summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlex Pott2015-01-12 13:54:29 +0000
committerAlex Pott2015-01-12 13:54:29 +0000
commit5f2a572cbdc876f23c07b09bdd9ccfc7fc98ffa7 (patch)
tree491ac307af74d2385889261a7205ecea35ab5091
parente92465b508849828249537e27e812cf0dcc1073f (diff)
Issue #2403729 by kim.pepper: Convert user_cancel_confirm() to a new-style Form object
-rw-r--r--core/modules/user/src/Controller/UserController.php56
-rw-r--r--core/modules/user/src/Form/UserCancelForm.php3
-rw-r--r--core/modules/user/user.module5
-rw-r--r--core/modules/user/user.pages.inc36
4 files changed, 54 insertions, 46 deletions
diff --git a/core/modules/user/src/Controller/UserController.php b/core/modules/user/src/Controller/UserController.php
index b5ce805..51fe046 100644
--- a/core/modules/user/src/Controller/UserController.php
+++ b/core/modules/user/src/Controller/UserController.php
@@ -9,11 +9,12 @@ namespace Drupal\user\Controller;
use Drupal\Component\Utility\Xss;
use Drupal\Core\Controller\ControllerBase;
+use Drupal\Core\Datetime\DateFormatter;
+use Drupal\user\UserDataInterface;
use Drupal\user\UserInterface;
+use Drupal\user\UserStorageInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
-use Drupal\Core\Datetime\DateFormatter;
-use Drupal\user\UserStorageInterface;
/**
* Controller routines for user routes.
@@ -35,6 +36,13 @@ class UserController extends ControllerBase {
protected $userStorage;
/**
+ * The user data service.
+ *
+ * @var \Drupal\user\UserDataInterface
+ */
+ protected $userData;
+
+ /**
* Constructs a UserController object.
*
* @param \Drupal\Core\Datetime\DateFormatter $date_formatter
@@ -42,9 +50,10 @@ class UserController extends ControllerBase {
* @param \Drupal\user\UserStorageInterface $user_storage
* The user storage.
*/
- public function __construct(DateFormatter $date_formatter, UserStorageInterface $user_storage) {
+ public function __construct(DateFormatter $date_formatter, UserStorageInterface $user_storage, UserDataInterface $user_data) {
$this->dateFormatter = $date_formatter;
$this->userStorage = $user_storage;
+ $this->userData = $user_data;
}
/**
@@ -53,7 +62,8 @@ class UserController extends ControllerBase {
public static function create(ContainerInterface $container) {
return new static(
$container->get('date.formatter'),
- $container->get('entity.manager')->getStorage('user')
+ $container->get('entity.manager')->getStorage('user'),
+ $container->get('user.data')
);
}
@@ -164,11 +174,43 @@ class UserController extends ControllerBase {
}
/**
- * @todo Remove user_cancel_confirm().
+ * Confirms cancelling a user account via an email link.
+ *
+ * @param \Drupal\user\UserInterface $user
+ * The user account.
+ * @param int $timestamp
+ * The timestamp.
+ * @param string $hashed_pass
+ * The hashed password.
+ *
+ * @return \Symfony\Component\HttpFoundation\RedirectResponse
+ * A redirect response.
*/
public function confirmCancel(UserInterface $user, $timestamp = 0, $hashed_pass = '') {
- module_load_include('pages.inc', 'user');
- return user_cancel_confirm($user, $timestamp, $hashed_pass);
+ // Time out in seconds until cancel URL expires; 24 hours = 86400 seconds.
+ $timeout = 86400;
+ $current = REQUEST_TIME;
+
+ // Basic validation of arguments.
+ $account_data = $this->userData->get('user', $user->id());
+ if (isset($account_data['cancel_method']) && !empty($timestamp) && !empty($hashed_pass)) {
+ // Validate expiration and hashed password/login.
+ if ($timestamp <= $current && $current - $timestamp < $timeout && $user->id() && $timestamp >= $user->getLastLoginTime() && $hashed_pass == user_pass_rehash($user->getPassword(), $timestamp, $user->getLastLoginTime())) {
+ $edit = array(
+ 'user_cancel_notify' => isset($account_data['cancel_notify']) ? $account_data['cancel_notify'] : $this->config('user.settings')->get('notify.status_canceled'),
+ );
+ user_cancel($edit, $user->id(), $account_data['cancel_method']);
+ // Since user_cancel() is not invoked via Form API, batch processing
+ // needs to be invoked manually and should redirect to the front page
+ // after completion.
