src/EventSubscriber/Location/LocationPreWriteSubscriber.php line 47

Open in your IDE?
  1. <?php
  3. namespace App\EventSubscriber\Location;
  5. use App\Services\UtilsService;
  6. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  7. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  8. use Symfony\Component\HttpKernel\Event\ViewEvent;
  9. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  10. use Symfony\Component\HttpFoundation\Request;
  11. use Symfony\Component\HttpKernel\KernelEvents;
  12. use Doctrine\ORM\EntityManagerInterface;
  13. use ApiPlatform\Core\EventListener\EventPriorities;
  14. use App\Services\VendorService;
  15. use App\Exception\AccessDeniedException;
  16. use App\Exception\NotFoundException;
  17. use App\Entity\App\Location;
  18. use App\Entity\App\User;
  19. use App\Entity\App\Role;
  20. use Symfony\Contracts\Translation\TranslatorInterface;
  22. class LocationPreWriteSubscriber implements EventSubscriberInterface
  23. {
  24.     private $tokenStorage;
  25.     private $authorizationChecker;
  26.     private $vendorService;
  27.     private $entityManager;
  28.     private $utilsService;
  29.     private $translator;
  31.     public function __construct(
  32.         TokenStorageInterface $tokenStorage,
  33.         AuthorizationCheckerInterface $checker,
  34.         VendorService $vendorService,
  35.         EntityManagerInterface $entityManager,
  36.         UtilsService $utilsService,
  37.         TranslatorInterface $translator
  38.     ) {
  39.         $this->tokenStorage $tokenStorage;
  40.         $this->authorizationChecker $checker;
  41.         $this->vendorService $vendorService;
  42.         $this->entityManager $entityManager;
  43.         $this->utilsService $utilsService;
  44.         $this->translator $translator;
  45.     }
  47.     public function onKernelView(ViewEvent $event)
  48.     {
  49.         if ($this->utilsService->isAPublicRequest($event)) {
  50.             return;
  51.         }
  53.         $location $event->getControllerResult();
  54.         $request $event->getRequest();
  55.         $method $request->getMethod();
  56.         $userCurrent $this->tokenStorage->getToken()->getUser();
  58.         if (!($location instanceof Location) ||
  59.             (Request::METHOD_POST !== $method && Request::METHOD_PUT && Request::METHOD_DELETE !== $method)
  60.         )
  61.             return;
  63.         if (Request::METHOD_DELETE === $method) {
  64.             $entityExist = [];
  65.             if (count($location->getTickets()->toArray()) > 0) {
  66.                 $entityExist[] = $this->translator->trans('tickets');
  67.             }
  68.             if (count($location->getVendorStaff()->toArray()) > 0) {
  69.                 $entityExist[] = $this->translator->trans('users');
  70.             }
  71.             if (count($location->getMaintenanceElements()->toArray()) > 0) {
  72.                 $entityExist[] = $this->translator->trans('maintenanceElement.plural');
  73.             }
  74.             if (count($location->getResources()->toArray()) > 0) {
  75.                 $entityExist[] = $this->translator->trans('resource.plural');
  76.             }
  77.             if (count($location->getTasks()->toArray()) > 0) {
  78.                 $entityExist[] = $this->translator->trans('task.plural');
  79.             }
  80.             if (count($entityExist) > 0) {
  81.                 throw new AccessDeniedException(
  82.                     sprintf('%s: %s'$this->translator->trans('Action not allowed. The location is linked to'), implode(', '$entityExist))
  83.                 ,417);
  84.             }
  85.         }
  87.         if ($this->authorizationChecker->isGranted('ROLE_SUPERADMIN'))
  88.             return;
  90.         if(!$userCurrent instanceof User)
  91.             throw new NotFoundException($this->translator->trans('User current not found'));
  93.         $controlAccess = [Role::ROLE_ADMIN];
  94.         if (!$this->vendorService->isUserRoleInToVendor($location->getVendor(), $userCurrent$controlAccess)) {
  95.             $controlAccessTranslator = [];
  96.             foreach ($controlAccess as $roleName) {
  97.                 $controlAccessTranslator[] = $this->translator->trans($roleName);
  98.             }
  99.             throw new AccessDeniedException(
  100.                 $this->translator->trans('access_allowed_only_for') . (implode(', '$controlAccessTranslator))
  101.             );
  102.         }
  103.     }
  105.     public static function getSubscribedEvents()
  106.     {
  107.         return [
  108.             KernelEvents::VIEW => ['onKernelView'EventPriorities::PRE_WRITE]
  109.         ];
  110.     }
  111. }