src/EventSubscriber/Ticket/TicketPreSerializeSubscriber.php line 64

Open in your IDE?
  1. <?php
  3. namespace App\EventSubscriber\Ticket;
  5. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  6. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  7. use Symfony\Component\HttpKernel\Event\ViewEvent;
  8. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  9. use Symfony\Component\HttpFoundation\Request;
  10. use Symfony\Component\HttpKernel\KernelEvents;
  11. use Symfony\Contracts\Translation\TranslatorInterface;
  12. use App\Exception\NotFoundException;
  13. use App\Exception\AccessDeniedException;
  14. use ApiPlatform\Core\EventListener\EventPriorities;
  15. use App\Repository\App\Ticket\TicketTypeRepository;
  16. use App\Repository\App\Ticket\TicketStateRepository;
  17. use App\Repository\App\Task\WorkerBudgetRepository;
  18. use App\Repository\App\RoleRepository;
  19. use App\Services\VendorService;
  20. use App\Services\UtilsService;
  21. use App\Entity\App\Ticket\Ticket;
  22. use App\Entity\App\User;
  23. use App\Entity\App\Role;
  25. class TicketPreSerializeSubscriber implements EventSubscriberInterface
  26. {
  27.     private $translator;
  28.     private $tokenStorage;
  29.     private $authorizationChecker;
  30.     private $ticketTypeRepository;
  31.     private $vendorService;
  32.     private $ticketStateRepository;
  33.     private $workerBudgetRepository;
  34.     private $roleRepository;
  35.     private $utilsService;
  37.     public function __construct(
  38.         TranslatorInterface $translator,
  39.         TokenStorageInterface $tokenStorage,
  40.         AuthorizationCheckerInterface $checker,
  41.         TicketTypeRepository $ticketTypeRepository,
  42.         TicketStateRepository $ticketStateRepository,
  43.         WorkerBudgetRepository $workerBudgetRepository,
  44.         RoleRepository $roleRepository,
  45.         VendorService $vendorService,
  46.         UtilsService $utilsService)
  47.     {
  48.         $this->translator $translator;
  49.         $this->tokenStorage $tokenStorage;
  50.         $this->authorizationChecker $checker;
  51.         $this->ticketTypeRepository $ticketTypeRepository;
  52.         $this->vendorService $vendorService;
  53.         $this->ticketStateRepository $ticketStateRepository;
  54.         $this->workerBudgetRepository $workerBudgetRepository;
  55.         $this->roleRepository $roleRepository;
  56.         $this->utilsService $utilsService;
  57.     }
  59.     /**
  60.      * @param ViewEvent $event
  61.      * @throws AccessDeniedException
  62.      * @throws NotFoundException
  63.      */
  64.     public function onKernelView(ViewEvent $event)
  65.     {
  66.         if ($this->utilsService->isAPublicRequest($event)) {
  67.             return;
  68.         }
  69.         
  70.         $ticket $event->getControllerResult();
  71.         $request $event->getRequest();
  72.         $method $request->getMethod();
  73.         $currentUser $this->tokenStorage->getToken()->getUser();
  75.         if (!($ticket instanceof Ticket) || (Request::METHOD_GET !== $method))
  76.             return;
  78.         if(!($currentUser instanceof User)) {
  79.             throw new NotFoundException($this->translator->trans('User current not found'));
  80.         }
  82.         if ($this->authorizationChecker->isGranted('ROLE_SUPERADMIN'))
  83.             return;
  85.         $vendor $ticket->getVendor();
  86.         $vendorStaff $this->vendorService->getVendorStaff(null$currentUser$vendor);
  87.         if ($vendorStaff === null) {
  88.             throw new AccessDeniedException(
  89.                 $this->translator->trans(
  90.                     'Access denied. it does not belong to the vendor',
  91.                     ['%vendor%' => $vendor->getName()]
  92.                 )
  93.             );
  94.         }
  95.         $authorization false;
  96.         $controlAccess = [Role::ROLE_ADMINRole::ROLE_TASKMASTER];
  98.         if ($ticket->getCreatedBy() === $currentUser) {
  99.             $controlAccess = [Role::ROLE_ALL];
  100.         }
  102.         if ($this->vendorService->isUserRoleInToVendor($ticket->getVendor(), $currentUser$controlAccess)) {
  103.             $authorization true;
  104.         }
  105. /*
  106.  * permiso para capataz poder ver un ticket en donde fue asignado solamente
  107.         if (!$authorization) {
  108.             $role[] = $this->roleRepository->findOneBy(['name' => Role::ROLE_TASKMASTER]);
  109.             $workerBudget = $this->workerBudgetRepository->getWorkersOfTicketByRole(
  110.                 $ticket,
  111.                 $role,
  112.                 $currentUser->getId()
  113.             );
  114.             if ($workerBudget) {
  115.                 $authorization = true;
  116.             }
  117.         }
  118. */
  119. /*
  120.         $rolesUser = $this->vendorService->getRolesOfUserByVendor($currentUser, $vendor);
  121.         $roleAdmin = $this->roleRepository->findOneBy(['name' => Role::ROLE_ADMIN]);
  122.         $ticketTypeRequest = $this->ticketTypeRepository->findOneBy(['name' => 'request']);
  123.         $ticketTypeIncidence = $this->ticketTypeRepository->findOneBy(['name' => 'incidence']);
  124.         $workOrder = $this->ticketTypeRepository->findOneBy(['name' => 'work_order']);
  126.         if ($ticket->getType() === $ticketTypeRequest or
  127.             $ticket->getType() === $ticketTypeIncidence) {
  128.             $controlAccess = [Role::ROLE_ADMIN, Role::ROLE_USER];
  130.             $roleUser = $this->roleRepository->findOneBy(['name' => Role::ROLE_USER]);
  131.             switch (true) {
  132.                 case (in_array($roleAdmin, $rolesUser)):
  133.                     $authorization = true;
  134.                     break;
  135.                 case (in_array($roleUser, $rolesUser)):
  136.                     if ($ticket->getCreatedBy() === $currentUser)
  137.                         $authorization = true;
  138.                     break;
  139.                 default:
  140.                     $authorization = false;
  141.             }
  142.         }
  143.         if ($ticket->getType() === $workOrder && in_array($roleAdmin, $rolesUser))
  144.             $authorization = true;
  145. */
  146.         if (!$authorization) {
  147.             $controlAccessTranslator = [];
  148.             foreach ($controlAccess as $roleName) {
  149.                 $controlAccessTranslator[] = $this->translator->trans($roleName);
  150.             }
  151.             throw new AccessDeniedException(
  152.                 $this->translator->trans('access_allowed_only_for') . (implode(', '$controlAccessTranslator))
  153.             );
  154.         }
  155.     }
  157.     public static function getSubscribedEvents()
  158.     {
  159.         return [
  160.             KernelEvents::VIEW => ['onKernelView'EventPriorities::PRE_SERIALIZE]
  161.         ];
  162.     }
  163. }