Same name and namespace in other branches
  1. 8.9.x core/modules/system/src/Controller/EntityAutocompleteController.php \Drupal\system\Controller\EntityAutocompleteController::handleAutocomplete()
  2. 9 core/modules/system/src/Controller/EntityAutocompleteController.php \Drupal\system\Controller\EntityAutocompleteController::handleAutocomplete()

Autocomplete the label of an entity.

Parameters

\Symfony\Component\HttpFoundation\Request $request: The request object that contains the typed tags.

string $target_type: The ID of the target entity type.

string $selection_handler: The plugin ID of the entity reference selection handler.

string $selection_settings_key: The hashed key of the key/value entry that holds the selection handler settings.

Return value

\Symfony\Component\HttpFoundation\JsonResponse The matched entity labels as a JSON response.

Throws

\Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException Thrown if the selection settings key is not found in the key/value store or if it does not match the stored data.

1 string reference to 'EntityAutocompleteController::handleAutocomplete'
system.routing.yml in core/modules/system/system.routing.yml
core/modules/system/system.routing.yml

File

core/modules/system/src/Controller/EntityAutocompleteController.php, line 78

Class

EntityAutocompleteController
Defines a route controller for entity autocomplete form elements.

Namespace

Drupal\system\Controller

Code

public function handleAutocomplete(Request $request, $target_type, $selection_handler, $selection_settings_key) {
  $matches = [];

  // Get the typed string from the URL, if it exists.
  $input = $request->query
    ->get('q');

  // Check this string for emptiness, but allow any non-empty string.
  if (is_string($input) && strlen($input)) {
    $tag_list = Tags::explode($input);
    $typed_string = !empty($tag_list) ? mb_strtolower(array_pop($tag_list)) : '';

    // Selection settings are passed in as a hashed key of a serialized array
    // stored in the key/value store.
    $selection_settings = $this->keyValue
      ->get($selection_settings_key, FALSE);
    if ($selection_settings !== FALSE) {
      $selection_settings_hash = Crypt::hmacBase64(serialize($selection_settings) . $target_type . $selection_handler, Settings::getHashSalt());
      if (!hash_equals($selection_settings_hash, $selection_settings_key)) {

        // Disallow access when the selection settings hash does not match the
        // passed-in key.
        throw new AccessDeniedHttpException('Invalid selection settings key.');
      }
    }
    else {

      // Disallow access when the selection settings key is not found in the
      // key/value store.
      throw new AccessDeniedHttpException();
    }
    $entity_type_id = $request->query
      ->get('entity_type');
    if ($entity_type_id && $this
      ->entityTypeManager()
      ->hasDefinition($entity_type_id)) {
      $entity_id = $request->query
        ->get('entity_id');
      if ($entity_id) {
        $entity = $this
          ->entityTypeManager()
          ->getStorage($entity_type_id)
          ->load($entity_id);
        if ($entity
          ->access('update')) {
          $selection_settings['entity'] = $entity;
        }
      }
    }
    $matches = $this->matcher
      ->getMatches($target_type, $selection_handler, $selection_settings, $typed_string);
  }
  return new JsonResponse($matches);
}