src/Permission/Listener/PermissionCheckListener.php line 37

Open in your IDE?
  1. <?php
  4. namespace App\Permission\Listener;
  6. use App\Permission\Annotation\PermissionCheck;
  7. use Doctrine\Common\Annotations\Reader;
  8. use ReflectionClass;
  9. use ReflectionException;
  10. use RuntimeException;
  11. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  12. use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
  13. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  14. use Symfony\Contracts\Translation\TranslatorInterface;
  17. class PermissionCheckListener
  18. {
  19.     /**
  20.      * @param Reader $annotationReader
  21.      * @param AuthorizationCheckerInterface $authorizationChecker
  22.      * @param TranslatorInterface $translator
  23.      */
  24.     public function __construct(
  25.         protected Reader                        $annotationReader,
  26.         protected AuthorizationCheckerInterface $authorizationChecker,
  27.         protected TranslatorInterface           $translator,
  28.     )
  29.     {
  30.     }
  32.     /**
  33.      * @param ControllerEvent $event
  34.      * @return void
  35.      * @throws ReflectionException
  36.      */
  37.     public function onKernelController(ControllerEvent $event): void
  38.     {
  39.         if (!$event->getRequest()) {
  40.             return;
  41.         }
  43.         $controllers $event->getController();
  44.         if (!is_array($controllers)) {
  45.             return;
  46.         }
  48.         $this->handleAnnotation($controllers);
  49.     }
  51.     /**
  52.      * @param iterable $controllers
  53.      * @return void
  54.      * @throws ReflectionException
  55.      */
  56.     private function handleAnnotation(iterable $controllers): void
  57.     {
  58.         list($controller$method) = $controllers;
  60.         try {
  61.             $controller = new ReflectionClass($controller);
  62.         } catch (ReflectionException) {
  63.             throw new RuntimeException($this->translator->trans('api.failedToReadAnnotation'));
  64.         }
  66.         $this->handleClassAnnotation($controller);
  67.         $this->handleMethodAnnotation($controller$method);
  68.     }
  70.     /**
  71.      * @param ReflectionClass $controller
  72.      * @return void
  73.      */
  74.     private function handleClassAnnotation(ReflectionClass $controller): void
  75.     {
  76.         $annotation $this->annotationReader->getClassAnnotation($controllerPermissionCheck::class);
  78.         $this->extracted($annotation);
  79.     }
  81.     /**
  82.      * @param ReflectionClass $controller
  83.      * @param string $method
  84.      * @return void
  85.      * @throws ReflectionException
  86.      */
  87.     private function handleMethodAnnotation(ReflectionClass $controllerstring $method): void
  88.     {
  89.         $method $controller->getMethod($method);
  90.         $annotation $this->annotationReader->getMethodAnnotation($methodPermissionCheck::class);
  92.         $this->extracted($annotation);
  93.     }
  95.     /**
  96.      * @param PermissionCheck|null $annotation
  97.      * @return void
  98.      */
  99.     private function extracted(?PermissionCheck $annotation): void
  100.     {
  101.         if ($annotation instanceof PermissionCheck) {
  102.             $isGranted $this->authorizationChecker->isGranted($annotation->permission$annotation->role);
  103.             if (!$isGranted) {
  104.                 $message sprintf($this->translator->trans('api.rolePermissionNotFound'), $annotation->roleimplode(' ' $this->translator->trans('api.or') . ' '$annotation->permission));
  105.                 throw new AccessDeniedException($message);
  106.             }
  107.         }
  108.     }
  109. }