src/EventListener/PermissionHandler.php line 30

Open in your IDE?
  1. <?php
  3. namespace App\EventListener;
  5. use App\Entity\Module;
  6. use App\Security\LoginFormAuthenticator;
  7. use App\Services\UserPermissionManager;
  8. use Doctrine\ORM\EntityManagerInterface;
  9. use Symfony\Component\HttpFoundation\RedirectResponse;
  10. use Symfony\Component\HttpKernel\Event\RequestEvent;
  11. use Symfony\Component\Routing\RouterInterface;
  13. class PermissionHandler
  14. {
  15.     protected $entityManager;
  16.     protected $authenticator;
  17.     protected $router;
  18.     /**
  19.      * @var UserPermissionManager
  20.      */
  21.     private $permissionManager;
  23.     public function __construct(EntityManagerInterface $entityManagerLoginFormAuthenticator $authenticatorRouterInterface $routerUserPermissionManager $permissionManager)
  24.     {
  25.         $this->entityManager $entityManager;
  26.         $this->router $router;
  27.         $this->permissionManager $permissionManager;
  28.     }
  30.     public function onKernelRequest(RequestEvent $event)
  31.     {
  32.         date_default_timezone_set('Africa/Kampala');
  33.         $url $_SERVER['REQUEST_URI'];
  34.         $trimUrl explode('?'$url);
  35.         $parts explode('/'$trimUrl[0]);
  36.         $user $this->permissionManager->getUser();
  38.         if ('work-calendar' === $parts[1]) {
  39.             return true;
  40.         }
  41.         $modulePermission $this->entityManager->getRepository(Module::class)->findOneBy(['className' => $parts[1]]);
  42.         if ($modulePermission) {
  43.             $userPermissions = [];
  44.             foreach ($modulePermission->getModulePermission() as $permissionTitle) {
  45.                 foreach ($permissionTitle->getGroups() as $userPermissionGroup) {
  46.                     if ($user->getUserGroups()->contains($userPermissionGroup)) {
  47.                         foreach ($permissionTitle->getPermissions() as $userPermissionList) {
  48.                             if (!in_array($userPermissionList->getTitle(), $userPermissions)) {
  49.                                 $userPermissions[] = $userPermissionList->getTitle();
  50.                             }
  51.                         }
  52.                     }
  53.                 }
  54.             }
  56.             $getSpecificString '';
  58.             if (== count($parts)) {
  59.                 $getSpecificString $parts[3];
  60.             } elseif (== count($parts)) {
  61.                 if ('' == $parts[2]) {
  62.                     $getSpecificString '';
  63.                 } else {
  64.                     $getSpecificString $parts[2];
  65.                 }
  66.             }
  67.             switch ($getSpecificString) {
  68.                 case '':
  69.                     $permission 'Can View';
  70.                     break;
  72.                 case 'new':
  73.                     $permission 'Can Add';
  74.                     break;
  76.                 case 'show':
  77.                     $permission 'Can View';
  78.                     break;
  80.                 case 'edit':
  81.                     $permission 'Can Edit';
  82.                     break;
  84.                 case 'view':
  85.                     $permission 'Can View';
  86.                     break;
  88.                 default:
  89.                     $permission 'Can View';
  90.             }
  92.             if (!in_array($permission$userPermissions)) {
  93. //                $event->setResponse(new RedirectResponse($this->router->generate('access-denied')));
  94.             }
  95.         }
  97.         return true;
  98.     }
  99. }