intial commit

src/EventSubscriber/RedirectSubscriber.php

@@ -0,0 +1,40 @@
+<?php
+
+namespace Drupal\url_permission_redirect\EventSubscriber;
+
+use Symfony\Component\HttpKernel\KernelEvents;
+use Symfony\Component\HttpKernel\Event\RequestEvent;
+use Symfony\Component\EventDispatcher\EventSubscriberInterface;
+use Drupal\Core\Routing\TrustedRedirectResponse;
+use Drupal\Core\Session\AccountProxyInterface;
+
+class RedirectSubscriber implements EventSubscriberInterface {
+
+  protected $currentUser;
+  protected $protectedDomain = 'scholar2-prod.islandarchives.ca';
+
+  public function __construct(AccountProxyInterface $current_user) {
+    $this->currentUser = $current_user;
+  }
+
+  public function onRequest(RequestEvent $event) {
+    $request = $event->getRequest();
+    $host = $request->getHost();
+
+    if ($this->currentUser->isAuthenticated() &&
+        $this->currentUser->hasPermission('access protected domain')) {
+      if ($host !== $this->protectedDomain) {
+        $uri = $request->getRequestUri();
+        $redirect_url = 'https://' . $this->protectedDomain . $uri;
+        $event->setResponse(new TrustedRedirectResponse($redirect_url, 302));
+      }
+    }
+  }
+
+  public static function getSubscribedEvents() {
+    return [
+      KernelEvents::REQUEST => ['onRequest', 100],
+    ];
+  }
+
+}

url_permission_redirect.info.yml

@@ -0,0 +1,5 @@
+name: 'URL Permission Redirect'
+type: module
+description: 'Redirect users to a protected domain based on permissions.'
+core_version_requirement: ^9 || ^10
+package: Custom

url_permission_redirect.permissions.yml

@@ -0,0 +1,3 @@
+access protected domain:
+  title: 'Access protected domain'
+  description: 'Redirect to the protected domain if user has this permission.'

url_permission_redirect.services.yml

@@ -0,0 +1,6 @@
+services:
+  url_permission_redirect.event_subscriber:
+    class: Drupal\url_permission_redirect\EventSubscriber\RedirectSubscriber
+    arguments: ['@current_user']
+    tags:
+      - { name: event_subscriber }