vendor/sylius/resource-bundle/src/Bundle/Controller/ResourceController.php line 127

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Sylius package.
  5.  *
  6.  * (c) Paweł Jędrzejewski
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. declare(strict_types=1);
  14. namespace Sylius\Bundle\ResourceBundle\Controller;
  16. use Doctrine\Common\Persistence\ObjectManager;
  17. use FOS\RestBundle\View\View;
  18. use Sylius\Bundle\ResourceBundle\Event\ResourceControllerEvent;
  19. use Sylius\Component\Resource\Exception\DeleteHandlingException;
  20. use Sylius\Component\Resource\Exception\UpdateHandlingException;
  21. use Sylius\Component\Resource\Factory\FactoryInterface;
  22. use Sylius\Component\Resource\Metadata\MetadataInterface;
  23. use Sylius\Component\Resource\Model\ResourceInterface;
  24. use Sylius\Component\Resource\Repository\RepositoryInterface;
  25. use Sylius\Component\Resource\ResourceActions;
  26. use Symfony\Bundle\FrameworkBundle\Controller\Controller;
  27. use Symfony\Component\HttpFoundation\Request;
  28. use Symfony\Component\HttpFoundation\Response;
  29. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  30. use Symfony\Component\HttpKernel\Exception\HttpException;
  31. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  32. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  34. class ResourceController extends Controller
  35. {
  36.     /** @var MetadataInterface */
  37.     protected $metadata;
  39.     /** @var RequestConfigurationFactoryInterface */
  40.     protected $requestConfigurationFactory;
  42.     /** @var ViewHandlerInterface */
  43.     protected $viewHandler;
  45.     /** @var RepositoryInterface */
  46.     protected $repository;
  48.     /** @var FactoryInterface */
  49.     protected $factory;
  51.     /** @var NewResourceFactoryInterface */
  52.     protected $newResourceFactory;
  54.     /** @var ObjectManager */
  55.     protected $manager;
  57.     /** @var SingleResourceProviderInterface */
  58.     protected $singleResourceProvider;
  60.     /** @var ResourcesCollectionProviderInterface */
  61.     protected $resourcesCollectionProvider;
  63.     /** @var ResourceFormFactoryInterface */
  64.     protected $resourceFormFactory;
  66.     /** @var RedirectHandlerInterface */
  67.     protected $redirectHandler;
  69.     /** @var FlashHelperInterface */
  70.     protected $flashHelper;
  72.     /** @var AuthorizationCheckerInterface */
  73.     protected $authorizationChecker;
  75.     /** @var EventDispatcherInterface */
  76.     protected $eventDispatcher;
  78.     /** @var StateMachineInterface */
  79.     protected $stateMachine;
  81.     /** @var ResourceUpdateHandlerInterface */
  82.     protected $resourceUpdateHandler;
  84.     /** @var ResourceDeleteHandlerInterface */
  85.     protected $resourceDeleteHandler;
  87.     public function __construct(
  88.         MetadataInterface $metadata,
  89.         RequestConfigurationFactoryInterface $requestConfigurationFactory,
  90.         ViewHandlerInterface $viewHandler,
  91.         RepositoryInterface $repository,
  92.         FactoryInterface $factory,
  93.         NewResourceFactoryInterface $newResourceFactory,
  94.         ObjectManager $manager,
  95.         SingleResourceProviderInterface $singleResourceProvider,
  96.         ResourcesCollectionProviderInterface $resourcesFinder,
  97.         ResourceFormFactoryInterface $resourceFormFactory,
  98.         RedirectHandlerInterface $redirectHandler,
  99.         FlashHelperInterface $flashHelper,
  100.         AuthorizationCheckerInterface $authorizationChecker,
  101.         EventDispatcherInterface $eventDispatcher,
  102.         StateMachineInterface $stateMachine,
  103.         ResourceUpdateHandlerInterface $resourceUpdateHandler,
  104.         ResourceDeleteHandlerInterface $resourceDeleteHandler
  105.     ) {
  106.         $this->metadata $metadata;
  107.         $this->requestConfigurationFactory $requestConfigurationFactory;
  108.         $this->viewHandler $viewHandler;
  109.         $this->repository $repository;
  110.         $this->factory $factory;
  111.         $this->newResourceFactory $newResourceFactory;
  112.         $this->manager $manager;
  113.         $this->singleResourceProvider $singleResourceProvider;
  114.         $this->resourcesCollectionProvider $resourcesFinder;
  115.         $this->resourceFormFactory $resourceFormFactory;
  116.         $this->redirectHandler $redirectHandler;
  117.         $this->flashHelper $flashHelper;
  118.         $this->authorizationChecker $authorizationChecker;
  119.         $this->eventDispatcher $eventDispatcher;
  120.         $this->stateMachine $stateMachine;
