Issue #2193803 by wturrell, ridhimaabrol24, mglaman, Pavan B S,...

Issue #2193803 by wturrell, ridhimaabrol24, mglaman, Pavan B S, narendra.rajwar27, abhisekmazumdar, dpi, manish.upadhyay, pankaj.singh, paulocs, Charles Belov, quietone, catch, jim_at_miramontes, dawehner, goodboy: Anonymous users receive access denied when attempting to logout

Issue #2193803 by wturrell, ridhimaabrol24, mglaman, Pavan B S,...
1b628f44 · catch · cc866657 · 1b628f44 · 1b628f44 · 1b628f44
Commit 1b628f44 authored 4 years ago by catch
--- a/core/modules/user/src/Controller/UserController.php
+++ b/core/modules/user/src/Controller/UserController.php
@@ -313,7 +313,9 @@ public function userTitle(UserInterface $user = NULL) {
   *   A redirection to home page.
   */
  public function logout() {
-    user_logout();
+    if ($this->currentUser()->isAuthenticated()) {
+      user_logout();
+    }
    return $this->redirect('<front>');
  }


--- a/core/modules/user/tests/src/Functional/UserAccountLinksTest.php
+++ b/core/modules/user/tests/src/Functional/UserAccountLinksTest.php
@@ -141,4 +141,13 @@ public function testAccountPageTitles() {
    $this->assertLinkByHref(\Drupal::urlGenerator()->generate('user.page'), 0);
  }

+  /**
+   * Ensures that logout url redirects an anonymous user to the front page.
+   */
+  public function testAnonymousLogout() {
+    $this->drupalGet('user/logout');
+    $this->assertSession()->addressEquals('/');
+    $this->assertSession()->statusCodeEquals(200);
+  }
+
 }
--- a/core/modules/user/user.routing.yml
+++ b/core/modules/user/user.routing.yml
@@ -11,7 +11,7 @@ user.logout:
  defaults:
    _controller: '\Drupal\user\Controller\UserController::logout'
  requirements:
-    _user_is_logged_in: 'TRUE'
+    _access: 'TRUE'

 user.admin_index:
  path: '/admin/config/people'