diff --git a/core/includes/bootstrap.inc b/core/includes/bootstrap.inc index fee191a..c700848 100644 --- a/core/includes/bootstrap.inc +++ b/core/includes/bootstrap.inc @@ -740,7 +740,7 @@ function drupal_bootstrap($phase = NULL) { * Returns the time zone of the current user. */ function drupal_get_user_timezone() { - global $user; + $user = \Drupal::currentUser(); $config = \Drupal::config('system.date'); if ($user && $config->get('timezone.user.configurable') && $user->isAuthenticated() && $user->getTimezone()) { diff --git a/core/lib/Drupal/Core/Authentication/AuthenticationManager.php b/core/lib/Drupal/Core/Authentication/AuthenticationManager.php index c4c1df4..3bc40d8 100644 --- a/core/lib/Drupal/Core/Authentication/AuthenticationManager.php +++ b/core/lib/Drupal/Core/Authentication/AuthenticationManager.php @@ -85,8 +85,6 @@ public function applies(Request $request) { * {@inheritdoc} */ public function authenticate(Request $request) { - global $user; - $account = NULL; // Iterate the allowed providers. @@ -114,11 +112,6 @@ public function authenticate(Request $request) { // for later access. $request->attributes->set('_authentication_provider', $this->triggeredProviderId); - // The global $user object is included for backward compatibility only and - // should be considered deprecated. - // @todo Remove this line once global $user is no longer used. - $user = $account; - return $account; } diff --git a/core/lib/Drupal/Core/Cache/TimeZoneCacheContext.php b/core/lib/Drupal/Core/Cache/TimeZoneCacheContext.php index 50c4676..ae0621c 100644 --- a/core/lib/Drupal/Core/Cache/TimeZoneCacheContext.php +++ b/core/lib/Drupal/Core/Cache/TimeZoneCacheContext.php @@ -10,7 +10,7 @@ /** * Defines the TimeZoneCacheContext service, for "per time zone" caching. * - * @see \Drupal\Core\Session\SessionManager::initialize() + * @see \Drupal\Core\Session\AccountProxy::setAccount() */ class TimeZoneCacheContext implements CacheContextInterface { @@ -25,7 +25,7 @@ public static function getLabel() { * {@inheritdoc} */ public function getContext() { - // date_default_timezone_set() is called in SessionManager::initialize(), so + // date_default_timezone_set() is called in AccountProxy::setAccount(), so // we can safely retrieve the timezone. return date_default_timezone_get(); } diff --git a/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php b/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php index e032ab1..b1639ec 100644 --- a/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php +++ b/core/lib/Drupal/Core/Routing/Enhancer/AuthenticationEnhancer.php @@ -66,11 +66,6 @@ public function enhance(array $defaults, Request $request) { $anonymous_user = new AnonymousUserSession(); $this->currentUser->setAccount($anonymous_user); - - // The global $user object is included for backward compatibility only - // and should be considered deprecated. - // @todo Remove this line once global $user is no longer used. - $GLOBALS['user'] = $anonymous_user; } } return $defaults; diff --git a/core/lib/Drupal/Core/Session/AccountProxy.php b/core/lib/Drupal/Core/Session/AccountProxy.php index f9d0d35..e7dc1c3 100644 --- a/core/lib/Drupal/Core/Session/AccountProxy.php +++ b/core/lib/Drupal/Core/Session/AccountProxy.php @@ -67,6 +67,8 @@ public function setAccount(AccountInterface $account) { $account = $account->getAccount(); } $this->account = $account; + // @todo Find a better place to call https://www.drupal.org/node/2427077 + date_default_timezone_set(drupal_get_user_timezone()); } /** diff --git a/core/lib/Drupal/Core/Session/SessionHandler.php b/core/lib/Drupal/Core/Session/SessionHandler.php index f46794f..e3b90ce 100644 --- a/core/lib/Drupal/Core/Session/SessionHandler.php +++ b/core/lib/Drupal/Core/Session/SessionHandler.php @@ -108,7 +108,7 @@ public function read($sid) { * {@inheritdoc} */ public function write($sid, $value) { - global $user; + $user = \Drupal::currentUser(); // The exception handler