class UserRegistrationResource

Same name in other branches
  1. 9 core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource
  2. 8.9.x core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource
  3. 11.x core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php \Drupal\user\Plugin\rest\resource\UserRegistrationResource

Represents user registration as a resource.

Hierarchy

Expanded class hierarchy of UserRegistrationResource

1 file declares its use of UserRegistrationResource
UserRegistrationResourceTest.php in core/modules/user/tests/src/Unit/UserRegistrationResourceTest.php

File

core/modules/user/src/Plugin/rest/resource/UserRegistrationResource.php, line 25

Namespace

Drupal\user\Plugin\rest\resource
View source 
class UserRegistrationResource extends ResourceBase {
    use EntityResourceValidationTrait;
    use EntityResourceAccessTrait;
    
    /**
     * User settings config instance.
     *
     * @var \Drupal\Core\Config\ImmutableConfig
     */
    protected $userSettings;
    
    /**
     * The current user.
     *
     * @var \Drupal\Core\Session\AccountInterface
     */
    protected $currentUser;
    
    /**
     * The password generator.
     *
     * @var \Drupal\Core\Password\PasswordGeneratorInterface
     */
    protected $passwordGenerator;
    
    /**
     * Constructs a new UserRegistrationResource instance.
     *
     * @param array $configuration
     *   A configuration array containing information about the plugin instance.
     * @param string $plugin_id
     *   The plugin ID for the plugin instance.
     * @param mixed $plugin_definition
     *   The plugin implementation definition.
     * @param array $serializer_formats
     *   The available serialization formats.
     * @param \Psr\Log\LoggerInterface $logger
     *   A logger instance.
     * @param \Drupal\Core\Config\ImmutableConfig $user_settings
     *   A user settings config instance.
     * @param \Drupal\Core\Session\AccountInterface $current_user
     *   The current user.
     * @param \Drupal\Core\Password\PasswordGeneratorInterface|null $password_generator
     *   The password generator.
     */
    public function __construct(array $configuration, $plugin_id, $plugin_definition, array $serializer_formats, LoggerInterface $logger, ImmutableConfig $user_settings, AccountInterface $current_user, ?PasswordGeneratorInterface $password_generator = NULL) {
        if (is_null($password_generator)) {
            @trigger_error('Calling ' . __METHOD__ . '() without the $password_generator argument is deprecated in drupal:10.3.0 and will be required in drupal:11.0.0. See https://www.drupal.org/node/3405799', E_USER_DEPRECATED);
            $password_generator = \Drupal::service('password_generator');
        }
        parent::__construct($configuration, $plugin_id, $plugin_definition, $serializer_formats, $logger);
        $this->userSettings = $user_settings;
        $this->currentUser = $current_user;
        $this->passwordGenerator = $password_generator;
    }
    
    /**
     * {@inheritdoc}
     */
    public static function create(ContainerInterface $container, array $configuration, $plugin_id, $plugin_definition) {
        return new static($configuration, $plugin_id, $plugin_definition, $container->getParameter('serializer.formats'), $container->get('logger.factory')
            ->get('rest'), $container->get('config.factory')
            ->get('user.settings'), $container->get('current_user'), $container->get('password_generator'));
    }
    
    /**
     * Responds to user registration POST request.
     *
     * @param \Drupal\user\UserInterface $account
     *   The user account entity.
     *
     * @return \Drupal\rest\ModifiedResourceResponse
     *   The HTTP response object.
     *
     * @throws \Symfony\Component\HttpKernel\Exception\BadRequestHttpException
     * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
     */
    public function post(?UserInterface $account = NULL) {
        $this->ensureAccountCanRegister($account);
        // Only activate new users if visitors are allowed to register.
        if ($this->userSettings
            ->get('register') == UserInterface::REGISTER_VISITORS) {
            $account->activate();
        }
        else {
            $account->block();
        }
        // Generate password if email verification required.
        if ($this->userSettings
            ->get('verify_mail')) {
            $account->setPassword($this->passwordGenerator
                ->generate());
        }
        $this->checkEditFieldAccess($account);
        // Make sure that the user entity is valid (email and name are valid).
        $this->validate($account);
        // Create the account.
        $account->save();
        $this->sendEmailNotifications($account);
        return new ModifiedResourceResponse($account, 200);
    }
    
