Created
January 30, 2015 01:03
-
-
Save odnanref/06a9659dcf148805f804 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
namespace Far\UserBundle\EventListener; | |
use Symfony\Component\EventDispatcher\EventSubscriberInterface; | |
use Symfony\Component\EventDispatcher\Event; | |
use Symfony\Component\HttpKernel\KernelEvents; | |
use Symfony\Component\HttpKernel\Event\GetResponseEvent; | |
use Symfony\Component\HttpKernel\HttpKernelInterface; | |
use Symfony\Component\HttpFoundation\RedirectResponse; | |
class AccessControl implements EventSubscriberInterface | |
{ | |
private $em; | |
private $dispatcher; | |
private $security; | |
private $router; | |
public function __construct($em, $dispatcher, $security, $router) | |
{ | |
$this->em = $em; | |
$this->dispatcher = $dispatcher; | |
$this->security = $security; | |
$this->router = $router; | |
} | |
public static function getSubscribedEvents() | |
{ | |
return array( | |
KernelEvents::REQUEST => ['onKernelRequest', 0], | |
); | |
} | |
public function onKernelRequest($event) | |
{ | |
if ($event->getRequestType() != HttpKernelInterface::MASTER_REQUEST) { | |
return null; | |
} | |
$user = $this->security->getToken()->getUser(); | |
$request = $event->getRequest(); | |
$requested_uri = $request->getRequestUri(); | |
$internal_route = $request->get('_route'); // this what is used to validate access | |
if ($internal_route == 'fos_user_registration_register') { | |
return true; | |
} | |
if ($user == 'anon.') { // TODO security issue here must check if destination is allowed | |
$mainrequest = $event->getRequest(); | |
// Matched route | |
$_route = $mainrequest->attributes->get('_route'); | |
// Matched controller | |
$_controller = $mainrequest->attributes->get('_controller'); | |
// All route parameters including the `_controller` | |
$params = $mainrequest->attributes->get('_route_params'); | |
if ($_route != 'fos_user_security_login') { | |
$url = $this->router->generate('fos_user_security_login'); | |
$response = new RedirectResponse($url); | |
$event->setResponse($response); | |
} | |
return; | |
} | |
if ($user->hasGroup("Admin")) { | |
return true; | |
} | |
$request = $event->getRequest(); | |
$requested_uri = $request->getRequestUri(); | |
$internal_route = $request->get('_route'); // this what is used to validate access | |
if (mb_substr($internal_route, 0, mb_strlen("lab_")) == "lab_") { | |
if ($user->hasGroup("Laboratorio")) { | |
return true; | |
} else { | |
// monolog here | |
throw new \Exception("Unauthorized access. $internal_route"); | |
} | |
} | |
if (mb_substr($internal_route, 0, mb_strlen("stock")) == "stock") { | |
if ($user->hasGroup("Stock")) { | |
return true; | |
} else { | |
// monolog here | |
throw new \Exception("Unauthorized access. $internal_route"); | |
} | |
} | |
if (mb_substr($internal_route, 0, mb_strlen("user")) == "user") { | |
if ($user->hasGroup("Admin")) { | |
return true; | |
} else { | |
// monolog here | |
throw new \Exception("Unauthorized access. $internal_route"); | |
} | |
} | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<container> | |
<services> | |
<service id="far_user.eventlistener.stock" class="Far\UserBundle\EventListener\AccessControl"> | |
<tag name="kernel.event_subscriber" connection="default" /> | |
<argument type="service" id="doctrine.orm.entity_manager"/> | |
<argument type="service" id="event_dispatcher"/> | |
<argument type="service" id="security.context"/> | |
<argument type="service" id="router"/> | |
</service> | |
</services> | |
</container> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment