vendor/sylius/rbac-plugin/src/Access/Menu/AdminMenuAccessListener.php line 37

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace Sylius\RbacPlugin\Access\Menu;
  7. use Sylius\Bundle\UiBundle\Menu\Event\MenuBuilderEvent;
  8. use Sylius\Component\Core\Model\AdminUserInterface;
  9. use Sylius\RbacPlugin\Access\Checker\AdministratorAccessCheckerInterface;
  10. use Sylius\RbacPlugin\Access\Model\AccessRequest;
  11. use Sylius\RbacPlugin\Access\Model\OperationType;
  12. use Sylius\RbacPlugin\Access\Model\Section;
  13. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  14. use Webmozart\Assert\Assert;
  16. final class AdminMenuAccessListener
  17. {
  18.     /** @var TokenStorageInterface */
  19.     private $tokenStorage;
  21.     /** @var AdministratorAccessCheckerInterface */
  22.     private $accessChecker;
  24.     /** @var array */
  25.     private $configuration;
  27.     public function __construct(
  28.         TokenStorageInterface $tokenStorage,
  29.         AdministratorAccessCheckerInterface $accessChecker,
  30.         array $configuration
  31.     ) {
  32.         $this->tokenStorage $tokenStorage;
  33.         $this->accessChecker $accessChecker;
  34.         $this->configuration $configuration;
  35.     }
  37.     public function removeInaccessibleAdminMenuParts(MenuBuilderEvent $event): void
  38.     {
  39.         $token $this->tokenStorage->getToken();
  40.         Assert::notNull($token'There is no logged in user');
  42.         /** @var AdminUserInterface $adminUser */
  43.         $adminUser $token->getUser();
  44.         Assert::isInstanceOf($adminUserAdminUserInterface::class, 'Logged in user should be an administrator');
  46.         $menu $event->getMenu();
  48.         if ($this->hasAdminNoAccessToSection($adminUserSection::catalog())) {
  49.             $menu->removeChild('catalog');
  50.         }
  52.         if ($this->hasAdminNoAccessToSection($adminUserSection::configuration())) {
  53.             $menu->removeChild('configuration');
  54.         }
  56.         if ($this->hasAdminNoAccessToSection($adminUserSection::customers())) {
  57.             $menu->removeChild('customers');
  58.         }
  60.         if ($this->hasAdminNoAccessToSection($adminUserSection::marketing())) {
  61.             $menu->removeChild('marketing');
  62.         }
  64.         if ($this->hasAdminNoAccessToSection($adminUserSection::sales())) {
  65.             $menu->removeChild('sales');
  66.         }
  68.         /** @var string $customSection */
  69.         foreach (array_keys($this->configuration['custom']) as $customSection) {
  70.             if ($this->hasAdminNoAccessToSection($adminUserSection::ofType($customSection))) {
  71.                 $menu->removeChild($customSection);
  72.             }
  73.         }
  74.     }
  76.     private function hasAdminNoAccessToSection(AdminUserInterface $adminUserSection $section): bool
  77.     {
  78.         return !$this->accessChecker->canAccessSection(
  79.             $adminUser,
  80.             new AccessRequest($sectionOperationType::read())
  81.         );
  82.     }
  83. }