src/Listener/AclAnnotationListener.php line 47

Open in your IDE?
  1. <?php
  2.     /******************************************************************************
  3.      * Copyright (c) Echo-numeric 2020-2023.                                      *
  4.      ******************************************************************************/
  7.     namespace App\Listener;
  9.     use App\Annotation\Acl as AclAnnotation;
  10.     use App\Entity\User;
  11.     use App\Services\Common\AclService;
  12.     use Doctrine\Common\Annotations\Reader;
  13.     use Psr\Cache\InvalidArgumentException;
  14.     use ReflectionClass;
  15.     use ReflectionException;
  16.     use RuntimeException;
  17.     use Symfony\Component\HttpKernel\Event\ControllerEvent;
  18.     use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  19.     use Symfony\Component\Security\Core\Security;
  21.     class AclAnnotationListener
  22.     {
  23.         private Reader          $annotationReader;
  24.         private Security        $security;
  25.         private AclService      $aclService;
  26.         private ControllerEvent $event;
  29.         public function __construct(
  30.             Reader     $annotationReader,
  31.             Security   $security,
  32.             AclService $aclService
  33.         )
  34.         {
  35.             $this->annotationReader $annotationReader;
  36.             $this->security         $security;
  37.             $this->aclService       $aclService;
  38.         }
  41.         /**
  42.          * @param ControllerEvent $event
  43.          *
  44.          * @return void
  45.          * @throws ReflectionException|InvalidArgumentException
  46.          */
  47.         public function onKernelControllerControllerEvent $event ): void
  48.         {
  49.             $this->event $event;
  51.             if ( !$event->isMainRequest() ) {
  52.                 return;
  53.             }
  55.             $controllers $event->getController();
  56.             if ( !is_array$controllers ) ) {
  57.                 return;
  58.             }
  60.             $this->handleAnnotation$controllers );
  61.         }
  64.         /**
  65.          * @param iterable $controllers
  66.          *
  67.          * @return void
  68.          *
  69.          * @throws ReflectionException
  70.          * @throws InvalidArgumentException
  71.          */
  72.         private function handleAnnotationiterable $controllers ): void
  73.         {
  74.             [ $controller$method ] = $controllers;
  76.             try {
  77.                 $controller = new ReflectionClass$controller );
  78.             }
  79.             catch ( ReflectionException $e ) {
  80.                 throw new RuntimeException'Failed to read annotation!' );
  81.             }
  83.             $this->handleMethodAnnotation$controller$method );
  84.         }
  87.         /**
  88.          * @param ReflectionClass $controller
  89.          * @param string          $method
  90.          *
  91.          * @return void
  92.          *
  93.          * @throws ReflectionException
  94.          * @throws InvalidArgumentException
  95.          */
  96.         private function handleMethodAnnotationReflectionClass $controllerstring $method ): void
  97.         {
  98.             $method     $controller->getMethod$method );
  99.             $annotation $this->annotationReader->getMethodAnnotation$methodAclAnnotation::class );
  101.             if ( $annotation instanceof AclAnnotation ) {
  102.                 /** @var User $user */
  103.                 $user $this->security->getUser();
  104.                 foreach ( $annotation->rules as $slug => $action ) {
  105.                     $request $this->event->getRequest();
  107.                     switch ( $request->get'_route' ) ) {
  108.                         case 'front_catalogue_homepage':
  109.                             $slug .= '.' $request->get'catalogue' );
  110.                             break;
  111.                         case 'front_catalogue_product':
  112.                         case 'front_recompense_boutique_collective_show':
  113.                             $slug .= '.' $request->get'catalogueType' );
  114.                             break;
  115.                         default:
  116.                             break;
  117.                     }
  119.                     if ( $this->aclService->userIsGranted$user$slug$action$this->event->getRequest()
  120.                                                                                               ->get'_env' ) ?? 'front' ) === TRUE ) {
  121.                         return;
  122.                     }
  123.                 }
  125.                 throw new AccessDeniedException'Vous ne disposez pas des droits suffisants pour cette page. ("' json_encode$annotation->rules ) . ')' );
  126.             }
  127.         }
  128.     }