src/EventListener/FirewallRcaPartnersListener.php line 31

Open in your IDE?
  1. <?php
  2. namespace App\EventListener;
  3. use App\RBAC\PermissionsInterface;
  4. use Symfony\Bundle\FrameworkBundle\Routing\Router;
  5. use Symfony\Component\HttpFoundation\RedirectResponse;
  6. use Symfony\Component\HttpKernel\Event\RequestEvent;
  7. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  8. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  9. class FirewallRcaPartnersListener
  10. {
  11.     /** @var TokenStorageInterface $tokenStorage */
  12.     private $tokenStorage;
  13.     /** @var AuthorizationCheckerInterface $authorizationChecker */
  14.     private $authorizationChecker;
  15.     /** @var Router $router */
  16.     private $router;
  17.     public function __construct(TokenStorageInterface         $tokenStorage,
  18.                                 AuthorizationCheckerInterface $authorizationChecker,
  19.                                 Router                        $router
  20.     )
  21.     {
  22.         $this->tokenStorage $tokenStorage;
  23.         $this->authorizationChecker $authorizationChecker;
  24.         $this->router $router;
  25.     }
  26.     public function onKernelRequest(RequestEvent $event)
  27.     {
  28.         $controller $event->getRequest()->get('_controller');
  29.         $parts explode(':'$controller);
  30.         $currentController $parts[0];
  31.         $currentAction = empty($parts[1]) ? null $parts[1];
  32.         if (!$this->tokenStorage->getToken() ||
  33.             false === $this->authorizationChecker->isGranted('ROLE_ADMINISTRATION_ACCESS') ||
  34.             !($user $this->tokenStorage->getToken()->getUser()) ||
  35.             !$user->hasPermission(PermissionsInterface::TYPE_RCA_PARTNER) ||
  36.             strpos($controller'exception') !== false ||
  37.             $this->isAllowedController($currentController$currentAction)
  38.         ) {
  39.             return;
  40.         }
  41.         $event->setResponse(new RedirectResponse($this->router->generate('admin_report_products')));
  42.     }
  43.     private function isAllowedController(string $controllerstring $action null): bool
  44.     {
  45.         if (!empty($action) && $controller === 'app.controller.order.grid' &&
  46.             preg_match('/(logs|downloadImportedFile)/i'$action)
  47.         ) {
  48.             return false;
  49.         }
  50.         switch ($controller) {
  51.             case 'app.controller.order.grid':
  52.             case 'sylius.controller.channel':
  53.             case 'sylius.controller.admin_user':
  54.                 return true;
  55.             default:
  56.                 return false;
  57.         }
  58.     }
  59. }