<?php
/**
* Created by PhpStorm.
* User: sebastiantovar
* Date: 2019-04-15
* Time: 17:56
*/
namespace App\EventSubscriber\Category;
use ApiPlatform\Core\EventListener\EventPriorities;
use App\Entity\App\Category;
use App\Entity\App\Role;
use App\Entity\App\User;
use App\Services\UtilsService;
use App\Services\VendorService;
use App\Exception\AccessDeniedException;
use App\Exception\NotFoundException;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\ViewEvent;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Contracts\Translation\TranslatorInterface;
class CategoryPreWriteSubscriber implements EventSubscriberInterface
{
private $tokenStorage;
private $authorizationChecker;
private $vendorService;
private $utilsService;
private $translator;
public function __construct(
TokenStorageInterface $tokenStorage,
AuthorizationCheckerInterface $checker,
VendorService $vendorService,
UtilsService $utilsService,
TranslatorInterface $translator
){
$this->tokenStorage = $tokenStorage;
$this->authorizationChecker = $checker;
$this->vendorService = $vendorService;
$this->utilsService = $utilsService;
$this->translator = $translator;
}
/**
* @param ViewEvent $event
* @throws AccessDeniedException
* @throws NotFoundException
*/
public function onKernelView(ViewEvent $event)
{
if ($this->utilsService->isAPublicRequest($event)) {
return;
}
$category = $event->getControllerResult();
$request = $event->getRequest();
$method = $request->getMethod();
$userCurrent = $this->tokenStorage->getToken()->getUser();
if (!($category instanceof Category) ||
(Request::METHOD_POST !== $method && Request::METHOD_PUT && Request::METHOD_DELETE !== $method)
)
return;
$locale = $request->getLocale();
if ($this->tokenStorage->getToken()) {
$userCurrent = $this->tokenStorage->getToken()->getUser();
if ($userCurrent instanceof User) {
$locale = $userCurrent->getLocale();
}
}
if (Request::METHOD_DELETE === $method) {
$resources = $category->getResources();
$tasks = $category->getTasks();
$maintenanceElements = $category->getMaintenanceElements();
$locations = $category->getLocations();
$vendorStaff = $category->getVendorStaff();
$tickets = $category->getTickets();
if($tickets){
foreach ($tickets as $ticket){
$ticket->setCategory(null);
}
}
if($resources){
foreach ($resources as $resource){
$resource->setCategory(null);
}
}
if($tasks){
foreach ($tasks as $task){
$task->setCategory(null);
}
}
if($locations){
foreach ($locations as $location){
$location->removeCategory($category);
}
}
if($maintenanceElements){
foreach ($maintenanceElements as $maintenanceElement){
$maintenanceElement->setFamily(null);
}
}
if($vendorStaff){
foreach ($vendorStaff as $staff){
$staff->removeCategory($category);
}
}
return;
}
if ($this->authorizationChecker->isGranted('ROLE_SUPERADMIN'))
return;
if (!$userCurrent instanceof User) {
throw new NotFoundException($this->translator->trans('User current not found'));
}
$controlAccess = [Role::ROLE_ADMIN];
if (!$this->vendorService->isUserRoleInToVendor($category->getVendor(), $userCurrent, $controlAccess)) {
$controlAccessTranslator = [];
foreach ($controlAccess as $roleName) {
$controlAccessTranslator[] = $this->translator->trans($roleName, [], null, $locale);
}
$response = new Response();
$response->setContent(json_encode([
'detail' => $this->translator->trans(
'access_allowed_only_for',
[],
null,
$locale
) . (implode(', ', $controlAccessTranslator))
]));
$response->setStatusCode(Response::HTTP_BAD_REQUEST);
$event->setResponse($response);
return;
}
}
/**
* @return array
*/
public static function getSubscribedEvents()
{
return [
KernelEvents::VIEW => ['onKernelView', EventPriorities::PRE_WRITE]
];
}
}