src/Listener/AccessControlListener.php line 31

Open in your IDE?
  1. <?php
  3. namespace App\Listener;
  5. use App\Entity\AclSetting;
  6. use App\Entity\User;
  7. use Doctrine\ORM\EntityManagerInterface;
  8. use Symfony\Component\HttpKernel\Event\RequestEvent;
  9. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  10. use Symfony\Component\Security\Core\Security;
  12. class AccessControlListener
  13. {
  14. private Security $security;
  15. private EntityManagerInterface $em;
  17. public function __construct(
  18. Security $security,
  19. EntityManagerInterface $em
  20. )
  21. {
  22. $this->security = $security;
  23. $this->em = $em;
  24. }
  26. /**
  27. * @param RequestEvent $event
  28. *
  29. * @return void
  30. */
  31. public function onKernelRequest( RequestEvent $event )
  32. {
  33. $request = $event->getRequest();
  35. $route = $request->attributes->get( '_route' );
  36. if ( $route === NULL ) {
  37. return;
  38. }
  41. // Récupérer l'utilisateur connecté (s'il y en a un)
  42. $user = $this->security->getUser();
  43. if ( $user instanceof User ) {
  44. $allowed = $this->checkAccessControl( $user, $route );
  46. if ( !$allowed ) {
  47. // Générer une réponse d'erreur 403 (Accès refusé)
  48. throw new AccessDeniedHttpException();
  49. }
  50. }
  51. }
  53. /**
  54. * @param User $user
  55. * @param string $route
  56. *
  57. * @return bool
  58. */
  59. private function checkAccessControl( User $user, string $route ): bool
  60. {
  61. if ( $route === 'dev_update_bdd' ) {
  62. return TRUE;
  63. }
  65. return $this->em->getRepository( AclSetting::class )->isUserGrantedByRoute( $user, $route );
  66. }
  67. }