Created
March 12, 2013 23:17
-
-
Save dwaligora/5147984 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace Walmen\AnnonymousBundle\Annotations\Driver; | |
use Doctrine\Common\Annotations\Reader; | |
use Symfony\Component\Security\Core\SecurityContext; | |
use Symfony\Component\HttpKernel\Event\FilterControllerEvent; | |
use Symfony\Component\HttpKernel\Event\FilterResponseEvent; | |
use Symfony\Component\HttpFoundation\RedirectResponse; | |
use Symfony\Bundle\FrameworkBundle\Routing\Router; | |
/** | |
* Description of AnnotationDriver | |
* | |
* @author danielwaligora | |
*/ | |
class AnnotationDriver | |
{ | |
protected $reader; | |
protected $securityContext; | |
protected $notAllowed = false; | |
protected $router; | |
public function __construct(Reader $reader, SecurityContext $securityContext, Router $router) | |
{ | |
$this->reader = $reader; | |
$this->securityContext = $securityContext; | |
$this->router = $router; | |
} | |
/** | |
* This event will fire during any controller call | |
*/ | |
public function onKernelController(FilterControllerEvent $event) | |
{ | |
if (!is_array($controller = $event->getController())) { | |
return; | |
} | |
$object = new \ReflectionObject($controller[0]); // get controller | |
$method = $object->getMethod($controller[1]); // get method | |
foreach ($this->reader->getMethodAnnotations($method) as $configuration) { | |
if(!empty($configuration->roles) && !is_array($configuration->roles)) { | |
throw new \InvalidArgumentException( | |
sprintf('"@Prohibited" annotation in the %s requires defining roles param as an array!', | |
get_class($controller[0]))); | |
} | |
if (!empty($configuration->roles)) { | |
foreach ($configuration->roles as $role) { | |
if ($this->securityContext->isGranted($role)) { | |
$this->notAllowed = true; | |
break; | |
} | |
} | |
} | |
} | |
} | |
public function onKernelResponse(FilterResponseEvent $event) | |
{ | |
if ($this->notAllowed) { | |
$event->setResponse(new RedirectResponse($this->router->generate('account'))); | |
} | |
} | |
} | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace Walmen\AnnonymousBundle\Controller; | |
use Symfony\Component\HttpFoundation\Request; | |
use FOS\UserBundle\Controller\SecurityController as BaseController; | |
use Walmen\AnnonymousBundle\Annotations\Prohibited; | |
/** | |
* Description of SecurityController | |
* | |
* @author danielwaligora | |
*/ | |
class SecurityController extends BaseController | |
{ | |
/** | |
* @Prohibited(roles={"ROLE_USER"}) | |
* @param \Symfony\Component\HttpFoundation\Request $request | |
*/ | |
public function loginAction(Request $request) | |
{ | |
return parent::loginAction($request); | |
} | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment