<?php
namespace App\EventSubscriber;
use App\Enum\UserRole;
use App\Enum\ErrorResponseMessageEnum;
use App\Service\UserInterface;
use App\Service\FrontendService;
use App\Controller\AdminAuthenticatedController;
use App\Exception\RoleAdminRequiredException;
use Symfony\Component\HttpKernel\Event\ControllerEvent;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\HttpKernel\Event\ExceptionEvent;
class AdminAuthenticatedSubscriber implements EventSubscriberInterface
{
private $userService;
private $frontendService;
public function __construct(UserInterface $userService, FrontendService $frontendService){
$this->userService = $userService;
$this->frontendService = $frontendService;
}
public function onKernelController(ControllerEvent $event)
{
$controller = $event->getController();
/*
* $controller passed can be either a class or a Closure.
* This is not usual in Symfony but it may happen.
* If it is a class, it comes in array format
*/
if (!is_array($controller)) {
return;
}
if ($controller[0] instanceof AdminAuthenticatedController) {
if (!$this->userService->isAccessGranted(UserRole::ROLE_ADMIN)){
throw new RoleAdminRequiredException();
}
}
}
public static function getSubscribedEvents()
{
return array(
KernelEvents::CONTROLLER => 'onKernelController',
KernelEvents::EXCEPTION => array(
array('roleAdminRequiredException', 0),
)
);
}
public function roleAdminRequiredException(ExceptionEvent $event)
{
if ($event->getThrowable() instanceof RoleAdminRequiredException){
$event->setResponse($this->frontendService->forbidden(ErrorResponseMessageEnum::ROLE_ADMIN_REQUIRED));
}
}
}