add protected pages, whole module

NRCan · Mar 1, 2023 · 047f908 · 047f908
1 parent 880e28b
commit 047f908
Show file tree

Hide file tree

Showing 23 changed files with 2,118 additions and 0 deletions.
diff --git a/html/modules/custom/protected_pages/README.txt b/html/modules/custom/protected_pages/README.txt
@@ -0,0 +1,36 @@
+********************************************************************
+                P R O T E C T E D   P A G E S   M O D U L E
+********************************************************************
+Original Author: Varun Mishra <varunmishra2006>
+Current Maintainer: Oksana Cyrwus <oksana-c>
+
+********************************************************************
+DESCRIPTION:
+
+   Protected Pages modules allows the administrator to secure any page or
+   private file in your website by password. You just need to go to
+   configuration page of this module and add path, password. After that the
+   added path will be password protected. This module also allows you to send
+   the details of this protected page to multiple users by email.
+
+   This module allow administrator to set global password for all protected
+   pages. This module provide bypass password protection of protected pages
+   permission also. All the protected pages will be accessible by users having
+   this permission.
+
+********************************************************************
+
+INSTALLATION:
+
+1. Place the entire protected_pages directory into sites modules directory
+  (eg /modules/contrib).
+
+2. Enable this module by navigating to:
+
+     Administration > Extend
+
+3. Go to admin/people/permissions#module-protected_pages and set permissions.
+
+4. Go to admin/config/system/protected_pages/settings and configure settings.
+
+5) Go to admin/config/system/protected_pages and start adding protected pages.
diff --git a/html/modules/custom/protected_pages/config/install/protected_pages.settings.yml b/html/modules/custom/protected_pages/config/install/protected_pages.settings.yml
@@ -0,0 +1,14 @@
+email:
+  subject: 'Please visit this new page'
+  body: "Dear friend,\n\nI just created a new page on my website and wanted to invite you to visit. The page is protected by password. Please find the details below:-\n\nPage Url = [protected-page-url]\n\nPage Password = password here\n\nThank you.\n[site-name]"
+password:
+  protected_pages_session_expire_time: '0'
+  per_page_or_global: 'per_page_or_global'
+others:
+  protected_pages_title: 'Protected Page -- Enter password'
+  protected_pages_description: 'The page you are trying to view is password protected. Please enter the password below to proceed.'
+  protected_pages_password_fieldset_legend: 'Enter password'
+  protected_pages_password_label: 'Enter password'
+  protected_pages_submit_button_text: 'Authenticate'
+  protected_pages_incorrect_password_msg: 'An incorrect password was submitted. Please check your password and try again.'
+langcode: en
diff --git a/html/modules/custom/protected_pages/config/schema/protected_pages.schema.yml b/html/modules/custom/protected_pages/config/schema/protected_pages.schema.yml
@@ -0,0 +1,59 @@
+protected_pages.settings:
+  type: config_object
+  translatable: true
+  label: 'Settings'
+  mapping:
+    password:
+      type: config_object
+      mapping:
+        per_page_or_global:
+          type: string
+          label: 'Global password setting'
+        global_password:
+          type: config_object
+          label: 'Global password'
+          mapping:
+            pass1:
+              type: string
+              label: 'Password'
+            pass2:
+              type: string
+              label: 'Confirm password'
+        protected_pages_session_expire_time:
+          type: string
+          label: 'Session expire time'
+    email:
+      label: 'Email settings'
+      type: mapping
+      mapping:
+        subject:
+          label: 'Subject'
+          type: text
+        body:
+          label: 'Message'
+          type: text
+    others:
+      label: 'Other settings'
+      type: mapping
+      mapping:
+        protected_pages_title:
+          label: 'Protected Pages title'
+          type: text
+        protected_pages_description:
+          label: 'Protected Pages description'
+          type: text
+        protected_pages_password_fieldset_legend:
+          label: 'Protected Pages password fieldset legend'
+          type: text
+        protected_pages_password_label:
+          label: 'Protected Pages password label'
+          type: text
+        protected_pages_submit_button_text:
+          label: 'Protected Pages submit button text'
+          type: text
+        protected_pages_incorrect_password_msg:
+          label: 'Protected Pages password message'
+          type: text
+    langcode:
+      type: string
+      label: 'Language code'
diff --git a/html/modules/custom/protected_pages/protected_pages.config_translation.yml b/html/modules/custom/protected_pages/protected_pages.config_translation.yml
@@ -0,0 +1,5 @@
+protected_pages_settings:
+  title: 'Protected pages'
+  base_route_name: protected_pages_settings
+  names:
+   - protected_pages.settings
diff --git a/html/modules/custom/protected_pages/protected_pages.info.yml b/html/modules/custom/protected_pages/protected_pages.info.yml
@@ -0,0 +1,8 @@
+name: 'Protected Pages'
+type: module
+description: 'Allow you to protect pages, private files by secure password. *NRCan edit*'
+configure: protected_pages_settings
+package: 'NRCan'
+core_version_requirement: ^9
+dependencies:
+  - drupal:path_alias
diff --git a/html/modules/custom/protected_pages/protected_pages.install b/html/modules/custom/protected_pages/protected_pages.install
@@ -0,0 +1,52 @@
+<?php
+
+/**
+ * @file
+ * Protected Pages install file.
