Symfony Profiler

<?php
declare(strict_types=1);
namespace DH\SyliusAccessControlPlugin\Access;
use DH\SyliusAccessControlPlugin\Access\Checker\PermissionsCheckerInterface;
use DH\SyliusAccessControlPlugin\Entity\AdministrationGroupInterface;
use Sylius\Component\Core\Model\AdminUserInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Contracts\Translation\TranslatorInterface;
class AdministrationGroupChecker
{
/** @var PermissionsCheckerInterface */
protected $permissionChecker;
/** @var RequestStack */
protected $requestStack;
/** @var Session */
protected $session;
/** @var TokenStorageInterface */
protected $tokenStorage;
/** @var UrlGeneratorInterface */
protected $router;
/** @var TranslatorInterface */
protected $translator;
public function __construct(
PermissionsCheckerInterface $permissionChecker,
RequestStack $requestStack,
Session $session,
TokenStorageInterface $tokenStorage,
UrlGeneratorInterface $router,
TranslatorInterface $translator
) {
$this->permissionChecker = $permissionChecker;
$this->requestStack = $requestStack;
$this->session = $session;
$this->tokenStorage = $tokenStorage;
$this->router = $router;
$this->translator = $translator;
}
public function onKernelRequest(RequestEvent $event): void
{
$request = $event->getRequest();
$route = $request->attributes->get('_route');
$permissionChecker = $this->permissionChecker;
$user = $this->getUser();
if (null !== $route && $user instanceof AdminUserInterface && $user->getAdministrationGroup() instanceof AdministrationGroupInterface) {
if (!$permissionChecker->isUserGranted($route, $user)) {
if (!$this->requestStack->getCurrentRequest()->isXmlHttpRequest()) {
$this->addAccessErrorFlash($event->getRequest()->getMethod());
$event->setResponse($this->getRedirectResponse($event->getRequest()->headers->get('referer')));
}
}
}
}
private function addAccessErrorFlash(string $requestMethod): void
{
if ('GET' === $requestMethod || 'HEAD' === $requestMethod) {
$message = $this->translator->trans('dh_sylius_access_control_plugin.ui.no_access', [], 'flashes');
$this->session->getFlashBag()->add('error', $message);
return;
}
$message = $this->translator->trans('dh_sylius_access_control_plugin.ui.not_allowed', [], 'flashes');
$this->session->getFlashBag()->add('error', $message);
}
private function getRedirectResponse(?string $referer): RedirectResponse
{
if (null !== $referer) {
return new RedirectResponse($referer);
}
return new RedirectResponse($this->router->generate('sylius_admin_dashboard'));
}
protected function getUser(): ?UserInterface
{
if (null === $token = $this->tokenStorage->getToken()) {
return null;
}
if (!is_object($user = $token->getUser())) {
return null;
}
return $user;
}
}

vendor/dh/sylius-access-control-layer-plugin/src/Access/AdministrationGroupChecker.php line 56