  121.         $this->resourceUpdateHandler $resourceUpdateHandler;
  122.         $this->resourceDeleteHandler $resourceDeleteHandler;
  123.     }
  125.     public function showAction(Request $request): Response
  126.     {
  127.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  129.         $this->isGrantedOr403($configurationResourceActions::SHOW);
  130.         $resource $this->findOr404($configuration);
  132.         $this->eventDispatcher->dispatch(ResourceActions::SHOW$configuration$resource);
  134.         $view View::create($resource);
  136.         if ($configuration->isHtmlRequest()) {
  137.             $view
  138.                 ->setTemplate($configuration->getTemplate(ResourceActions::SHOW '.html'))
  139.                 ->setTemplateVar($this->metadata->getName())
  140.                 ->setData([
  141.                     'configuration' => $configuration,
  142.                     'metadata' => $this->metadata,
  143.                     'resource' => $resource,
  144.                     $this->metadata->getName() => $resource,
  145.                 ])
  146.             ;
  147.         }
  149.         return $this->viewHandler->handle($configuration$view);
  150.     }
  152.     public function indexAction(Request $request): Response
  153.     {
  154.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  156.         $this->isGrantedOr403($configurationResourceActions::INDEX);
  157.         $resources $this->resourcesCollectionProvider->get($configuration$this->repository);
  159.         $this->eventDispatcher->dispatchMultiple(ResourceActions::INDEX$configuration$resources);
  161.         $view View::create($resources);
  163.         if ($configuration->isHtmlRequest()) {
  164.             $view
  165.                 ->setTemplate($configuration->getTemplate(ResourceActions::INDEX '.html'))
  166.                 ->setTemplateVar($this->metadata->getPluralName())
  167.                 ->setData([
  168.                     'configuration' => $configuration,
  169.                     'metadata' => $this->metadata,
  170.                     'resources' => $resources,
  171.                     $this->metadata->getPluralName() => $resources,
  172.                 ])
  173.             ;
  174.         }
  176.         return $this->viewHandler->handle($configuration$view);
  177.     }
  179.     public function createAction(Request $request): Response
  180.     {
  181.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  183.         $this->isGrantedOr403($configurationResourceActions::CREATE);
  184.         $newResource $this->newResourceFactory->create($configuration$this->factory);
  186.         $form $this->resourceFormFactory->create($configuration$newResource);
  188.         if ($request->isMethod('POST') && $form->handleRequest($request)->isValid()) {
  189.             $newResource $form->getData();
  191.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::CREATE$configuration$newResource);
  193.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  194.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  195.             }
  196.             if ($event->isStopped()) {
  197.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  199.                 $eventResponse $event->getResponse();
  200.                 if (null !== $eventResponse) {
  201.                     return $eventResponse;
  202.                 }
  204.                 return $this->redirectHandler->redirectToIndex($configuration$newResource);
  205.             }
  207.             if ($configuration->hasStateMachine()) {
  208.                 $this->stateMachine->apply($configuration$newResource);
  209.             }
  211.             $this->repository->add($newResource);
  213.             if ($configuration->isHtmlRequest()) {
  214.                 $this->flashHelper->addSuccessFlash($configurationResourceActions::CREATE$newResource);
  215.             }
  217.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::CREATE$configuration$newResource);
  219.             if (!$configuration->isHtmlRequest()) {
  220.                 return $this->viewHandler->handle($configurationView::create($newResourceResponse::HTTP_CREATED));
  221.             }
  223.             $postEventResponse $postEvent->getResponse();
  224.             if (null !== $postEventResponse) {
  225.                 return $postEventResponse;
  226.             }
  228.             return $this->redirectHandler->redirectToResource($configuration$newResource);
  229.         }
  231.         if (!$configuration->isHtmlRequest()) {
  232.             return $this->viewHandler->handle($configurationView::create($formResponse::HTTP_BAD_REQUEST));