+ return batch_process('');
+ }
+ else {
+ drupal_set_message(t('You have tried to use an account cancellation link that has expired. Please request a new one using the form below.'));
+ return $this->redirect('entity.user.cancel_form', ['user' => $user->id()], ['absolute' => TRUE]);
+ }
+ }
+ throw new AccessDeniedHttpException();
}
}
diff --git a/core/modules/user/src/Form/UserCancelForm.php b/core/modules/user/src/Form/UserCancelForm.php
index 59ccf3a..d3b6921 100644
--- a/core/modules/user/src/Form/UserCancelForm.php
+++ b/core/modules/user/src/Form/UserCancelForm.php
@@ -129,7 +129,8 @@ class UserCancelForm extends ContentEntityConfirmFormBase {
}
else {
// Store cancelling method and whether to notify the user in
- // $this->entity for user_cancel_confirm().
+ // $this->entity for
+ // \Drupal\user\Controller\UserController::confirmCancel().
$this->entity->user_cancel_method = $form_state->getValue('user_cancel_method');
$this->entity->user_cancel_notify = $form_state->getValue('user_cancel_notify');
$this->entity->save();
diff --git a/core/modules/user/user.module b/core/modules/user/user.module
index a251fd7..fa26302 100644
--- a/core/modules/user/user.module
+++ b/core/modules/user/user.module
@@ -689,7 +689,7 @@ function user_pass_reset_url($account, $options = array()) {
* account.
*
* @see user_mail_tokens()
- * @see user_cancel_confirm()
+ * @see \Drupal\user\Controller\UserController::confirmCancel()
*/
function user_cancel_url($account, $options = array()) {
$timestamp = REQUEST_TIME;
@@ -711,7 +711,8 @@ function user_cancel_url($account, $options = array()) {
* same information, and compared to the hash value from the URL. The URL
* normally contains both the time stamp and the numeric user ID. The login
* timestamp and hashed password are retrieved from the database as necessary.
- * For a usage example, see user_cancel_url() and user_cancel_confirm().
+ * For a usage example, see user_cancel_url() and
+ * \Drupal\user\Controller\UserController::confirmCancel().
*
* @param string $password
* The hashed user account password value.
diff --git a/core/modules/user/user.pages.inc b/core/modules/user/user.pages.inc
index 895f84c..ac8de7d 100644
--- a/core/modules/user/user.pages.inc
+++ b/core/modules/user/user.pages.inc
@@ -30,39 +30,3 @@ function template_preprocess_user(&$variables) {
$variables['content'][$key] = $variables['elements'][$key];
}
}
-
-/**
- * Menu callback; Cancel a user account via email confirmation link.
- *
- * @see \Drupal\user\Form\UserCancelForm
- * @see user_cancel_url()
- *
- * @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
- * Use \Drupal\user\Controller\UserController::confirmCancel().
- */
-function user_cancel_confirm($account, $timestamp = 0, $hashed_pass = '') {
- // Time out in seconds until cancel URL expires; 24 hours = 86400 seconds.
- $timeout = 86400;
- $current = REQUEST_TIME;
-
- // Basic validation of arguments.
- $account_data = \Drupal::service('user.data')->get('user', $account->id());
- if (isset($account_data['cancel_method']) && !empty($timestamp) && !empty($hashed_pass)) {
- // Validate expiration and hashed password/login.
- if ($timestamp <= $current && $current - $timestamp < $timeout && $account->id() && $timestamp >= $account->getLastLoginTime() && $hashed_pass == user_pass_rehash($account->getPassword(), $timestamp, $account->getLastLoginTime())) {
- $edit = array(
- 'user_cancel_notify' => isset($account_data['cancel_notify']) ? $account_data['cancel_notify'] : \Drupal::config('user.settings')->get('notify.status_canceled'),
- );
- user_cancel($edit, $account->id(), $account_data['cancel_method']);
- // Since user_cancel() is not invoked via Form API, batch processing needs
- // to be invoked manually and should redirect to the front page after
- // completion.
- return batch_process('');
- }
- else {
- drupal_set_message(t('You have tried to use an account cancellation link that has expired. Please request a new one using the form below.'));
- return new RedirectResponse(\Drupal::url('entity.user.cancel_form', ['user' => $account->id()], array('absolute' => TRUE)));
- }
- }
- throw new AccessDeniedHttpException();
-}