diff --git a/core/modules/node/src/Form/DeleteMultiple.php b/core/modules/node/src/Form/DeleteMultiple.php index 7b2aced..a5686dc 100644 --- a/core/modules/node/src/Form/DeleteMultiple.php +++ b/core/modules/node/src/Form/DeleteMultiple.php @@ -13,8 +13,8 @@ use Drupal\Component\Utility\String; use Drupal\Core\Form\FormStateInterface; use Drupal\user\TempStoreFactory; -use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\DependencyInjection\ContainerInterface; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; /** * Provides a node deletion confirmation form. @@ -99,7 +99,7 @@ public function getConfirmText() { public function buildForm(array $form, FormStateInterface $form_state) { $this->nodes = $this->tempStoreFactory->get('node_multiple_delete_confirm')->get(\Drupal::currentUser()->id()); if (empty($this->nodes)) { - return new RedirectResponse($this->getCancelUrl()->setAbsolute()->toString()); + throw new AccessDeniedHttpException(); } $form['nodes'] = array( diff --git a/core/modules/node/src/Tests/NodeAdminTest.php b/core/modules/node/src/Tests/NodeAdminTest.php index d88d7db..37ce473 100644 --- a/core/modules/node/src/Tests/NodeAdminTest.php +++ b/core/modules/node/src/Tests/NodeAdminTest.php @@ -164,5 +164,11 @@ function testContentAdminPages() { $this->assertLinkByHref('node/' . $node->id() . '/edit'); $this->assertLinkByHref('node/' . $node->id() . '/delete'); } + + $this->drupalPostForm(NULL, [], 'Apply'); + $this->assertRaw('No content selected'); + $this->drupalGet('admin/content/node/delete'); + $this->assertResponse(403); } + } diff --git a/core/modules/system/src/Form/ModulesListConfirmForm.php b/core/modules/system/src/Form/ModulesListConfirmForm.php index c04a030..cd8825c 100644 --- a/core/modules/system/src/Form/ModulesListConfirmForm.php +++ b/core/modules/system/src/Form/ModulesListConfirmForm.php @@ -13,6 +13,7 @@ use Drupal\Core\KeyValueStore\KeyValueStoreExpirableInterface; use Drupal\Core\Url; use Symfony\Component\DependencyInjection\ContainerInterface; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; /** * Builds a confirmation form for enabling modules with dependencies. @@ -107,7 +108,7 @@ public function buildForm(array $form, FormStateInterface $form_state) { // Redirect to the modules list page if the key value store is empty. if (!$this->modules) { - return $this->redirect('system.modules_list'); + throw new AccessDeniedHttpException(); } $items = array(); diff --git a/core/modules/system/src/Form/ModulesUninstallConfirmForm.php b/core/modules/system/src/Form/ModulesUninstallConfirmForm.php index 5a0e0fe..8b868a9 100644 --- a/core/modules/system/src/Form/ModulesUninstallConfirmForm.php +++ b/core/modules/system/src/Form/ModulesUninstallConfirmForm.php @@ -12,10 +12,10 @@ use Drupal\Core\Form\ConfirmFormBase; use Drupal\Core\Form\FormStateInterface; use Drupal\Core\Url; -use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\DependencyInjection\ContainerInterface; use Drupal\Core\KeyValueStore\KeyValueStoreExpirableInterface; use Drupal\Core\Extension\ModuleHandlerInterface; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; /** * Builds a confirmation form to uninstall selected modules. @@ -133,7 +133,7 @@ public function buildForm(array $form, FormStateInterface $form_state) { // Prevent this page from showing when the module list is empty. if (empty($this->modules)) { - return new RedirectResponse('/admin/modules/uninstall'); + throw new AccessDeniedHttpException(); } $data = system_rebuild_module_data(); diff --git a/core/modules/system/src/Form/ModulesUninstallForm.php b/core/modules/system/src/Form/ModulesUninstallForm.php index 4285956..208b352 100644 --- a/core/modules/system/src/Form/ModulesUninstallForm.php +++ b/core/modules/system/src/Form/ModulesUninstallForm.php @@ -152,8 +152,7 @@ public function buildForm(array $form, FormStateInterface $form_state) { public function validateForm(array &$form, FormStateInterface $form_state) { // Form submitted, but no modules selected. if (!array_filter($form_state->getValue('uninstall'))) { - drupal_set_message($this->t('No modules selected.'), 'error'); - $form_state->setRedirect('system.modules_uninstall'); + $form_state->setErrorByName('', $this->t('No modules selected.')); } } diff --git a/core/modules/system/src/Tests/Module/UninstallTest.php b/core/modules/system/src/Tests/Module/UninstallTest.php index e57bff0..3926c8e 100644 --- a/core/modules/system/src/Tests/Module/UninstallTest.php +++ b/core/modules/system/src/Tests/Module/UninstallTest.php @@ -45,6 +45,12 @@ function testUninstallPage() { $this->drupalGet('admin/modules/uninstall'); $this->assertTitle(t('Uninstall') . ' | Drupal'); + // Attempt to uninstall no modules. + $this->drupalPostForm(NULL, [], 'Uninstall'); + $this->assertResponse(200); + $this->drupalGet('admin/modules/uninstall/confirm'); + $this->assertResponse(403); + // Uninstall module_test. $edit = array(); $edit['uninstall[module_test]'] = TRUE; diff --git a/core/modules/user/src/RegisterForm.php b/core/modules/user/src/RegisterForm.php index be73f39..326adcf 100644 --- a/core/modules/user/src/RegisterForm.php +++ b/core/modules/user/src/RegisterForm.php @@ -42,11 +42,6 @@ public function form(array $form, FormStateInterface $form_state) { '#value' => $admin, ); - // If we aren't admin but already logged on, go to the user page instead. - if (!$admin && $user->isAuthenticated()) { - return new RedirectResponse($this->url('entity.user.canonical', ['user' => \Drupal::currentUser()->id()], array('absolute' => TRUE))); - } - $form['#attached']['library'][] = 'core/drupal.form'; // For non-admin users, populate the form fields using data from the