+ */
+
+use Drupal\Core\Url;
+
+/**
+ * Implements hook_schema().
+ */
+function protected_pages_schema() {
+  $schema['protected_pages'] = [
+    'fields' => [
+      'pid' => [
+        'description' => 'The primary key always unique.',
+        'type' => 'serial',
+        'unsigned' => TRUE,
+        'not null' => TRUE,
+      ],
+      'password' => [
+        'type' => 'varchar',
+        'description' => 'The password of the protected page.',
+        'length' => '128',
+        'not null' => TRUE,
+      ],
+      'path' => [
+        'type' => 'varchar',
+        'description' => 'The path of the protected page.',
+        'length' => '255',
+        'not null' => TRUE,
+      ],
+    ],
+    'indexes' => [
+      'path' => ['path'],
+    ],
+    'primary key' => ['pid'],
+  ];
+  return $schema;
+}
+
+/**
+ * Implements hook_enable().
+ */
+function protected_pages_install() {
+
+  $message = \Drupal::translation()->translate('The Protected Pages module has been successfully enabled. Visit the <a href="@permissions">permissions</a> for your site.', [
+    '@permissions' => Url::fromUri('internal:/admin/people/permissions', ['fragment' => 'module-protected_pages'])->toString(),
+  ]);
+  \Drupal::messenger()->addMessage($message);
+}
diff --git a/html/modules/custom/protected_pages/protected_pages.links.action.yml b/html/modules/custom/protected_pages/protected_pages.links.action.yml
@@ -0,0 +1,5 @@
+protected_pages_add:
+  route_name: protected_pages_add
+  title: 'Add Protected Page'
+  appears_on:
+    - protected_pages_list
diff --git a/html/modules/custom/protected_pages/protected_pages.links.menu.yml b/html/modules/custom/protected_pages/protected_pages.links.menu.yml
@@ -0,0 +1,5 @@
+protected_pages.list_pages:
+  title: 'Protected Pages'
+  route_name: protected_pages_list
+  parent: system.admin_config_system
+  description: 'Configure protected pages setting.'
diff --git a/html/modules/custom/protected_pages/protected_pages.links.task.yml b/html/modules/custom/protected_pages/protected_pages.links.task.yml
@@ -0,0 +1,9 @@
+protected_pages_list:
+  title: Protected Pages
+  route_name: protected_pages_list
+  base_route: protected_pages_list
+
+protected_pages_settings:
+  title: Settings
+  route_name: protected_pages_settings
+  base_route: protected_pages_list
diff --git a/html/modules/custom/protected_pages/protected_pages.module b/html/modules/custom/protected_pages/protected_pages.module
@@ -0,0 +1,86 @@
+<?php
+
+/**
+ * @file
+ * This module allows you to protect any page of the website by secure password.
+ *
+ * You can enter urls of pages to protect and set password per page.
+ *
+ * Admin (uid = 1) or user with bypass protection permission can view page.
+ */
+
+use Drupal\Component\Utility\Html;
+use Drupal\Core\StreamWrapper\StreamWrapperManager;
+use Drupal\Core\Url;
+use Symfony\Component\HttpFoundation\RedirectResponse;
+
+/**
+ * Implements hook_mail().
+ */
+function protected_pages_mail($key, &$message, $params) {
+
+  switch ($key) {
+    // Send a simple message from the contact form.
+    case 'protected_pages_details_mail':
+
+      $tokens = ['[protected-page-url]', '[site-name]'];
+      $replacements = [
+        $params['protected_page_url'],
+        \Drupal::config('system.site')->get('name'),
+      ];
+
+      $body = str_replace($tokens, $replacements, $params['body']);
+
+      $subject = $params['subject'];
+      $message['subject'] = Html::escape($subject);
+      $message['body'][] = Html::escape($body);
+
+      break;
+  }
+}
+
+/**
+ * Implements hook_file_download().