is not active at this point, so we need to do it // manually. @@ -155,17 +155,17 @@ public function close() { * {@inheritdoc} */ public function destroy($sid) { - global $user; + // Delete session data. $this->connection->delete('sessions') ->condition('sid', Crypt::hashBase64($sid)) ->execute(); - // Reset $_SESSION and $user to prevent a new session from being started - // in \Drupal\Core\Session\SessionManager::save(). + // Reset $_SESSION and current user to prevent a new session from being + // started in \Drupal\Core\Session\SessionManager::save(). $_SESSION = array(); - $user = new AnonymousUserSession(); + \Drupal::currentUser()->setAccount(new AnonymousUserSession()); // Unset the session cookies. $this->deleteCookie($this->getName()); diff --git a/core/lib/Drupal/Core/Session/SessionManager.php b/core/lib/Drupal/Core/Session/SessionManager.php index 8249805..8beb132 100644 --- a/core/lib/Drupal/Core/Session/SessionManager.php +++ b/core/lib/Drupal/Core/Session/SessionManager.php @@ -146,7 +146,6 @@ public function start() { $result = FALSE; } - date_default_timezone_set(drupal_get_user_timezone()); return $result; } @@ -181,7 +180,7 @@ protected function startNow() { * {@inheritdoc} */ public function save() { - global $user; + $user = \Drupal::currentUser(); if ($this->isCli()) { // We don't have anything to do if we are not allowed to save the session. @@ -212,7 +211,7 @@ public function save() { * {@inheritdoc} */ public function regenerate($destroy = FALSE, $lifetime = NULL) { - global $user; + $user = \Drupal::currentUser(); // Nothing to do if we are not allowed to change the session. if ($this->isCli()) { @@ -241,13 +240,8 @@ public function regenerate($destroy = FALSE, $lifetime = NULL) { if (!$this->isStarted()) { // Start the session when it doesn't exist yet. - // Preserve the logged in user, as it will be reset to anonymous - // by \Drupal\Core\Session\SessionHandler::read(). - $account = $user; $this->startNow(); - $user = $account; } - date_default_timezone_set(drupal_get_user_timezone()); } /** diff --git a/core/lib/Drupal/Core/Session/SessionManagerInterface.php b/core/lib/Drupal/Core/Session/SessionManagerInterface.php index fad62b7..b14b056 100644 --- a/core/lib/Drupal/Core/Session/SessionManagerInterface.php +++ b/core/lib/Drupal/Core/Session/SessionManagerInterface.php @@ -38,7 +38,7 @@ public function isEnabled(); * * This function allows the caller to temporarily disable writing of * session data, should the request end while performing potentially - * dangerous operations, such as manipulating the global $user object. + * dangerous operations, such as manipulating the current user. * * @see https://drupal.org/node/218104 * diff --git a/core/modules/basic_auth/src/Authentication/Provider/BasicAuth.php b/core/modules/basic_auth/src/Authentication/Provider/BasicAuth.php index de41c44..2fed1ed 100644 --- a/core/modules/basic_auth/src/Authentication/Provider/BasicAuth.php +++ b/core/modules/basic_auth/src/Authentication/Provider/BasicAuth.php @@ -138,7 +138,7 @@ public function cleanup(Request $request) {} */ public function handleException(GetResponseForExceptionEvent $event) { $exception = $event->getException(); - if ($GLOBALS['user']->isAnonymous() && $exception instanceof AccessDeniedHttpException) { + if (\Drupal::currentUser()->isAnonymous() && $exception instanceof AccessDeniedHttpException) { if (!