src/EventSubscriber/Ticket/IncidenceTypePreWriteSubscriber.php line 49

Open in your IDE?
  1. <?php
  3. namespace App\EventSubscriber\Ticket;
  5. use App\Services\UtilsService;
  6. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  7. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  8. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  9. use Symfony\Component\HttpKernel\Event\ViewEvent;
  10. use Symfony\Component\HttpFoundation\Request;
  11. use Symfony\Component\HttpKernel\KernelEvents;
  12. use ApiPlatform\Core\EventListener\EventPriorities;
  13. use App\Exception\AccessDeniedException;
  14. use App\Exception\NotFoundException;
  15. use App\Services\VendorService;
  16. use App\Entity\App\Ticket\IncidenceType;
  17. use App\Entity\App\User;
  18. use App\Entity\App\Role;
  19. use Symfony\Contracts\Translation\TranslatorInterface;
  21. class IncidenceTypePreWriteSubscriber implements EventSubscriberInterface
  22. {
  23.     private $tokenStorage;
  24.     private $authorizationChecker;
  25.     private $vendorService;
  26.     private $utilsService;
  27.     private $translator;
  29.     public function __construct(
  30.         TokenStorageInterface $tokenStorage,
  31.         AuthorizationCheckerInterface $checker,
  32.         VendorService $vendorService,
  33.         UtilsService $utilsService,
  34.         TranslatorInterface $translator
  35.     )
  36.     {
  37.         $this->tokenStorage $tokenStorage;
  38.         $this->authorizationChecker $checker;
  39.         $this->vendorService $vendorService;
  40.         $this->utilsService $utilsService;
  41.         $this->translator $translator;
  42.     }
  44.     /**
  45.      * @param ViewEvent $event
  46.      * @throws AccessDeniedException
  47.      * @throws NotFoundException
  48.      */
  49.     public function onKernelView(ViewEvent $event)
  50.     {
  51.         //Don't change the place of this if
  52.         if ($this->utilsService->isAPublicRequest($event)) {
  53.             return;
  54.         }
  56.         $incidenceType $event->getControllerResult();
  57.         $request $event->getRequest();
  58.         $method $request->getMethod();
  59.         $userCurrent $this->tokenStorage->getToken()->getUser();
  61.         if (!($incidenceType instanceof IncidenceType) ||
  62.             (Request::METHOD_POST !== $method && Request::METHOD_PUT !== $method && Request::METHOD_DELETE !== $method))
  63.             return;
  65.         if ($this->authorizationChecker->isGranted('ROLE_SUPERADMIN'))
  66.             return;
  68.         if (!$userCurrent instanceof User)
  69.             throw new NotFoundException($this->translator->trans('User not found'));
  71.         if (!$this->vendorService->isUserRoleInToVendor($incidenceType->getVendor(), $userCurrent, [Role::ROLE_ADMIN]))
  72.             throw new AccessDeniedException($this->translator->trans('Access denied'));
  73.     }
  75.     public static function getSubscribedEvents()
  76.     {
  77.         return [
  78.             KernelEvents::VIEW => ['onKernelView'EventPriorities::PRE_WRITE]
  79.         ];
  80.     }
  81. }