ISSUE-395: Make IP based embargoed ADOs + Anonymous users un-cacheable

src/Controller/MetadataExposeDisplayController.php

@@ -241,9 +241,6 @@ public function castViaTwig(
               $embargo_context[] = 'ip';
             }
           }
-          else {
-            $embargoed = $embargo_info;
-          }
 
           if ($metadataexposeconfig_entity->getHideOnEmbargo() && $embargoed) {
             // If embargoed and hide on embargo TRUE,
@@ -329,6 +326,9 @@ function () use ($context, $original_context, $metadatadisplay_entity) {
           $response->getCacheableMetadata()->addCacheTags($embargo_tags);
           $response->getCacheableMetadata()->addCacheContexts(['user.roles']);
           $response->getCacheableMetadata()->addCacheContexts($embargo_context);
+          if (isset($embargo_info[4]) && $embargo_info[4] === FALSE) {
+            $response->getCacheableMetadata()->setCacheMaxAge(0);
+          }
         }
         return $response;
 

src/EmbargoResolver.php

@@ -66,13 +66,14 @@ public function __construct(ConfigFactoryInterface $config_factory, AccountInter
 
   /**
    * Checks if we can bypass embargo.
-   *    If not possible we return an array with more info
+   *    If not possible we return an array with more info.
+   *    If the user is anonymous, and IP data is present in the ADO, we kill the cache too.
    *
    * @param array $jsondata
    *
    * @return array
    *    Returns array
-   *    with [(bool) embargoed, $date|FALSE, (bool) IP is enforced]
+   *    with [(bool) embargoed, $date|FALSE, (bool) IP is enforced], (bool) if cacheable at all or not
    *
    */
   public function embargoInfo(string $uuid, array $jsondata) {
@@ -82,11 +83,14 @@ public function embargoInfo(string $uuid, array $jsondata) {
     // This cache will only work per extending class
     // If we want the cache to survive longer
     // We need to make the function itself static
+    // but also add the varying IP to it.
     // @TODO evaluate if making it static is worth the effort.
     // Since all act on the same data/entity
     // And will share during the life
     // of the static cache
     // Same user/roles/etc
+    // but IP can vary, even for the same user.
+    // But never on a single HTTP call.
     if (isset($cache[$cache_id])) {
       return $cache[$cache_id];
     }
@@ -96,16 +100,17 @@ public function embargoInfo(string $uuid, array $jsondata) {
     $ip_embargo = FALSE;
     // If embargo by date is enforced
     $date_embargo = FALSE;
+    $cacheable = TRUE;
 
     if (!$this->embargoConfig->get('enabled')) {
-      $embargo_info = [!$noembargo, FALSE, FALSE];
+      $embargo_info = [!$noembargo, FALSE, FALSE, $cacheable];
     }
     $user_roles = $this->currentUser->getRoles();
     if (in_array('administrator', $user_roles)) {
-      $embargo_info = [!$noembargo, FALSE, FALSE];
+      $embargo_info = [!$noembargo, FALSE, FALSE, $cacheable];
     }
     elseif ($this->currentUser->hasPermission('see strawberryfield embargoed ados')) {
-      $embargo_info = [!$noembargo, FALSE , FALSE];
+      $embargo_info = [!$noembargo, FALSE , FALSE, $cacheable];
     }
     else {
       // Check the actual embargo options
@@ -125,6 +130,16 @@ public function embargoInfo(string $uuid, array $jsondata) {
       $ip_embargo_key = $this->embargoConfig->get('ip_json_key');
       if (strlen($ip_embargo_key) > 0 && !empty($jsondata[$ip_embargo_key])) {
         $current_ip =  $this->requestStack->getCurrentRequest()->getClientIp();
+        if ($this->currentUser->isAnonymous()) {
+          if (\Drupal::moduleHandler()->moduleExists('page_cache')) {
+            // we won't be able to cache varying contexts for anonymous, so
+            // simply kill the page cache
+            \Drupal::service('page_cache_kill_switch')->trigger();
+            $cacheable = FALSE;
+          }
+        }
+        // Why would the current IP not be present? Should we deny all if that
+        // exception happens?
         if ($current_ip) {
           if (is_array($jsondata[$ip_embargo_key])) {
             foreach($jsondata[$ip_embargo_key] as $ip_embargo_value) {
@@ -142,7 +157,7 @@ public function embargoInfo(string $uuid, array $jsondata) {
           }
         }
       }
-      $embargo_info = [!$noembargo, $date_embargo ? $date: FALSE , $ip_embargo];
+      $embargo_info = [!$noembargo, $date_embargo ? $date: FALSE , $ip_embargo, $cacheable];
     }
     $cache[$cache_id] = $embargo_info;
     return $embargo_info;

src/Plugin/Field/FieldFormatter/Strawberry3DFormatter.php

@@ -304,7 +304,7 @@ function($item) {
         // Attach the Library
         $elements[$delta]['#attached']['library'][] = 'format_strawberryfield/jsm_modeler';
         // Add the texture
-        // Its always the same.
+        // It is always the same.
 
