<?php
namespace App\EventListener;
use App\Entity\Module;
use App\Security\LoginFormAuthenticator;
use App\Services\UserPermissionManager;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\Routing\RouterInterface;
class PermissionHandler
{
protected $entityManager;
protected $authenticator;
protected $router;
/**
* @var UserPermissionManager
*/
private $permissionManager;
public function __construct(EntityManagerInterface $entityManager, LoginFormAuthenticator $authenticator, RouterInterface $router, UserPermissionManager $permissionManager)
{
$this->entityManager = $entityManager;
$this->router = $router;
$this->permissionManager = $permissionManager;
}
public function onKernelRequest(RequestEvent $event)
{
date_default_timezone_set('Africa/Kampala');
$url = $_SERVER['REQUEST_URI'];
$trimUrl = explode('?', $url);
$parts = explode('/', $trimUrl[0]);
$user = $this->permissionManager->getUser();
if ('work-calendar' === $parts[1]) {
return true;
}
$modulePermission = $this->entityManager->getRepository(Module::class)->findOneBy(['className' => $parts[1]]);
if ($modulePermission) {
$userPermissions = [];
foreach ($modulePermission->getModulePermission() as $permissionTitle) {
foreach ($permissionTitle->getGroups() as $userPermissionGroup) {
if ($user->getUserGroups()->contains($userPermissionGroup)) {
foreach ($permissionTitle->getPermissions() as $userPermissionList) {
if (!in_array($userPermissionList->getTitle(), $userPermissions)) {
$userPermissions[] = $userPermissionList->getTitle();
}
}
}
}
}
$getSpecificString = '';
if (4 == count($parts)) {
$getSpecificString = $parts[3];
} elseif (3 == count($parts)) {
if ('' == $parts[2]) {
$getSpecificString = '';
} else {
$getSpecificString = $parts[2];
}
}
switch ($getSpecificString) {
case '':
$permission = 'Can View';
break;
case 'new':
$permission = 'Can Add';
break;
case 'show':
$permission = 'Can View';
break;
case 'edit':
$permission = 'Can Edit';
break;
case 'view':
$permission = 'Can View';
break;
default:
$permission = 'Can View';
}
if (!in_array($permission, $userPermissions)) {
// $event->setResponse(new RedirectResponse($this->router->generate('access-denied')));
}
}
return true;
}
}