  233.         }
  235.         $initializeEvent $this->eventDispatcher->dispatchInitializeEvent(ResourceActions::CREATE$configuration$newResource);
  236.         $initializeEventResponse $initializeEvent->getResponse();
  237.         if (null !== $initializeEventResponse) {
  238.             return $initializeEventResponse;
  239.         }
  241.         $view View::create()
  242.             ->setData([
  243.                 'configuration' => $configuration,
  244.                 'metadata' => $this->metadata,
  245.                 'resource' => $newResource,
  246.                 $this->metadata->getName() => $newResource,
  247.                 'form' => $form->createView(),
  248.             ])
  249.             ->setTemplate($configuration->getTemplate(ResourceActions::CREATE '.html'))
  250.         ;
  252.         return $this->viewHandler->handle($configuration$view);
  253.     }
  255.     public function updateAction(Request $request): Response
  256.     {
  257.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  259.         $this->isGrantedOr403($configurationResourceActions::UPDATE);
  260.         $resource $this->findOr404($configuration);
  262.         $form $this->resourceFormFactory->create($configuration$resource);
  264.         if (in_array($request->getMethod(), ['POST''PUT''PATCH'], true) && $form->handleRequest($request)->isValid()) {
  265.             $resource $form->getData();
  267.             /** @var ResourceControllerEvent $event */
  268.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::UPDATE$configuration$resource);
  270.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  271.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  272.             }
  273.             if ($event->isStopped()) {
  274.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  276.                 $eventResponse $event->getResponse();
  277.                 if (null !== $eventResponse) {
  278.                     return $eventResponse;
  279.                 }
  281.                 return $this->redirectHandler->redirectToResource($configuration$resource);
  282.             }
  284.             try {
  285.                 $this->resourceUpdateHandler->handle($resource$configuration$this->manager);
  286.             } catch (UpdateHandlingException $exception) {
  287.                 if (!$configuration->isHtmlRequest()) {
  288.                     return $this->viewHandler->handle(
  289.                         $configuration,
  290.                         View::create($form$exception->getApiResponseCode())
  291.                     );
  292.                 }
  294.                 $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  296.                 return $this->redirectHandler->redirectToReferer($configuration);
  297.             }
  299.             if ($configuration->isHtmlRequest()) {
  300.                 $this->flashHelper->addSuccessFlash($configurationResourceActions::UPDATE$resource);
  301.             }
  303.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::UPDATE$configuration$resource);
  305.             if (!$configuration->isHtmlRequest()) {
  306.                 $view $configuration->getParameters()->get('return_content'false) ? View::create($resourceResponse::HTTP_OK) : View::create(nullResponse::HTTP_NO_CONTENT);
  308.                 return $this->viewHandler->handle($configuration$view);
  309.             }
  311.             $postEventResponse $postEvent->getResponse();
  312.             if (null !== $postEventResponse) {
  313.                 return $postEventResponse;
  314.             }
  316.             return $this->redirectHandler->redirectToResource($configuration$resource);
  317.         }
  319.         if (!$configuration->isHtmlRequest()) {
  320.             return $this->viewHandler->handle($configurationView::create($formResponse::HTTP_BAD_REQUEST));
  321.         }
  323.         $initializeEvent $this->eventDispatcher->dispatchInitializeEvent(ResourceActions::UPDATE$configuration$resource);
  324.         $initializeEventResponse $initializeEvent->getResponse();
  325.         if (null !== $initializeEventResponse) {
  326.             return $initializeEventResponse;
  327.         }
  329.         $view View::create()
  330.             ->setData([
  331.                 'configuration' => $configuration,
  332.                 'metadata' => $this->metadata,
  333.                 'resource' => $resource,
  334.                 $this->metadata->getName() => $resource,
  335.                 'form' => $form->createView(),
  336.             ])
  337.             ->setTemplate($configuration->getTemplate(ResourceActions::UPDATE '.html'))