         foreach ($elements[$delta] as &$element) {
           if (isset($element['#attributes'])) {
@@ -341,6 +341,10 @@ function($item) {
       'context' => Cache::mergeContexts($items->getEntity()->getCacheContexts(), ['user.permissions', 'user.roles'], $embargo_context),
       'tags' => Cache::mergeTags($items->getEntity()->getCacheTags(), $embargo_tags, ['config:format_strawberryfield.embargo_settings']),
     ];
+    if (isset($embargo_info[4]) && $embargo_info[4] === FALSE) {
+      $elements['#cache']['max-age'] = 0;
+    }
+
     return $elements;
   }
 

src/Plugin/Field/FieldFormatter/StrawberryAudioFormatter.php

@@ -304,6 +304,9 @@ public function viewElements(FieldItemListInterface $items, $langcode) {
       'context' => Cache::mergeContexts($items->getEntity()->getCacheContexts(), ['user.permissions', 'user.roles'], $embargo_context),
       'tags' => Cache::mergeTags($items->getEntity()->getCacheTags(), $embargo_tags, ['config:format_strawberryfield.embargo_settings']),
     ];
+    if (isset($embargo_info[4]) && $embargo_info[4] === FALSE) {
+      $elements['#cache']['max-age'] = 0;
+    }
 
     return $elements;
   }
@@ -319,9 +322,7 @@ protected function generateElementForItem(int $delta, FieldItemListInterface $it
     $max_height = $this->getSetting('max_height');
     $nodeuuid = $items->getEntity()->uuid();
     $nodeid = $items->getEntity()->id();
-    $imagefile = NULL;
-    $publicimageurl = NULL;
-    $fieldname = $items->getName();
+
 
     // We assume here file could not be accessible publicly
     $route_parameters = [

src/Plugin/Field/FieldFormatter/StrawberryBaseFormatter.php

@@ -17,7 +17,6 @@
 use Drupal\format_strawberryfield\Tools\IiifHelper;
 use Drupal\strawberryfield\Tools\Ocfl\OcflHelper;
 use Drupal\strawberryfield\Tools\StrawberryfieldJsonHelper;
-use mysql_xdevapi\Exception;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 use Drupal\format_strawberryfield\Tools\IiifUrlValidator;
 use Drupal\Core\Access\AccessResult;
@@ -296,7 +295,7 @@ public function validateJSON(array &$element, FormStateInterface $form_state, ar
           $form_state->setErrorByName(implode('][', $parents), t("Value is not a valid JSON"));
         }
       }
-      catch (Exception $e) {
+      catch (\Exception $e) {
         $form_state->setErrorByName(implode('][', $parents), t("Value is not a valid JSON"));
       }
     }

src/Plugin/Field/FieldFormatter/StrawberryCitationFormatter.php

@@ -2,6 +2,7 @@
 
 namespace Drupal\format_strawberryfield\Plugin\Field\FieldFormatter;
 
+use Drupal\Core\Cache\Cache;
 use Drupal\Core\Config\ConfigFactoryInterface;
 use Drupal\Core\Entity\EntityTypeManagerInterface;
 use Drupal\Core\Field\FieldDefinitionInterface;
@@ -378,6 +379,15 @@ public function viewElements(FieldItemListInterface $items, $langcode) {
         ];
       }
     }
+    $elements['#cache'] = [
+      'context' => Cache::mergeContexts($items->getEntity()->getCacheContexts(), ['user.permissions', 'user.roles'], $embargo_context),
+      'tags' => Cache::mergeTags($items->getEntity()->getCacheTags(), $embargo_tags, ['config:format_strawberryfield.embargo_settings']),
+    ];
+
+    if (isset($embargo_info[4]) && $embargo_info[4] === FALSE) {
+      $elements['#cache']['max-age'] = 0;
+    }
+
     return $elements;
   }