+ */
+function protected_pages_file_download($uri) {
+  $account = \Drupal::currentUser();
+  if ($account->hasPermission('bypass pages password protection')) {
+    return;
+  }
+
+  $target = StreamWrapperManager::getTarget($uri);
+  $file_path = '/system/files/' . $target;
+
+  $fields = ['pid'];
+  $conditions = [];
+  $conditions['general'][] = [
+    'field' => 'path',
+    'value' => $file_path,
+    'operator' => '=',
+  ];
+
+  $protected_pages_storage = \Drupal::service('protected_pages.storage');
+
+  $pid = $protected_pages_storage->loadProtectedPage($fields, $conditions, TRUE);
+
+  if (isset($_SESSION['_protected_page']['passwords'][$pid]['expire_time'])) {
+    if (time() >= $_SESSION['_protected_page']['passwords'][$pid]['expire_time']) {
+      unset($_SESSION['_protected_page']['passwords'][$pid]['request_time']);
+      unset($_SESSION['_protected_page']['passwords'][$pid]['expire_time']);
+    }
+  }
+  if (isset($_SESSION['_protected_page']['passwords'][$pid]['request_time'])) {
+    return NULL;
+  }
+  if ($pid) {
+    $destination_path_array = \Drupal::destination()->getAsArray();
+    $destination_path_array['destination'] = $destination_path_array['destination'] . '/' . $target;
+    $destination_path_array['protected_page'] = $pid;
+    $response = new RedirectResponse(Url::fromUri('internal:/protected-page', ['query' => $destination_path_array])->toString());
+    $response->send();
+    return;
+  }
+  else {
+    return NULL;
+  }
+}
diff --git a/html/modules/custom/protected_pages/protected_pages.permissions.yml b/html/modules/custom/protected_pages/protected_pages.permissions.yml
@@ -0,0 +1,11 @@
+bypass pages password protection:
+  title: Bypass pages password protection
+  restrict access: TRUE
+
+access protected page password screen:
+  title: Access protected page password screen
+  description: This permission provides access to protected page login screen.
+
+administer protected pages configuration:
+  title: Access protected pages configuration screen
+  restrict access: TRUE
diff --git a/html/modules/custom/protected_pages/protected_pages.routing.yml b/html/modules/custom/protected_pages/protected_pages.routing.yml
@@ -0,0 +1,56 @@
+protected_pages_list:
+  path: 'admin/config/system/protected_pages'
+  defaults:
+    _title: 'Protected Pages'
+    _controller: '\Drupal\protected_pages\Controller\ProtectedPagesController::protectedPagesList'
+  requirements:
+    _permission: 'administer protected pages configuration'
+
+protected_pages_add:
+  path: 'admin/config/system/protected_pages/add'
+  defaults:
+    _title: 'Add Protected Page'
+    _form: '\Drupal\protected_pages\Form\ProtectedPagesAddForm'
+  requirements:
+    _permission: 'administer protected pages configuration'
+
+protected_pages_edit:
+  path: 'admin/config/system/protected_pages/{pid}/edit'
+  defaults:
+    _title: 'Edit Protected Page'
+    _form: '\Drupal\protected_pages\Form\ProtectedPagesEditForm'
+  requirements:
+    _permission: 'administer protected pages configuration'
+
+protected_pages_delete:
+  path: 'admin/config/system/protected_pages/{pid}/delete'
+  defaults:
+    _title: 'Delete Protected Page'
+    _form: '\Drupal\protected_pages\Form\ProtectedPagesDeleteConfirmForm'
+  requirements:
+    _permission: 'administer protected pages configuration'
+
+protected_pages_send_email:
+  path: 'admin/config/system/protected_pages/{pid}/send_email'
+  defaults:
+    _title: 'Send protected pages details to user by email'
+    _form: '\Drupal\protected_pages\Form\ProtectedPagesSendEmailForm'
+  requirements:
+    _permission: 'administer protected pages configuration'
+
+protected_pages_settings:
+  path: 'admin/config/system/protected_pages/settings'
+  defaults:
+    _title: 'Settings'
+    _form: '\Drupal\protected_pages\Form\ProtectedPagesSettingForm'
+  requirements:
+    _permission: 'administer protected pages configuration'
+
+protected_pages_login_page:
+  path: 'protected-page'
+  defaults:
+    _title_callback: '\Drupal\protected_pages\Form\ProtectedPagesLoginForm::protectedPageTitle'
+    _title: 'Protected page - Enter Password'
+    _form: '\Drupal\protected_pages\Form\ProtectedPagesLoginForm'
+  requirements:
+    _custom_access: '\Drupal\protected_pages\Form\ProtectedPagesLoginForm::accessProtectedPageLoginScreen'
diff --git a/html/modules/custom/protected_pages/protected_pages.services.yml b/html/modules/custom/protected_pages/protected_pages.services.yml
@@ -0,0 +1,9 @@
+services:
+  protected_pages.check_protected_page:
+    class: Drupal\protected_pages\EventSubscriber\ProtectedPagesSubscriber
+    arguments: ['@path_alias.manager','@current_user','@path.current','@redirect.destination','@request_stack','@protected_pages.storage', '@page_cache_kill_switch']
+    tags:
+      - {name: event_subscriber}
+  protected_pages.storage:
+    class: Drupal\protected_pages\ProtectedPagesStorage
+    arguments: ['@database']