src/EventSubscriber/AccessCheckSubscriber.php line 36

Open in your IDE?
  1. <?php
  3. namespace App\EventSubscriber;
  5. use App\Utils\RequestHelper;
  6. use App\Domain\Payload\Error;
  7. use App\Exception\ApiException;
  8. use App\Domain\Payload\Payload;
  9. use App\Exception\ApiExceptionInterface;
  10. use App\Domain\Exception\Restrict\RestrictException;
  11. use App\Services\RoutePermissions\RoutePermissionValidator;
  12. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  13. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  15. class AccessCheckSubscriber implements EventSubscriberInterface
  16. {
  17.     /**
  18.      * @var RoutePermissionValidator
  19.      */
  20.     private $permissionValidator;
  22.     /**
  23.      * @var RequestHelper
  24.      */
  25.     private $requestHelper;
  27.     public function __construct(RoutePermissionValidator $permissionValidatorRequestHelper $requestHelper)
  28.     {
  29.         $this->permissionValidator $permissionValidator;
  30.         $this->requestHelper $requestHelper;
  31.     }
  33.     /**
  34.      * @throws RestrictException|ApiExceptionInterface
  35.      */
  36.     public function onController(ControllerEvent $event): void
  37.     {
  38.         $givenRoute $event->getRequest()->getPathInfo();
  39.         if (!$this->permissionValidator->validate($givenRoute)) {
  40.             if ($this->requestHelper->isV1Route()) {
  41.                 throw new RestrictException('No permissions to access this endpoint');
  42.             }
  43.             $payload = new Payload();
  44.             $payload->setError(new Error(0'No permissions to access this endpoint'));
  45.             throw ApiException::createForbiddenException($payload);
  46.         }
  47.     }
  49.     public static function getSubscribedEvents(): array
  50.     {
  51.         return [
  52.             'kernel.controller' => ['onController'1],
  53.         ];
  54.     }
  55. }