  338.         ;
  340.         return $this->viewHandler->handle($configuration$view);
  341.     }
  343.     public function deleteAction(Request $request): Response
  344.     {
  345.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  347.         $this->isGrantedOr403($configurationResourceActions::DELETE);
  348.         $resource $this->findOr404($configuration);
  350.         if ($configuration->isCsrfProtectionEnabled() && !$this->isCsrfTokenValid((string) $resource->getId(), $request->request->get('_csrf_token'))) {
  351.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid csrf token.');
  352.         }
  354.         $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::DELETE$configuration$resource);
  356.         if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  357.             throw new HttpException($event->getErrorCode(), $event->getMessage());
  358.         }
  359.         if ($event->isStopped()) {
  360.             $this->flashHelper->addFlashFromEvent($configuration$event);
  362.             $eventResponse $event->getResponse();
  363.             if (null !== $eventResponse) {
  364.                 return $eventResponse;
  365.             }
  367.             return $this->redirectHandler->redirectToIndex($configuration$resource);
  368.         }
  370.         try {
  371.             $this->resourceDeleteHandler->handle($resource$this->repository);
  372.         } catch (DeleteHandlingException $exception) {
  373.             if (!$configuration->isHtmlRequest()) {
  374.                 return $this->viewHandler->handle(
  375.                     $configuration,
  376.                     View::create(null$exception->getApiResponseCode())
  377.                 );
  378.             }
  380.             $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  382.             return $this->redirectHandler->redirectToReferer($configuration);
  383.         }
  385.         if ($configuration->isHtmlRequest()) {
  386.             $this->flashHelper->addSuccessFlash($configurationResourceActions::DELETE$resource);
  387.         }
  389.         $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::DELETE$configuration$resource);
  391.         if (!$configuration->isHtmlRequest()) {
  392.             return $this->viewHandler->handle($configurationView::create(nullResponse::HTTP_NO_CONTENT));
  393.         }
  395.         $postEventResponse $postEvent->getResponse();
  396.         if (null !== $postEventResponse) {
  397.             return $postEventResponse;
  398.         }
  400.         return $this->redirectHandler->redirectToIndex($configuration$resource);
  401.     }
  403.     public function bulkDeleteAction(Request $request): Response
  404.     {
  405.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  407.         $this->isGrantedOr403($configurationResourceActions::BULK_DELETE);
  408.         $resources $this->resourcesCollectionProvider->get($configuration$this->repository);
  410.         if (
  411.             $configuration->isCsrfProtectionEnabled() &&
  412.             !$this->isCsrfTokenValid(ResourceActions::BULK_DELETE$request->request->get('_csrf_token'))
  413.         ) {
  414.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid csrf token.');
  415.         }
  417.         $this->eventDispatcher->dispatchMultiple(ResourceActions::BULK_DELETE$configuration$resources);
  419.         foreach ($resources as $resource) {
  420.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::DELETE$configuration$resource);
  422.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  423.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  424.             }
  425.             if ($event->isStopped()) {
  426.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  428.                 $eventResponse $event->getResponse();
  429.                 if (null !== $eventResponse) {
  430.                     return $eventResponse;
  431.                 }
  433.                 return $this->redirectHandler->redirectToIndex($configuration$resource);
  434.             }
  436.             try {
  437.                 $this->resourceDeleteHandler->handle($resource$this->repository);
  438.             } catch (DeleteHandlingException $exception) {
  439.                 if (!$configuration->isHtmlRequest()) {
  440.                     return $this->viewHandler->handle(
  441.                         $configuration,
  442.                         View::create(null$exception->getApiResponseCode())
  443.                     );
  444.                 }
  446.                 $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  448.                 return $this->redirectHandler->redirectToReferer($configuration);