$this->applies($event->getRequest())) { $site_name = $this->configFactory->get('system.site')->get('name'); global $base_url; diff --git a/core/modules/system/src/Tests/Datetime/DrupalDateTimeTest.php b/core/modules/system/src/Tests/Datetime/DrupalDateTimeTest.php index 29fec17..44144ef 100644 --- a/core/modules/system/src/Tests/Datetime/DrupalDateTimeTest.php +++ b/core/modules/system/src/Tests/Datetime/DrupalDateTimeTest.php @@ -9,6 +9,7 @@ use Drupal\simpletest\WebTestBase; use Drupal\Core\Datetime\DrupalDateTime; +use Drupal\user\Entity\User; /** * Tests DrupalDateTime functionality. @@ -51,8 +52,6 @@ public function testSystemTimezone() { * stated timezones. */ public function testDateTimezone() { - global $user; - $date_string = '2007-01-31 21:00:00'; // Make sure no site timezone has been set. @@ -93,28 +92,14 @@ public function testDateTimezone() { $edit = array('mail' => $test_user->getEmail(), 'timezone' => 'Asia/Manila'); $this->drupalPostForm('user/' . $test_user->id() . '/edit', $edit, t('Save')); - // Disable session saving as we are about to modify the global $user. - \Drupal::service('session_manager')->disable(); - // Save the original user and then replace it with the test user. - $real_user = $user; - $user = user_load($test_user->id(), TRUE); - - // Simulate a Drupal bootstrap with the logged-in user. - date_default_timezone_set(drupal_get_user_timezone()); + \Drupal::entityManager()->getStorage('user')->resetCache(); + $this->container->get('current_user')->setAccount(User::load($test_user->id())); // Create a date object with an unspecified timezone, which should // end up using the user timezone. - $date = new DrupalDateTime($date_string); $timezone = $date->getTimezone()->getName(); $this->assertTrue($timezone == 'Asia/Manila', 'DrupalDateTime uses the user timezone, if configurable timezones are used and it is set.'); - - // Restore the original user, and enable session saving. - $user = $real_user; - // Restore default time zone. - date_default_timezone_set(drupal_get_user_timezone()); - \Drupal::service('session_manager')->enable(); - - } + } diff --git a/core/modules/user/user.module b/core/modules/user/user.module index 5d39ce3..323da0c 100644 --- a/core/modules/user/user.module +++ b/core/modules/user/user.module @@ -232,15 +232,6 @@ function user_load_multiple(array $uids = NULL, $reset = FALSE) { /** * Loads a user object. * - * Drupal has a global $user object, which represents the currently-logged-in - * user. So to avoid confusion and to avoid clobbering the global $user object, - * it is a good idea to assign the result of this function to a different local - * variable, generally $account. If you actually do want to act as the user you - * are loading, it is essential to call drupal_save_session(FALSE); first. - * See - * @link http://drupal.org/node/218104 Safely impersonating another user @endlink - * for more information. - * * @param int $uid * Integer specifying the user ID to load. * @param bool $reset @@ -587,7 +578,7 @@ function user_menu_breadcrumb_alter(&$active_trail, $item) { * session, saves the login timestamp, calls hook_user_login(), and generates a * new session. * - * The global $user object is replaced with the passed in account. + * The current user is replaced with the passed in account. * * @param \Drupal\user\UserInterface $account * The account to log in. @@ -595,8 +586,7 @@ function user_menu_breadcrumb_alter(&$active_trail, $item) { * @see hook_user_login() */ function user_login_finalize(UserInterface $account) { - global $user; - $user = $account; + \Drupal::currentUser()->setAccount($account); \Drupal::logger('user')->notice('Session opened for %name.', array('%name' => $account->getUsername())); // Update the user table timestamp noting user has logged in. // This is also used to invalidate one-time login links. @@ -796,7 +786,6 @@ function user_cancel($edit, $uid, $method) { * @see user_cancel() */ function _user_cancel($edit, $account, $method) { - global $user; $logger = \Drupal::logger('user'); switch ($method) { @@ -829,8 +818,8 @@ function _user_cancel($edit, $account, $method) { // their session though, as we might have information in it, and we can't // regenerate it because batch API uses the session ID, we will regenerate it // in _user_cancel_session_regenerate(). - if ($account->id() == $user->id()) { - $user = new AnonymousUserSession(); + if ($account->id() == \Drupal::currentUser()->id()) { + \Drupal::currentUser()->setAccount(new AnonymousUserSession()); } }