This is a kernel-patch follow-up.

drupal_access_denied() is now a trivial wrapper around throwing Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException. Let's eliminate the middle man.

All instances of drupal_access_denied() should be replaced with throwing the appropriate exception, or else refactored so that the "denied" logic happens further up in the routing layer where it belongs.

CommentFileSizeAuthor
#19 core-replace_drupal_access_denied-1591604-17.patch10.97 KBunderq
#17 core_replace_drupal_access_denied-1591604-17.patch11.17 KBAnonymous (not verified)
#15 core_replace_drupal_access_denied-1591604-15.patch8.63 KBAnonymous (not verified)
#12 1591604-12-core-replace_drupal_access_denied.patch12.31 KBpfrenssen
#8 core-replace_drupal_access_denied-1591604-8.patch6.73 KBalbert volkman
#6 core-replace_drupal_access_denied-1591604-6.patch7.66 KBunderq
#4 core-replace_drupal_access_denied-1591604-4.patch5.92 KBunderq

Comments

Crell’s picture

Crell commented
Title: Replace drupal_access_denied() with throw » Replace drupal_access_denied() with throw AccessDeniedHttpException
catch’s picture

catch
he/him
Primary language English
commented
Priority: Normal » Major
Crell’s picture

Crell commented
Issue tags: +Novice

This should be fairly routine.

underq’s picture

underq commented
Status: Active » Needs review
StatusFileSize
new core-replace_drupal_access_denied-1591604-4.patch5.92 KB

Patch done, need review ;-)

Status: Needs review » Needs work

The last submitted patch, core-replace_drupal_access_denied-1591604-4.patch, failed testing.

underq’s picture

underq commented
Status: Needs work » Needs review
StatusFileSize
new core-replace_drupal_access_denied-1591604-6.patch7.66 KB

Add use SymfonyComponentHttpKernelExceptionAccessDeniedHttpException; /code>

Status: Needs review » Needs work

The last submitted patch, core-replace_drupal_access_denied-1591604-6.patch, failed testing.

albert volkman’s picture

albert volkman commented
StatusFileSize
new core-replace_drupal_access_denied-1591604-8.patch6.73 KB

Re-roll.

aspilicious’s picture

aspilicious commented
Status: Needs work » Needs review
pfrenssen’s picture

pfrenssen
Location Sofia
commented
Status: Needs review » Needs work

The are mentions of drupal_access_denied() scattered across the documentation, please update these too.

For example, in the documentation for drupal_deliver_page():

/**
 * Delivers a page callback result to the browser in the appropriate format.
 *
 * This function is most commonly called by menu_execute_active_handler(), but
 * can also be called by error conditions such as drupal_not_found(),
 * drupal_access_denied(), and drupal_site_offline().
 */
pfrenssen’s picture

pfrenssen
Location Sofia
commented
Assigned: Unassigned » pfrenssen

I'll do this, have done the same in #1587850: Replace drupal_not_found() with throw NotFoundHttpException. The patches in these two issues will give conflicts anyway since they are affecting the same lines of documentation.

pfrenssen’s picture

pfrenssen
Location Sofia
commented
Assigned: pfrenssen » Unassigned
Status: Needs work » Needs review
StatusFileSize
new 1591604-12-core-replace_drupal_access_denied.patch12.31 KB

Did the following updates to the patch in #8:

  • Removed the drupal_access_denied() function itself.
  • Updated documentation of drupal_deliver_page(), file_download() and search_box_form_submit().
  • Replaced calls to drupal_acccess_denied() in aggregator_admin_refresh_feed(), comment_approve() and overlay_user_dismiss_message().
  • Removed code that was never going to be executed after throwing the AccessDeniedHttpException in contact_site_form(), contact_personal_form(), menu_delete_menu_page(), menu_item_delete_page()
Niklas Fiekas’s picture

Niklas Fiekas commented
Issue tags: -Novice, -WSCCI, -symfony, -kernel-followup

Awesome! And also: Yay! #1587850: Replace drupal_not_found() with throw NotFoundHttpException is in.
#12: 1591604-12-core-replace_drupal_access_denied.patch queued for re-testing.

Status: Needs review » Needs work
Issue tags: +Novice, +WSCCI, +symfony, +kernel-followup

The last submitted patch, 1591604-12-core-replace_drupal_access_denied.patch, failed testing.

Anonymous’s picture

Anonymous (not verified) commented
Status: Needs work » Needs review
StatusFileSize
new core_replace_drupal_access_denied-1591604-15.patch8.63 KB

I've rebased pfrenssen's patch on the latest head, should hopefully test OK now.

aspilicious’s picture

aspilicious commented
Status: Needs review » Needs work

You forgot to remove the drupal_access_denied() function

Anonymous’s picture

Anonymous (not verified) commented
Status: Needs work » Needs review
StatusFileSize
new core_replace_drupal_access_denied-1591604-17.patch11.17 KB

Sorry, that was the point after all!

There were also some other changes missing. This should cover includes/common.inc, includes/file.inc and modules/aggregator/aggregator.admin.inc, and in the process removing the function.

aspilicious’s picture

aspilicious commented
Status: Needs review » Reviewed & tested by the community

Did a grep, is rtbc if this come back green!

underq’s picture

underq commented
Status: Reviewed & tested by the community » Needs review
StatusFileSize
new core-replace_drupal_access_denied-1591604-17.patch10.97 KB

Rebased chrisdolby patch with remove drupal_access_denied(), edit file_download() comment and add AccessDeniedHttpException() in aggregator_admin_refresh_feed() function.

I hope that's good.

underq’s picture

underq commented

Oups you are so fast :)

aspilicious’s picture

aspilicious commented
Status: Needs review » Reviewed & tested by the community

They both are correct, but the patch command they use was different, thats why there is a size change. Btw you can't access the first patch anymore because they used the same name while crossposting, so the second one overwrites the first one.

tim.plunkett’s picture

tim.plunkett
he/him
Primary language English
Location Philadelphia
commented

No, one was core_replace and the other core-replace.

The first patch changes the file permissions which is wrong. The second one (#19) is RTBC.

aspilicious’s picture

aspilicious commented

Woow timplunkett, I didn't notice the subtle permission change in the git headers.
Thank you!

dries’s picture

dries commented
Status: Reviewed & tested by the community » Fixed

Great. Love the clean-ups. Committed to 8.x. Thanks!

David_Rothstein’s picture

David_Rothstein commented
Status: Fixed » Reviewed & tested by the community

This and several other issues look like they weren't actually committed/pushed. So, #19 is still RTBC.

dries’s picture

dries commented
Status: Reviewed & tested by the community » Fixed

Committed now: http://drupalcode.org/project/drupal.git/commit/002769e

David_Rothstein’s picture

David_Rothstein commented

For anyone who's looking for it, a change notification for this issue was started at http://drupal.org/node/1616360

Automatically closed -- issue fixed for 2 weeks with no activity.