  449.             }
  451.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::DELETE$configuration$resource);
  452.         }
  454.         if (!$configuration->isHtmlRequest()) {
  455.             return $this->viewHandler->handle($configurationView::create(nullResponse::HTTP_NO_CONTENT));
  456.         }
  458.         $this->flashHelper->addSuccessFlash($configurationResourceActions::BULK_DELETE);
  460.         if (isset($postEvent)) {
  461.             $postEventResponse $postEvent->getResponse();
  462.             if (null !== $postEventResponse) {
  463.                 return $postEventResponse;
  464.             }
  465.         }
  467.         return $this->redirectHandler->redirectToIndex($configuration);
  468.     }
  470.     public function applyStateMachineTransitionAction(Request $request): Response
  471.     {
  472.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  474.         $this->isGrantedOr403($configurationResourceActions::UPDATE);
  475.         $resource $this->findOr404($configuration);
  477.         if ($configuration->isCsrfProtectionEnabled() && !$this->isCsrfTokenValid((string) $resource->getId(), $request->get('_csrf_token'))) {
  478.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid CSRF token.');
  479.         }
  481.         $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::UPDATE$configuration$resource);
  483.         if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  484.             throw new HttpException($event->getErrorCode(), $event->getMessage());
  485.         }
  486.         if ($event->isStopped()) {
  487.             $this->flashHelper->addFlashFromEvent($configuration$event);
  489.             $eventResponse $event->getResponse();
  490.             if (null !== $eventResponse) {
  491.                 return $eventResponse;
  492.             }
  494.             return $this->redirectHandler->redirectToResource($configuration$resource);
  495.         }
  497.         if (!$this->stateMachine->can($configuration$resource)) {
  498.             throw new BadRequestHttpException();
  499.         }
  501.         try {
  502.             $this->resourceUpdateHandler->handle($resource$configuration$this->manager);
  503.         } catch (UpdateHandlingException $exception) {
  504.             if (!$configuration->isHtmlRequest()) {
  505.                 return $this->viewHandler->handle(
  506.                     $configuration,
  507.                     View::create($resource$exception->getApiResponseCode())
  508.                 );
  509.             }
  511.             $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  513.             return $this->redirectHandler->redirectToReferer($configuration);
  514.         }
  516.         if ($configuration->isHtmlRequest()) {
  517.             $this->flashHelper->addSuccessFlash($configurationResourceActions::UPDATE$resource);
  518.         }
  520.         $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::UPDATE$configuration$resource);
  522.         if (!$configuration->isHtmlRequest()) {
  523.             $view $configuration->getParameters()->get('return_content'true) ? View::create($resourceResponse::HTTP_OK) : View::create(nullResponse::HTTP_NO_CONTENT);
  525.             return $this->viewHandler->handle($configuration$view);
  526.         }
  528.         $postEventResponse $postEvent->getResponse();
  529.         if (null !== $postEventResponse) {
  530.             return $postEventResponse;
  531.         }
  533.         return $this->redirectHandler->redirectToResource($configuration$resource);
  534.     }
  536.     /**
  537.      * @throws AccessDeniedException
  538.      */
  539.     protected function isGrantedOr403(RequestConfiguration $configurationstring $permission): void
  540.     {
  541.         if (!$configuration->hasPermission()) {
  542.             return;
  543.         }
  545.         $permission $configuration->getPermission($permission);
  547.         if (!$this->authorizationChecker->isGranted($configuration$permission)) {
  548.             throw new AccessDeniedException();
  549.         }
  550.     }
  552.     /**
  553.      * @throws NotFoundHttpException
  554.      */
  555.     protected function findOr404(RequestConfiguration $configuration): ResourceInterface
  556.     {
  557.         if (null === $resource $this->singleResourceProvider->get($configuration$this->repository)) {
  558.             throw new NotFoundHttpException(sprintf('The "%s" has not been found'$this->metadata->getHumanizedName()));
  559.         }
  561.         return $resource;
  562.     }
  563. }