<?php
/**
* Created by PhpStorm.
* User: SUSAN MEDINA
* Date: 21/05/2019
* Time: 02:43 PM
*/
namespace App\EventSubscriber\ChatMessage;
use App\Entity\App\MediaObject;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\ViewEvent;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use ApiPlatform\Core\EventListener\EventPriorities;
use Symfony\Contracts\Translation\TranslatorInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\KernelEvents;
use App\Exception\InvalidArgumentException;
use App\Exception\NotFoundException;
use App\Exception\AccessDeniedException;
use App\Services\ChatService;
use App\Services\UtilsService;
use App\Entity\Chat\ChatMessage;
use App\Entity\App\User;
class ChatMessagePostValidateSubscriber implements EventSubscriberInterface
{
private $tokenStorage;
private $authorizationChecker;
private $chatService;
private $utilsService;
private $translator;
public function __construct(
TokenStorageInterface $tokenStorage,
AuthorizationCheckerInterface $checker,
ChatService $chatService,
UtilsService $utilsService,
TranslatorInterface $translator
){
$this->tokenStorage = $tokenStorage;
$this->authorizationChecker = $checker;
$this->chatService = $chatService;
$this->utilsService = $utilsService;
$this->translator = $translator;
}
/**
* @param ViewEvent $event
* @throws AccessDeniedException
* @throws InvalidArgumentException
* @throws NotFoundException
*/
public function onKernelView(ViewEvent $event)
{
if ($this->utilsService->isAPublicRequest($event)) {
return;
}
$chatMessage = $event->getControllerResult();
$request = $event->getRequest();
$method = $request->getMethod();
$userCurrent = $this->tokenStorage->getToken()->getUser();
if (!($chatMessage instanceof ChatMessage) || (Request::METHOD_POST !== $method)
) {
return;
}
if (!($userCurrent instanceof User)) {
throw new NotFoundException($this->translator->trans('User current not found'));
}
$content = $request->getContent();
$params = json_decode($content, true);
if (isset($params['mediaObjects']) && !empty($params['mediaObjects']) && count($params['mediaObjects']) > 0) {
foreach ($chatMessage->getMediaObjects() as $mediaObject) {
if ($mediaObject->getType() !== MediaObject::TYPE_MESSAGE) {
throw new InvalidArgumentException(
$this->translator->trans(
'mediaObject.validate.type_not_allowed',
[
'%mediaId%' => $mediaObject->getId(),
'%mediaType%' => $mediaObject->getType(),
'%mediaTypeAvailable%' => MediaObject::TYPE_MESSAGE
]
)
);
}
}
$chatMessage->setType('mediaObjects');
} else if(!isset($params['body']) || empty(trim($params['body']))) {
throw new InvalidArgumentException('body: ' . $this->translator->trans('This value should not be blank'));
}
if ($this->authorizationChecker->isGranted('ROLE_SUPERADMIN')) {
return;
}
$authorization = false;
$userChat = $this->chatService->getUsersOfChat($chatMessage->getChat());
$search = array_search($userCurrent->getId(), array_column($userChat, 'id'));
if ($search !== false) {
$authorization = true;
}
if (!$authorization) {
throw new AccessDeniedException(
$this->translator->trans('You have not permission for write on this chat')
);
}
}
public static function getSubscribedEvents()
{
return [
KernelEvents::VIEW => ['onKernelView', EventPriorities::POST_VALIDATE]
];
}
}