src/EventListener/FirewallObsidianPartnersListener.php line 31

Open in your IDE?
  1. <?php
  3. namespace App\EventListener;
  5. use App\RBAC\PermissionsInterface;
  6. use Symfony\Bundle\FrameworkBundle\Routing\Router;
  7. use Symfony\Component\HttpFoundation\RedirectResponse;
  8. use Symfony\Component\HttpKernel\Event\RequestEvent;
  9. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  10. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  12. class FirewallObsidianPartnersListener
  13. {
  14.     /** @var TokenStorageInterface $tokenStorage */
  15.     private $tokenStorage;
  16.     /** @var AuthorizationCheckerInterface $authorizationChecker */
  17.     private $authorizationChecker;
  18.     /** @var Router $router */
  19.     private $router;
  21.     public function __construct(TokenStorageInterface         $tokenStorage,
  22.                                 AuthorizationCheckerInterface $authorizationChecker,
  23.                                 Router                        $router
  24.     )
  25.     {
  26.         $this->tokenStorage $tokenStorage;
  27.         $this->authorizationChecker $authorizationChecker;
  28.         $this->router $router;
  29.     }
  31.     public function onKernelRequest(RequestEvent $event)
  32.     {
  33.         $controller $event->getRequest()->get('_controller');
  34.         $parts explode(':'$controller);
  35.         $currentController $parts[0];
  36.         $currentAction = empty($parts[1]) ? null $parts[1];
  37.         if (!$this->tokenStorage->getToken() ||
  38.             false === $this->authorizationChecker->isGranted('ROLE_ADMINISTRATION_ACCESS') ||
  39.             !($user $this->tokenStorage->getToken()->getUser()) ||
  40.             !$user->hasPermission(PermissionsInterface::TYPE_OBSIDIAN_PARTNER) ||
  41.             strpos($controller'exception') !== false ||
  42.             $this->isAllowedController($currentController$currentAction)
  43.         ) {
  44.             return;
  45.         }
  47.         $event->setResponse(new RedirectResponse($this->router->generate('admin_report_products')));
  48.     }
  50.     private function isAllowedController(string $controllerstring $action null): bool
  51.     {
  52.         if (!empty($action) && $controller === 'app.controller.order.grid' &&
  53.             preg_match('/(logs|downloadImportedFile)/i'$action)
  54.         ) {
  55.             return false;
  56.         }
  58.         switch ($controller) {
  59.             case 'app.controller.order.grid':
  60.             case 'app.controller.death_insurance.admin_death_insurance':
  61.             case 'sylius.controller.channel':
  62.             case 'sylius.controller.admin_user':
  63.                 return true;
  64.             default:
  65.                 return false;
  66.         }
  67.     }
  69. }