Processes an AccessDenied exception into an HTTP 403 response.
Symfony\Component\HttpKernel\Exception\FlattenException $exception: The flattened exception.
Symfony\Component\HttpFoundation\Request $request: The request object that triggered this exception.
public function on403Html(FlattenException $exception, Request $request) {
$system_path = $request->attributes
->get('system_path');
watchdog('access denied', $system_path, NULL, WATCHDOG_WARNING);
$path = $this->container
->get('path.alias_manager')
->getSystemPath(config('system.site')
->get('page.403'));
if ($path && $path != $system_path) {
// Keep old path for reference, and to allow forms to redirect to it.
if (!isset($_GET['destination'])) {
$_GET['destination'] = $system_path;
}
$subrequest = Request::create('/' . $path, 'get', array(
'destination' => $system_path,
), $request->cookies
->all(), array(), $request->server
->all());
// The active trail is being statically cached from the parent request to
// the subrequest, like any other static. Unfortunately that means the
// data in it is incorrect and does not get regenerated correctly for
// the subrequest. In this instance, that even causes a fatal error in
// some circumstances because menu_get_active_trail() ends up having
// a missing localized_options value. To work around that, reset the
// menu static variables and let them be regenerated as needed.
// @todo It is likely that there are other such statics that need to be
// reset that are not triggering test failures right now. If found,
// add them here.
// @todo Refactor the breadcrumb system so that it does not rely on static
// variables in the first place, which will eliminate the need for this
// hack.
drupal_static_reset('menu_set_active_trail');
menu_reset_static_cache();
$response = $this->container
->get('http_kernel')
->handle($subrequest, HttpKernelInterface::SUB_REQUEST);
$response
->setStatusCode(403, 'Access denied');
}
else {
// @todo Replace this block with something cleaner.
$return = t('You are not authorized to access this page.');
drupal_set_title(t('Access denied'));
drupal_set_page_content($return);
$page = element_info('page');
$content = drupal_render_page($page);
$response = new Response($content, 403);
}
return $response;
}