core/includes/file.inc @@ -1943,9 +1943,9 @@ function file_transfer($uri, $headers) { * Call modules that implement hook_file_download() to find out if a file is * accessible and what headers it should be transferred with. If one or more * modules returned headers the download will start with the returned headers. - * If a module returns -1 drupal_access_denied() will be returned. If the file - * exists but no modules responded drupal_access_denied() will be returned. - * If the file does not exist a NotFoundHttpException will be thrown. + * If a module returns -1 an AccessDeniedHttpException will be thrown. + * If the file exists but no modules responded an AccessDeniedHttpException will + * be thrown.If the file does not exist a NotFoundHttpException will be thrown. * * @see hook_file_download() * @see system_menu() diff --git a/core/modules/aggregator/aggregator.admin.inc b/core/modules/aggregator/aggregator.admin.inc index c064e4f..7759750 100644 --- a/core/modules/aggregator/aggregator.admin.inc +++ b/core/modules/aggregator/aggregator.admin.inc @@ -5,6 +5,8 @@ * Admin page callbacks for the aggregator module. */ +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; + /** * Page callback: Displays the aggregator administration page. * @@ -411,7 +413,7 @@ function aggregator_admin_refresh_feed($feed) { // generation. Add token support to routing: http://drupal.org/node/755584. $token = request()->query->get('token'); if (!isset($token) || !drupal_valid_token($token, 'aggregator/update/' . $feed->fid)) { - drupal_access_denied(); + throw new AccessDeniedHttpException(); } aggregator_refresh($feed); diff --git a/core/modules/book/book.pages.inc b/core/modules/book/book.pages.inc index c00fb6f..3ca79bd 100644 --- a/core/modules/book/book.pages.inc +++ b/core/modules/book/book.pages.inc @@ -6,6 +6,7 @@ */ use Drupal\node\Node; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** @@ -89,7 +90,7 @@ function book_export_html($nid) { } } else { - drupal_access_denied(); + throw new AccessDeniedHttpException(); } } diff --git a/core/modules/comment/comment.pages.inc b/core/modules/comment/comment.pages.inc index 39b8a24..051fd83 100644 --- a/core/modules/comment/comment.pages.inc +++ b/core/modules/comment/comment.pages.inc @@ -6,6 +6,7 @@ */ use Drupal\node\Node; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** @@ -113,7 +114,7 @@ function comment_approve($cid) { // generation. Add token support to routing: http://drupal.org/node/755584. $token = request()->query->get('token'); if (!isset($token) || !drupal_valid_token($token, "comment/$cid/approve")) { - drupal_access_denied(); + throw new AccessDeniedHttpException(); } if ($comment = comment_load($cid)) { diff --git a/core/modules/contact/contact.pages.inc b/core/modules/contact/contact.pages.inc index a1c2926..2a27cf1 100644 --- a/core/modules/contact/contact.pages.inc +++ b/core/modules/contact/contact.pages.inc @@ -5,6 +5,7 @@ * Page callbacks for the Contact module. */ +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; /** @@ -23,8 +24,7 @@ function contact_site_form($form, &$form_state) { $window = variable_get('contact_threshold_window', 3600); if (!flood_is_allowed('contact', $limit, $window) && !user_access('administer contact forms')) { drupal_set_message(t("You cannot send more than %limit messages in @interval. Try again later.", array('%limit' => $limit, '@interval' => format_interval($window))), 'error'); - drupal_access_denied(); - drupal_exit(); + throw new AccessDeniedHttpException(); } // Get an array of the categories and the current default category. @@ -184,8 +184,7 @@ function contact_personal_form($form, &$form_state, $recipient) { $window = variable_get('contact_threshold_window', 3600); if (!flood_is_allowed('contact', $limit, $window) && !user_access('administer contact forms') && !user_access('administer users')) { drupal_set_message(t("You cannot send more than %limit messages in @interval. Try again later.", array('%limit' => $limit, '@interval' => format_interval($window))), 'error'); - drupal_access_denied(); - drupal_exit(); + throw new AccessDeniedHttpException(); } drupal_set_title(t('Contact @username', array('@username' => user_format_name($recipient))), PASS_THROUGH); diff --git a/core/modules/image/image.module b/core/modules/image/image.module index 973f36a..905e6a7 100644 --- a/core/modules/image/image.module +++ b/core/modules/image/image.module @@ -7,6 +7,7 @@ use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\StreamedResponse; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Drupal\Core\File\File; /** @@ -695,7 +696,7 @@ function