summaryrefslogtreecommitdiffstats
path: root/core/authorize.php
diff options
context:
space:
mode:
authorAlex Pott2015-03-19 12:34:11 (GMT)
committerAlex Pott2015-03-19 12:34:11 (GMT)
commit531f95eb455507dc5a0a7043dae8f46c3b5426ad (patch)
treee343069597a76d0ee11ce32555194e83ce088e64 /core/authorize.php
parent98366a9e0d8be12374d4d00a8f561308ea6bd846 (diff)
Issue #2286971 by znerol, Berdir, almaudoh, cilefen: Remove dependency of current_user on request and authentication manager
Diffstat (limited to 'core/authorize.php')
-rw-r--r--core/authorize.php11
1 files changed, 9 insertions, 2 deletions
diff --git a/core/authorize.php b/core/authorize.php
index 0d61004..35277f6 100644
--- a/core/authorize.php
+++ b/core/authorize.php
@@ -47,10 +47,17 @@ const MAINTENANCE_MODE = 'update';
* The killswitch in settings.php overrides all else, otherwise, the user must
* have access to the 'administer software updates' permission.
*
+ * @param \Symfony\Component\HttpFoundation\Request $request
+ * The incoming request.
+ *
* @return bool
* TRUE if the current user can run authorize.php, and FALSE if not.
*/
-function authorize_access_allowed() {
+function authorize_access_allowed(Request $request) {
+ $account = \Drupal::service('authentication')->authenticate($request);
+ if ($account) {
+ \Drupal::currentUser()->setAccount($account);
+ }
return Settings::get('allow_authorize_operations', TRUE) && \Drupal::currentUser()->hasPermission('administer software updates');
}
@@ -79,7 +86,7 @@ $content = [];
$show_messages = TRUE;
$response = new Response();
-if (authorize_access_allowed()) {
+if (authorize_access_allowed($request)) {
// Load both the Form API and Batch API.
require_once __DIR__ . '/includes/form.inc';
require_once __DIR__ . '/includes/batch.inc';