Home Esplora Aiuto
Accedi
kevin
/
Popsu-coloque
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): c11935cb48
Rami (Branch) Tag
Popsu-coloque
/
web
/
core
/
lib
/
Drupal
/
Core
/
Security
/
DoTrustedCallbackTrait.php

DoTrustedCallbackTrait.php 3.8 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 
  1. <?php
    2. 

  2. 

  3. namespace Drupal\Core\Security;
    4. 

  4. 

  5. /**
    6. 

  6.  * Ensures that TrustedCallbackInterface can be enforced for callback methods.
    7. 

  7.  *
    8. 

  8.  * @see \Drupal\Core\Security\TrustedCallbackInterface
    9. 

  9.  */
    10. 

  10. trait DoTrustedCallbackTrait {
    11. 

  11. 

  12.   /**
    13. 

  13.    * Performs a callback.
    14. 

  14.    *
    15. 

  15.    * If the callback is trusted the callback will occur. Trusted callbacks must
    16. 

  16.    * be methods of a class that implements
    17. 

  17.    * \Drupal\Core\Security\TrustedCallbackInterface or $extra_trusted_interface
    18. 

  18.    * or be an anonymous function. If the callback is not trusted then whether or
    19. 

  19.    * not the callback is called and what type of error is thrown depends on
    20. 

  20.    * $error_type. To provide time for dependent code to use trusted callbacks
    21. 

  21.    * use TrustedCallbackInterface::TRIGGER_SILENCED_DEPRECATION and then at a
    22. 

  22.    * later date change this to TrustedCallbackInterface::THROW_EXCEPTION.
    23. 

  23.    *
    24. 

  24.    * @param callable $callback
    25. 

  25.    *   The callback to call. Note that callbacks which are objects and use the
    26. 

  26.    *   magic method __invoke() are not supported.
    27. 

  27.    * @param array $args
    28. 

  28.    *   The arguments to pass the callback.
    29. 

  29.    * @param $message
    30. 

  30.    *   The error message if the callback is not trusted. If the message contains
    31. 

  31.    *   "%s" it will be replaced in with the resolved callback.
    32. 

  32.    * @param string $error_type
    33. 

  33.    *   (optional) The type of error to trigger. One of:
    34. 

  34.    *   - TrustedCallbackInterface::THROW_EXCEPTION
    35. 

  35.    *   - TrustedCallbackInterface::TRIGGER_WARNING
    36. 

  36.    *   - TrustedCallbackInterface::TRIGGER_SILENCED_DEPRECATION
    37. 

  37.    *   Defaults to TrustedCallbackInterface::THROW_EXCEPTION.
    38. 

  38.    * @param string $extra_trusted_interface
    39. 

  39.    *   (optional) An additional interface that if implemented by the callback
    40. 

  40.    *   object means any public methods on that object are trusted.
    41. 

  41.    *
    42. 

  42.    * @return mixed
    43. 

  43.    *   The callback's return value.
    44. 

  44.    *
    45. 

  45.    * @throws \Drupal\Core\Security\UntrustedCallbackException
    46. 

  46.    *   Exception thrown if the callback is not trusted and $error_type equals
    47. 

  47.    *   TrustedCallbackInterface::THROW_EXCEPTION.
    48. 

  48.    *
    49. 

  49.    * @see \Drupal\Core\Security\TrustedCallbackInterface
    50. 

  50.    */
    51. 

  51.   public function doTrustedCallback(callable $callback, array $args, $message, $error_type = TrustedCallbackInterface::THROW_EXCEPTION, $extra_trusted_interface = NULL) {
    52. 

  52.     $object_or_classname = $callback;
    53. 

  53.     $safe_callback = FALSE;
    54. 

  54. 

  55.     if (is_array($callback)) {
    56. 

  56.       list($object_or_classname, $method_name) = $callback;
    57. 

  57.     }
    58. 

  58.     elseif (is_string($callback) && strpos($callback, '::') !== FALSE) {
    59. 

  59.       list($object_or_classname, $method_name) = explode('::', $callback, 2);
    60. 

  60.     }
    61. 

  61. 

  62.     if (isset($method_name)) {
    63. 

  63.       if ($extra_trusted_interface && is_subclass_of($object_or_classname, $extra_trusted_interface)) {
    64. 

  64.         $safe_callback = TRUE;
    65. 

  65.       }
    66. 

  66.       elseif (is_subclass_of($object_or_classname, TrustedCallbackInterface::class)) {
    67. 

  67.         if (is_object($object_or_classname)) {
    68. 

  68.           $methods = $object_or_classname->trustedCallbacks();
    69. 

  69.         }
    70. 

  70.         else {
    71. 

  71.           $methods = call_user_func($object_or_classname . '::trustedCallbacks');
    72. 

  72.         }
    73. 

  73.         $safe_callback = in_array($method_name, $methods, TRUE);
    74. 

  74.       }
    75. 

  75.     }
    76. 

  76.     elseif ($callback instanceof \Closure) {
    77. 

  77.       $safe_callback = TRUE;
    78. 

  78.     }
    79. 

  79. 

  80.     if (!$safe_callback) {
    81. 

  81.       $description = $object_or_classname;
    82. 

  82.       if (is_object($description)) {
    83. 

  83.         $description = get_class($description);
    84. 

  84.       }
    85. 

  85.       if (isset($method_name)) {
    86. 

  86.         $description .= '::' . $method_name;
    87. 

  87.       }
    88. 

  88.       $message = sprintf($message, $description);
    89. 

  89.       if ($error_type === TrustedCallbackInterface::TRIGGER_SILENCED_DEPRECATION) {
    90. 

  90.         @trigger_error($message, E_USER_DEPRECATED);
    91. 

  91.       }
    92. 

  92.       elseif ($error_type === TrustedCallbackInterface::TRIGGER_WARNING) {
    93. 

  93.         trigger_error($message, E_USER_WARNING);
    94. 

  94.       }
    95. 

  95.       else {
    96. 

  96.         throw new UntrustedCallbackException($message);
    97. 

  97.       }
    98. 

  98.     }
    99. 

  99. 

  100.     return call_user_func_array($callback, $args);
    101. 

  101.   }
    102. 

  102. 

  103. }
    104.