image_style_deliver($style, $scheme) { else { $headers = module_invoke_all('file_download', $image_uri); if (in_array(-1, $headers) || empty($headers)) { - return drupal_access_denied(); + throw new AccessDeniedHttpException(); } if (count($headers)) { foreach ($headers as $name => $value) { diff --git a/core/modules/menu/menu.admin.inc b/core/modules/menu/menu.admin.inc index 2e1725d..496ff88 100644 --- a/core/modules/menu/menu.admin.inc +++ b/core/modules/menu/menu.admin.inc @@ -5,6 +5,8 @@ * Administrative page callbacks for menu module. */ +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; + /** * Menu callback which shows an overview page of all the custom menus and their descriptions. */ @@ -506,8 +508,7 @@ function menu_delete_menu_page($menu) { // System-defined menus may not be deleted. $system_menus = menu_list_system_menus(); if (isset($system_menus[$menu['menu_name']])) { - drupal_access_denied(); - return; + throw new AccessDeniedHttpException(); } return drupal_get_form('menu_delete_menu_confirm', $menu); } @@ -616,8 +617,7 @@ function menu_item_delete_page($item) { // Links defined via hook_menu may not be deleted. Updated items are an // exception, as they can be broken. if ($item['module'] == 'system' && !$item['updated']) { - drupal_access_denied(); - return; + throw new AccessDeniedHttpException(); } return drupal_get_form('menu_item_delete_form', $item); } diff --git a/core/modules/overlay/overlay.module b/core/modules/overlay/overlay.module index 5fdd453..7fb7e0b 100644 --- a/core/modules/overlay/overlay.module +++ b/core/modules/overlay/overlay.module @@ -6,6 +6,7 @@ */ use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; /** * Implements hook_help(). @@ -334,7 +335,7 @@ function overlay_user_dismiss_message() { // generation. Add token support to routing: http://drupal.org/node/755584. $token = request()->query->get('token'); if (!isset($token) || !drupal_valid_token($token, 'overlay')) { - drupal_access_denied(); + throw new AccessDeniedHttpException(); } $account = user_load($user->uid); diff --git a/core/modules/shortcut/shortcut.admin.inc b/core/modules/shortcut/shortcut.admin.inc index 9010f90..9f1888a 100644 --- a/core/modules/shortcut/shortcut.admin.inc +++ b/core/modules/shortcut/shortcut.admin.inc @@ -5,6 +5,8 @@ * Administrative page callbacks for the shortcut module. */ +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; + /** * Returns the maximum number of shortcut "slots" available per shortcut set. * @@ -775,5 +777,5 @@ function shortcut_link_add_inline($shortcut_set) { drupal_goto(); } - return drupal_access_denied(); + throw new AccessDeniedHttpException(); } diff --git a/core/modules/system/system.admin.inc b/core/modules/system/system.admin.inc index a31e278..33c89f5 100644 --- a/core/modules/system/system.admin.inc +++ b/core/modules/system/system.admin.inc @@ -6,6 +6,7 @@ */ use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; /** * Menu callback; Provide the administration overview page. @@ -280,7 +281,7 @@ function system_theme_enable() { } drupal_goto('admin/appearance'); } - return drupal_access_denied(); + throw new AccessDeniedHttpException(); } /** @@ -308,7 +309,7 @@ function system_theme_disable() { } drupal_goto('admin/appearance'); } - return drupal_access_denied(); + throw new AccessDeniedHttpException(); } /** @@ -355,7 +356,7 @@ function system_theme_default() { } drupal_goto('admin/appearance'); } - return drupal_access_denied(); + throw new AccessDeniedHttpException(); } /** @@ -2303,7 +2304,7 @@ function system_batch_page() { $output = _batch_page(); if ($output === FALSE) { - drupal_access_denied(); + throw new AccessDeniedHttpException(); } elseif ($output instanceof Response) { return $output; diff --git a/core/modules/user/user.pages.inc b/core/modules/user/user.pages.inc index 300bbc1..fcda92e 100644 --- a/core/modules/user/user.pages.inc +++ b/core/modules/user/user.pages.inc @@ -5,6 +5,8 @@ * User page callback file for the user module. */ +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; + /** * Menu callback; Retrieve a JSON object containing autocomplete suggestions for existing users. */ @@ -157,7 +159,7 @@ function user_pass_reset($form, &$form_state, $uid, $timestamp, $hashed_pass, $a else { // Deny access, no more clues. // Everything will be in the watchdog's URL for the administrator to check. - drupal_access_denied(); + throw new AccessDeniedHttpException(); } } } @@ -480,7 +482,7 @@ function user_cancel_confirm($account, $timestamp = 0, $hashed_pass = '') { drupal_goto("user/$account->uid/cancel"); } } - drupal_access_denied(); + throw new AccessDeniedHttpException(); } /**