diff --git a/core/lib/Drupal/Core/Authentication/AuthenticationManager.php b/core/lib/Drupal/Core/Authentication/AuthenticationManager.php index aa49f5f..f458ffe 100644 --- a/core/lib/Drupal/Core/Authentication/AuthenticationManager.php +++ b/core/lib/Drupal/Core/Authentication/AuthenticationManager.php @@ -134,11 +134,12 @@ public function authenticate(Request $request) { * The default provider is the one with the lowest registered priority. * * @return string - * The ID of the default provider + * The ID of the default provider. */ protected function defaultProviderId() { $providers = $this->getSortedProviders(); - return $providers[end(array_keys($providers))]; + $provider_ids = array_keys($providers); + return end($provider_ids); } /** diff --git a/core/lib/Drupal/Core/Authentication/Provider/Cookie.php b/core/lib/Drupal/Core/Authentication/Provider/Cookie.php index 04a6992..ae108dc 100644 --- a/core/lib/Drupal/Core/Authentication/Provider/Cookie.php +++ b/core/lib/Drupal/Core/Authentication/Provider/Cookie.php @@ -51,16 +51,6 @@ public function cleanup(Request $request) { * {@inheritdoc} */ public function handleException(GetResponseForExceptionEvent $event) { - $exception = $event->getException(); - if (user_is_anonymous() && $exception instanceof AccessDeniedHttpException) { - $event->setResponse(new RedirectResponse(url('user/login', array( - 'absolute' => TRUE, - 'query' => array( - 'destination' => $event->getRequest()->get('system_path'), - ), - )))); - return TRUE; - } return FALSE; } } diff --git a/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php b/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php index 9a342fc..176e3a2 100644 --- a/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php +++ b/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php @@ -28,7 +28,7 @@ class AuthenticationEnhancer implements RouteEnhancerInterface { public function enhance(array $defaults, Request $request) { $auth_provider_triggered = $request->attributes->get('_authentication_provider'); if (!empty($auth_provider_triggered)) { - $route = $request->attributes->get(RouteObjectInterface::ROUTE_OBJECT); + $route = $defaults['_route_object']; $auth_providers = ($route && $route->getOption('_auth')) ? $route->getOption('_auth') : array(); if (!empty($auth_providers)) { // If the request was authenticated with a non-permitted provider, diff --git a/core/modules/system/lib/Drupal/system/Tests/Authentication/HttpBasicTest.php b/core/modules/system/lib/Drupal/system/Tests/Authentication/HttpBasicTest.php index dea9359..0bfd348 100644 --- a/core/modules/system/lib/Drupal/system/Tests/Authentication/HttpBasicTest.php +++ b/core/modules/system/lib/Drupal/system/Tests/Authentication/HttpBasicTest.php @@ -44,7 +44,7 @@ public function testHttpBasic() { $this->basicAuthGet('router_test/test11', $account->name, $this->randomName()); $this->assertNoText($account->name, 'Bad basic auth credentials do not authenticate the user.'); - $this->assertResponse('200', 'HTTP response is OK'); + $this->assertResponse('403', 'Access is not granted.'); $this->curlClose(); $this->drupalGet('router_test/test11'); diff --git a/core/modules/system/tests/modules/router_test/lib/Drupal/router_test/TestContent.php b/core/modules/system/tests/modules/router_test/lib/Drupal/router_test/TestContent.php index 22a07cf..51be94b 100644 --- a/core/modules/system/tests/modules/router_test/lib/Drupal/router_test/TestContent.php +++ b/core/modules/system/tests/modules/router_test/lib/Drupal/router_test/TestContent.php @@ -26,8 +26,8 @@ public function test1() { * The user name of the current logged in user. */ public function test11() { - global $user; - return isset($user->name) ? $user->name : ''; + $account = \Drupal::request()->attributes->get('session'); + return isset($account->name) ? $account->name : ''; } } diff --git a/core/modules/system/tests/modules/router_test/router_test.routing.yml b/core/modules/system/tests/modules/router_test/router_test.routing.yml index 9e481de..2eda2c8 100644 --- a/core/modules/system/tests/modules/router_test/router_test.routing.yml +++ b/core/modules/system/tests/modules/router_test/router_test.routing.yml @@ -65,5 +65,7 @@ router_test_11: pattern: '/router_test/test11' options: _auth: [ 'http_basic' ] + requirements: + _user_is_logged_in: 'TRUE' defaults: _content: '\Drupal\router_test\TestContent::test11' diff --git a/core/tests/Drupal/Tests/Core/Route/RoleAccessCheckTest.php b/core/tests/Drupal/Tests/Core/Route/RoleAccessCheckTest.php index b6e5ab5..a70e4a0 100644 --- a/core/tests/Drupal/Tests/Core/Route/RoleAccessCheckTest.php +++ b/core/tests/Drupal/Tests/Core/Route/RoleAccessCheckTest.php @@ -159,19 +159,16 @@ public function testRoleAccess($path, $grant_accounts, $deny_accounts) { $collection = $this->getTestRouteCollection(); foreach ($grant_accounts as $account) { - // @todo Replace the global user with a properly injection session. - $GLOBALS['user'] = $account; - $subrequest = Request::create($path, 'GET'); + $subrequest->attributes->set('session', $account); $message = sprintf('Access granted for user with the roles %s on path: %s', implode(', ', $account->roles), $path); $this->assertSame(AccessCheckInterface::ALLOW, $role_access_check->access($collection->get($path), $subrequest), $message); } // Check all users which don't have access. foreach ($deny_accounts as $account) { - $GLOBALS['user'] = $account; - $subrequest = Request::create($path, 'GET'); + $subrequest->attributes->set('session', $account); $message = sprintf('Access denied for user %s with the roles %s on path: %s', $account->uid, implode(', ', $account->roles), $path); $has_access = $role_access_check->access($collection->get($path), $subrequest); $this->assertSame(AccessCheckInterface::DENY, $has_access , $message);