src/EventListener/SwitchUserListener.php line 58

Open in your IDE?
  1. <?php
  2. /**
  3.  * Created by PhpStorm.
  4.  * User: guillaume
  5.  * Date: 28/03/2019
  6.  * Time: 17:23
  7.  */
  9. namespace App\EventListener;
  11. use Doctrine\ORM\EntityManagerInterface;
  12. use Symfony\Bridge\Doctrine\RegistryInterface;
  13. use Symfony\Component\DependencyInjection\ContainerInterface;
  14. use Symfony\Component\HttpFoundation\RedirectResponse;
  15. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  16. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  17. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  18. use Symfony\Component\Routing\RouteCollection;
  19. use Symfony\Component\Routing\RouterInterface;
  20. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  21. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  22. use Symfony\Component\Security\Core\Security;
  23. use Symfony\Component\Security\Http\Event\SwitchUserEvent;
  25. class SwitchUserListener
  26. {
  27.     /**
  28.      * @var Symfony\Component\Routing\RouterInterface
  29.      */
  30.     private $router;
  32.     /**
  33.      * @var routeCollection \Symfony\Component\Routing\RouteCollection
  34.      */
  35.     private $routeCollection;
  37.     private $container;
  39.     private $doctrine;
  41.     private $authorizationChecker;
  43.     private $tokenStorage;
  45.     protected $security;
  47.     public function __construct(ContainerInterface $containerEntityManagerInterface $doctrineRouterInterface $routerAuthorizationCheckerInterface $authorizationCheckerTokenStorageInterface $tokenStorageSecurity $security)
  48.     {
  49.         $this->router $router;
  50.         $this->routeCollection $router->getRouteCollection();
  51.         $this->container $container;
  52.         $this->doctrine $doctrine;
  53.         $this->authorizationChecker $authorizationChecker;
  54.         $this->tokenStorage $tokenStorage;
  55.         $this->security $security;
  56.     }
  58.     public function onSwitchUser(SwitchUserEvent $event)
  59.     {
  60.         $token $this->tokenStorage->getToken();
  61.         if ($token) {
  62.             $account $token->getUser();
  63.             if ($account && !is_string($account)) {
  64.                 if (!$this->security->isGranted("ROLE_PREVIOUS_ADMIN")) {
  65.                     if (!$this->security->isGranted("ROLE_DPO")) {
  66.                         if ($this->security->isGranted("ROLE_JURISTE") || $this->security->isGranted("ROLE_COMMERCE")) {
  67.                             if ($this->security->isGranted("ROLE_JURISTE")) {
  68.                                 if ($event->getTargetUser()->getUser()->getManager()->getId() != $account->getManager()->getId()
  69.                                 && ($event->getTargetUser()->getUser()->getLawyer() && $event->getTargetUser()->getUser()->getLawyer()->getId() != $account->getManager()->getId())) {
  70.                                     $event->stopPropagation();
  71.                                     throw new AccessDeniedHttpException();
  72.                                 }
  73.                             } else {
  74.                                 if (!$event->getTargetUser()->getUser()->isDemo()) {
  75.                                     $event->stopPropagation();
  76.                                     throw new AccessDeniedHttpException();
  77.                                 }
  78.                             }
  79.                         } else {
  80.                             if (!$event->getTargetUser()->getUser() || !$event->getTargetUser()->getUser()->getParentUser() || $event->getTargetUser()->getUser()->getParentUser()->getId() != $account->getUser()->getId()) {
  81.                                 $event->stopPropagation();
  82.                                 throw new AccessDeniedHttpException();
  83.                             }
  84.                         }
  85.                     }
  86.                 }
  87.             } else {
  88.                 $event->stopPropagation();
  89.                 throw new AccessDeniedHttpException();
  90.             }
  91.         } else {
  92.             $event->stopPropagation();
  93.             throw new AccessDeniedHttpException();
  94.         }
  95.     }
  96. }