<?php
namespace App\EventListener;
use Symfony\Bundle\FrameworkBundle\Routing\Router;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
class FirewallPartnerListener
{
/** @var TokenStorageInterface $tokenStorage */
private $tokenStorage;
/** @var AuthorizationCheckerInterface $authorizationChecker */
private $authorizationChecker;
/** @var Router $router */
private $router;
public function __construct(TokenStorageInterface $tokenStorage,
AuthorizationCheckerInterface $authorizationChecker,
Router $router
)
{
$this->tokenStorage = $tokenStorage;
$this->authorizationChecker = $authorizationChecker;
$this->router = $router;
}
public function onKernelRequest(RequestEvent $event)
{
$controller = $event->getRequest()->get('_controller');
$parts = explode(':', $controller);
$currentController = $parts[0];
$currentAction = empty($parts[1]) ? null : $parts[1];
if (!$this->tokenStorage->getToken() ||
false === $this->authorizationChecker->isGranted('ROLE_ADMINISTRATION_ACCESS') ||
!($user = $this->tokenStorage->getToken()->getUser()) ||
!$user->getPartner() ||
strpos($controller, 'exception') !== false ||
$this->isAllowedController($currentController, $currentAction)
) {
return;
}
$event->setResponse(new RedirectResponse($this->router->generate('sylius_admin_dashboard')));
}
private function isAllowedController(string $controller, string $action = null): bool
{
if (!empty($action) && $controller === 'app.controller.order.grid' &&
preg_match('/(logs|downloadImportedFile)/i', $action)
) {
return false;
}
switch ($controller) {
case 'app.controller.order.grid':
case 'app.controller.partner.partner':
case 'app.controller.rca.rca_admin_grid';
case 'app.controller.cms_rca';
case 'app.controller.road_assistance.admin_road_assistance':
case 'app.controller.vignette.ro_vignette_admin_grid':
case 'app.controller.license_recovery.license_recovery_admin':
case 'app.controller.telemedicine.telemedicine_admin':
case 'sylius.controller.admin.dashboard':
case 'sylius.controller.admin_user':
case 'sylius.controller.channel':
case 'sylius.controller.order':
case 'sylius_admin_admin_user_update':
return true;
default:
return false;
}
}
}