From 05f98fb965830e40f275ceab7fe1b323813bb292 Mon Sep 17 00:00:00 2001
From: astanley <alanjarlathstanley@gmail.com>
Date: Tue, 15 Apr 2025 11:48:53 -0300
Subject: [PATCH] intial commit

---
 src/EventSubscriber/RedirectSubscriber.php | 40 ++++++++++++++++++++++
 url_permission_redirect.info.yml           |  5 +++
 url_permission_redirect.permissions.yml    |  3 ++
 url_permission_redirect.services.yml       |  6 ++++
 4 files changed, 54 insertions(+)
 create mode 100644 src/EventSubscriber/RedirectSubscriber.php
 create mode 100644 url_permission_redirect.info.yml
 create mode 100644 url_permission_redirect.permissions.yml
 create mode 100644 url_permission_redirect.services.yml

diff --git a/src/EventSubscriber/RedirectSubscriber.php b/src/EventSubscriber/RedirectSubscriber.php
new file mode 100644
index 0000000..50bc087
--- /dev/null
+++ b/src/EventSubscriber/RedirectSubscriber.php
@@ -0,0 +1,40 @@
+<?php
+
+namespace Drupal\url_permission_redirect\EventSubscriber;
+
+use Symfony\Component\HttpKernel\KernelEvents;
+use Symfony\Component\HttpKernel\Event\RequestEvent;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Drupal\Core\Routing\TrustedRedirectResponse;
+use Drupal\Core\Session\AccountProxyInterface;
+
+class RedirectSubscriber implements EventSubscriberInterface {
+
+  protected $currentUser;
+  protected $protectedDomain = 'scholar2-prod.islandarchives.ca';
+
+  public function __construct(AccountProxyInterface $current_user) {
+    $this->currentUser = $current_user;
+  }
+
+  public function onRequest(RequestEvent $event) {
+    $request = $event->getRequest();
+    $host = $request->getHost();
+
+    if ($this->currentUser->isAuthenticated() &&
+        $this->currentUser->hasPermission('access protected domain')) {
+      if ($host !== $this->protectedDomain) {
+        $uri = $request->getRequestUri();
+        $redirect_url = 'https://' . $this->protectedDomain . $uri;
+        $event->setResponse(new TrustedRedirectResponse($redirect_url, 302));
+      }
+    }
+  }
+
+  public static function getSubscribedEvents() {
+    return [
+      KernelEvents::REQUEST => ['onRequest', 100],
+    ];
+  }
+
+}
diff --git a/url_permission_redirect.info.yml b/url_permission_redirect.info.yml
new file mode 100644
index 0000000..6c4f90e
--- /dev/null
+++ b/url_permission_redirect.info.yml
@@ -0,0 +1,5 @@
+name: 'URL Permission Redirect'
+type: module
+description: 'Redirect users to a protected domain based on permissions.'
+core_version_requirement: ^9 || ^10
+package: Custom
diff --git a/url_permission_redirect.permissions.yml b/url_permission_redirect.permissions.yml
new file mode 100644
index 0000000..9e3dced
--- /dev/null
+++ b/url_permission_redirect.permissions.yml
@@ -0,0 +1,3 @@
+access protected domain:
+  title: 'Access protected domain'
+  description: 'Redirect to the protected domain if user has this permission.'
diff --git a/url_permission_redirect.services.yml b/url_permission_redirect.services.yml
new file mode 100644
index 0000000..d5593aa
--- /dev/null
+++ b/url_permission_redirect.services.yml
@@ -0,0 +1,6 @@
+services:
+  url_permission_redirect.event_subscriber:
+    class: Drupal\url_permission_redirect\EventSubscriber\RedirectSubscriber
+    arguments: ['@current_user']
+    tags:
+      - { name: event_subscriber }