    /**
     * Ensure the account can be registered in this request.
     *
     * @param \Drupal\user\UserInterface $account
     *   The user account to register.
     */
    protected function ensureAccountCanRegister(?UserInterface $account = NULL) {
        if ($account === NULL) {
            throw new BadRequestHttpException('No user account data for registration received.');
        }
        // POSTed user accounts must not have an ID set, because we always want to
        // create new entities here.
        if (!$account->isNew()) {
            throw new BadRequestHttpException('An ID has been set and only new user accounts can be registered.');
        }
        // Only allow anonymous users to register, authenticated users with the
        // necessary permissions can POST a new user to the "user" REST resource.
        // @see \Drupal\rest\Plugin\rest\resource\EntityResource
        if (!$this->currentUser
            ->isAnonymous()) {
            throw new AccessDeniedHttpException('Only anonymous users can register a user.');
        }
        // Verify that the current user can register a user account.
        if ($this->userSettings
            ->get('register') == UserInterface::REGISTER_ADMINISTRATORS_ONLY) {
            throw new AccessDeniedHttpException('You cannot register a new user account.');
        }
        if (!$this->userSettings
            ->get('verify_mail')) {
            if (empty($account->getPassword())) {
                // If no email verification then the user must provide a password.
                throw new UnprocessableEntityHttpException('No password provided.');
            }
        }
        else {
            if (!empty($account->getPassword())) {
                // If email verification required then a password cannot provided.
                // The password will be set when the user logs in.
                throw new UnprocessableEntityHttpException('A Password cannot be specified. It will be generated on login.');
            }
        }
    }
    
    /**
     * Sends email notifications if necessary for user that was registered.
     *
     * @param \Drupal\user\UserInterface $account
     *   The user account.
     */
    protected function sendEmailNotifications(UserInterface $account) {
        $approval_settings = $this->userSettings
            ->get('register');
        // No email verification is required. Activating the user.
        if ($approval_settings == UserInterface::REGISTER_VISITORS) {
            if ($this->userSettings
                ->get('verify_mail')) {
                // No administrator approval required.
                _user_mail_notify('register_no_approval_required', $account);
            }
        }
        elseif ($approval_settings == UserInterface::REGISTER_VISITORS_ADMINISTRATIVE_APPROVAL) {
            _user_mail_notify('register_pending_approval', $account);
        }
    }

}

Members

Title Modifiers Object type Summary Overriden Title Overrides
EntityResourceAccessTrait::checkEditFieldAccess protected function Performs edit access checks for fields.
EntityResourceValidationTrait::validate protected function Verifies that an entity does not violate any validation constraints.
PluginInspectionInterface::getPluginDefinition public function Gets the definition of the plugin implementation. 6
PluginInspectionInterface::getPluginId public function Gets the plugin ID of the plugin instance. 2
ResourceBase::$logger protected property A logger instance.
ResourceBase::$serializerFormats protected property The available serialization formats.
ResourceBase::availableMethods public function Returns the available HTTP request methods on this plugin. Overrides ResourceInterface::availableMethods 1
ResourceBase::getBaseRoute protected function Gets the base route for a particular method. 2
ResourceBase::getBaseRouteRequirements protected function Gets the base route requirements for a particular method. 1
ResourceBase::permissions public function Implements ResourceInterface::permissions(). Overrides ResourceInterface::permissions 2
ResourceBase::requestMethods protected function Provides predefined HTTP request methods.
ResourceBase::routes public function Returns a collection of routes with URL path information for the resource. Overrides ResourceInterface::routes
UserRegistrationResource::$currentUser protected property The current user.
UserRegistrationResource::$passwordGenerator protected property The password generator.
UserRegistrationResource::$userSettings protected property User settings config instance.
UserRegistrationResource::create public static function Creates an instance of the plugin. Overrides ResourceBase::create
UserRegistrationResource::ensureAccountCanRegister protected function Ensure the account can be registered in this request.
UserRegistrationResource::post public function Responds to user registration POST request.
UserRegistrationResource::sendEmailNotifications protected function Sends email notifications if necessary for user that was registered.
UserRegistrationResource::__construct public function Constructs a new UserRegistrationResource instance. Overrides ResourceBase::__construct

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.