src/EventListener/SwitchUserListener.php line 64

Open in your IDE?
  1. <?php
  2. /**
  3.  * Created by PhpStorm.
  4.  * User: guillaume
  5.  * Date: 28/03/2019
  6.  * Time: 17:23
  7.  */
  8. namespace App\EventListener;
  9. use Doctrine\ORM\EntityManagerInterface;
  10. use Symfony\Bridge\Doctrine\RegistryInterface;
  11. use Symfony\Component\DependencyInjection\ContainerInterface;
  12. use Symfony\Component\HttpFoundation\RedirectResponse;
  13. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  14. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  15. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  16. use Symfony\Component\Routing\RouteCollection;
  17. use Symfony\Component\Routing\RouterInterface;
  18. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  19. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  20. use Symfony\Component\Security\Core\Security;
  21. use Symfony\Component\Security\Http\Event\SwitchUserEvent;
  22. class SwitchUserListener
  23. {
  24.     /**
  25.      * @var Symfony\Component\Routing\RouterInterface
  26.      */
  27.     private $router;
  28.     /**
  29.      * @var routeCollection \Symfony\Component\Routing\RouteCollection
  30.      */
  31.     private $routeCollection;
  32.     private $container;
  33.     private $doctrine;
  34.     private $authorizationChecker;
  35.     private $tokenStorage;
  36.     protected $security;
  37.     public function __construct(ContainerInterface $containerEntityManagerInterface $doctrineRouterInterface $routerAuthorizationCheckerInterface $authorizationCheckerTokenStorageInterface $tokenStorageSecurity $security)
  38.     {
  39.         $this->router $router;
  40.         $this->routeCollection $router->getRouteCollection();
  41.         $this->container $container;
  42.         $this->doctrine $doctrine;
  43.         $this->authorizationChecker $authorizationChecker;
  44.         $this->tokenStorage $tokenStorage;
  45.         $this->security $security;
  46.     }
  47.     public function onSwitchUser(SwitchUserEvent $event)
  48.     {
  49.         $token $this->tokenStorage->getToken();
  50.         if ($token) {
  51.             $account $token->getUser();
  52.             if ($account && !is_string($account)) {
  53.                 if (!$this->security->isGranted("ROLE_PREVIOUS_ADMIN")) {
  54.                     if (!$this->security->isGranted("ROLE_DPO")) {
  55.                         if ($this->security->isGranted("ROLE_JURISTE") || $this->security->isGranted("ROLE_COMMERCE")) {
  56.                             if ($this->security->isGranted("ROLE_JURISTE")) {
  57.                                 if ($event->getTargetUser()->getUser()->getManager()->getId() != $account->getManager()->getId()
  58.                                 && ($event->getTargetUser()->getUser()->getLawyer() && $event->getTargetUser()->getUser()->getLawyer()->getId() != $account->getManager()->getId())) {
  59.                                     $event->stopPropagation();
  60.                                     throw new AccessDeniedHttpException();
  61.                                 }
  62.                             } else {
  63.                                 if (!$event->getTargetUser()->getUser()->isDemo()) {
  64.                                     $event->stopPropagation();
  65.                                     throw new AccessDeniedHttpException();
  66.                                 }
  67.                             }
  68.                         } else {
  69.                             if (!$event->getTargetUser()->getUser() || !$event->getTargetUser()->getUser()->getParentUser() || $event->getTargetUser()->getUser()->getParentUser()->getId() != $account->getUser()->getId()) {
  70.                                 $event->stopPropagation();
  71.                                 throw new AccessDeniedHttpException();
  72.                             }
  73.                         }
  74.                     }
  75.                 }
  76.             } else {
  77.                 $event->stopPropagation();
  78.                 throw new AccessDeniedHttpException();
  79.             }
  80.         } else {
  81.             $event->stopPropagation();
  82.             throw new AccessDeniedHttpException();
  83.         }
  84.     }
  85. }