src/Security/Authorization/Voter/AccessToPathVoter.php line 17

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace App\Security\Authorization\Voter;
  5. use App\Entity\ResourceController;
  6. use App\Modules\Users\DomainModel\Entity\User;
  7. use App\Repository\ResourceControllerRepository;
  8. use App\Service\CacheService;
  9. use Doctrine\ORM\EntityManagerInterface;
  10. use Exception;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Symfony\Component\HttpFoundation\RequestStack;
  13. use Symfony\Component\Routing\RouterInterface;
  14. use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
  15. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  17. class AccessToPathVoter implements VoterInterface
  18. {
  19.     protected ?Request $request null;
  20.     protected RequestStack $requestStack;
  21.     protected EntityManagerInterface $doctrine;
  22.     protected RouterInterface $router;
  23.     protected ResourceControllerRepository $resourceControllerRepository;
  25.     protected $_controller;
  26.     protected $resources;
  27.     protected ?array $cacheRouters null;
  29.     public function __construct(
  30.         RequestStack                 $requestStack,
  31.         EntityManagerInterface       $doctrine,
  32.         RouterInterface              $router,
  33.         ResourceControllerRepository $resourceControllerRepository
  34.     )
  35.     {
  36.         $this->requestStack $requestStack;
  37.         $this->doctrine $doctrine;
  38.         $this->router $router;
  39.         $this->resourceControllerRepository $resourceControllerRepository;
  40.         $this->resources $this->getResources();
  41.     }
  43.     private function getResources()
  44.     {
  45.         if ($this->resources)
  46.         {
  47.             return $this->resources;
  48.         }
  50.         return $this->getResourcesData();
  51.     }
  53.     private function getResourcesData(): ?array
  54.     {
  55.         /** @var ResourceController[] $resources */
  56.         $resources $this->resourceControllerRepository->findAllReturnArray();
  58.         $data null;
  60.         foreach ($resources as $resource)
  61.         {
  62.             foreach ($resource['roles'] as $role)
  63.             {
  64.                 $data[strtolower($resource['controller'])][strtolower($resource['action'])][strtolower($role['name'])] = $resource['id'];
  65.             }
  66.         }
  68.         return $data;
  69.     }
  71.     private function getRoute($controller)
  72.     {
  73.         if ($this->cacheRouters)
  74.         {
  75.             return $this->cacheRouters[$controller] ?? null;
  76.         }
  78.         $this->cacheRouters $this->getRouteData();
  80.         return $this->cacheRouters[$controller] ?? null;
  81.     }
  83.     private function getRouteData(): array
  84.     {
  85.         $data = [];
  86.         $routers $this->router->getRouteCollection()->all();
  88.         foreach ($routers as $name => $route)
  89.         {
  90.             $data[$name] = $route->getDefault('_controller');
  91.         }
  93.         return $data;
  94.     }
  96.     private function findResource($controller$action$roleName)
  97.     {
  98.         $controller strtolower($controller);
  99.         $action strtolower($action);
  100.         $roleName strtolower($roleName);
  102.         if (isset($this->resources[$controller]['*'][$roleName]))
  103.         {
  104.             return $this->resources[$controller]['*'][$roleName];
  105.         }
  107.         if (isset($this->resources[$controller][$action][$roleName]))
  108.         {
  109.             return $this->resources[$controller][$action][$roleName];
  110.         }
  112.         return null;
  113.     }
  115.     public function getRequest(): ?Request
  116.     {
  117.         if (null === $this->request)
  118.         {
  119.             $this->request $this->requestStack->getCurrentRequest();
  120.         }
  122.         return $this->request;
  123.     }
  125.     public function supportsAttribute($attribute): bool
  126.     {
  127.         return true;
  128.     }
  130.     public function supportsClass($class): bool
  131.     {
  132.         return $class instanceof User;
  133.     }
  135.     /**
  136.      * Get current controller name
  137.      */
  138.     public function getControllerName()
  139.     {
  140.         if (null !== $this -> getRequest())
  141.         {
  142.             $pattern '#(?:.+)\\\([a-zA-Z\\\]+)Controller#';
  143.             $matches = [];
  144.             preg_match($pattern$this->getController(), $matches);
  146.             if (false === isset($matches[1]))
  147.             {
  148.                 throw new Exception('Nie znaleziono nazwy kontrolera w ścieżce '.$this -> getController());
  149.             }
  151.             return strtolower($matches[1]);
  152.         }
  154.         return null;
  155.     }
  157.     /**
  158.      * Get current action name
  159.      */
  160.     public function getActionName(): ?string
  161.     {
  162.         if (null !== $this -> getRequest())
  163.         {
  164.             $pattern "#::([a-zA-Z]*?)(Action|$)#";
  165.             $matches = array();
  166.             preg_match($pattern$this -> getController(), $matches);
  168.             return strtolower($matches[1]);
  169.         }
  171.         return null;
  172.     }
  174.     public function setController($controller): self
  175.     {
  176.         $this -> _controller $this->getRoute($controller);
  177.         return $this;
  178.     }
  180.     public function getController()
  181.     {
  182.         return $this->_controller;
  183.     }
  185.     public function vote(TokenInterface $token$object, array $attributes)
  186.     {
  187.         $this->setController($attributes[0]);
  189.         if (!$this->getController())
  190.         {
  191.             return VoterInterface::ACCESS_ABSTAIN;
  192.         }
  194.         if (!$this->supportsClass($object))
  195.         {
  196.             return VoterInterface::ACCESS_ABSTAIN;
  197.         }
  199.         if (!$this->getControllerName())
  200.         {
  201.             return VoterInterface::ACCESS_ABSTAIN;
  202.         }
  204.         if (!$this->getActionName())
  205.         {
  206.             return VoterInterface::ACCESS_ABSTAIN;
  207.         }
  209.         /** @var ResourceController $resource */
  210.         $resource $this->findResource(
  211.             $this->getControllerName(),
  212.             $this->getActionName(),
  213.             $object->getRole()->getName()
  214.         );
  216.         if ($resource)
  217.         {
  218.             return VoterInterface::ACCESS_GRANTED;
  219.         }
  221.         return VoterInterface::ACCESS_DENIED;
  222.     }
  223. }