<?php
/**
* Created by PhpStorm.
* User: SUSAN MEDINA
* Date: 15/03/2019
* Time: 04:13 PM
*/
namespace App\EventSubscriber\Vendor;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\ViewEvent;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Contracts\Translation\TranslatorInterface;
use ApiPlatform\Core\EventListener\EventPriorities;
use App\Exception\AccessDeniedException;
use App\Services\VendorService;
use App\Services\UtilsService;
use App\Entity\App\User;
use App\Entity\App\Role;
use App\Entity\App\Vendor;
class VendorPreWriteSubscriber implements EventSubscriberInterface
{
private $tokenStorage;
private $authorizationChecker;
private $vendorService;
private $utilsService;
private $translator;
private $entityManager;
public function __construct(
TokenStorageInterface $tokenStorage,
AuthorizationCheckerInterface $checker,
VendorService $vendorService,
UtilsService $utilsService,
TranslatorInterface $translator,
EntityManagerInterface $entityManager
){
$this->tokenStorage = $tokenStorage;
$this->authorizationChecker = $checker;
$this->vendorService = $vendorService;
$this->utilsService = $utilsService;
$this->translator = $translator;
$this->entityManager = $entityManager;
}
/**
* @param ViewEvent $event
* @throws AccessDeniedException
*/
public function onKernelView(ViewEvent $event)
{
if ($this->utilsService->isAPublicRequest($event)) {
return;
}
$vendor = $event->getControllerResult();
$request = $event->getRequest();
$method = $request->getMethod();
$userCurrent = $this->tokenStorage->getToken()->getUser();
if (!($userCurrent instanceof User) || !($vendor instanceof Vendor)
) {
return;
}
if(Request::METHOD_POST === $method) {
$baseCode = strtoupper(iconv('UTF-8','ASCII//TRANSLIT', preg_replace('/\s/', '', $vendor->getName())));
$baseCode = str_replace("'", '',$baseCode);
$code = $baseCode;
do{
$vendorWithCode = $this->entityManager->getRepository(Vendor::class)->findOneBy(['signUpCode' => $code]);
if(!$vendorWithCode instanceof Vendor)
break;
$code = $baseCode . rand(1,999);
}while(true);
$vendor->setSignUpCode($code);
if(empty($vendor->getTimezone())){
$vendor->setTimezone('UTC');
}
if(empty($vendor->getCountry())){
$vendor->setCountry('ES');
}
if(empty($vendor->getDateFormat())){
$vendor->setDateFormat(1);
}
if(empty($vendor->getCurrency())){
$vendor->setCurrency('EUR');
}
}
if (Request::METHOD_PUT !== $method && Request::METHOD_DELETE !== $method) {
return;
}
if ($this->authorizationChecker->isGranted('ROLE_SUPERADMIN'))
{
return;
}
$controlAccess = [Role::ROLE_ADMIN];
if (!$this->vendorService->isUserRoleInToVendor($vendor, $userCurrent, $controlAccess)) {
$controlAccessTranslator = [];
foreach ($controlAccess as $roleName) {
$controlAccessTranslator[] = $this->translator->trans($roleName);
}
throw new AccessDeniedException(
$this->translator->trans('access_allowed_only_for') . (implode(', ', $controlAccessTranslator))
);
}
}
public static function getSubscribedEvents()
{
return [
KernelEvents::VIEW => ['onKernelView', EventPriorities::PRE_WRITE]
];
}
}