<?php
/**
* Created by PhpStorm.
* User: frup64362
* Date: 07/10/2016
* Time: 11:56
*/
namespace App\Listener;
use App\Entity\RefRole;
use App\Entity\UtilisateurInformation;
use App\Services\JsonResults;
use Doctrine\ORM\EntityManagerInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\Serializer\Encoder\JsonDecode;
use Symfony\Component\Serializer\Encoder\JsonEncode;
use Symfony\Component\Serializer\Encoder\JsonEncoder;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
class RedirectListener implements EventSubscriberInterface
{
/**
* @var JsonEncoder
*/
private $jsonEncoder;
public function __construct(private readonly ContainerInterface $container, private readonly EntityManagerInterface $entityManager)
{
}
public static function getSubscribedEvents()
{
return [
RequestEvent::class => 'onKernelRequest',
];
}
public function onKernelRequest(\Symfony\Component\HttpKernel\Event\RequestEvent $event)
{
$userConnected = $this->container->get('security.token_storage')->getToken();
$user = $userConnected ? $userConnected->getUser() : null;
$url = ["api_liste_rendezvous", "api_get_odm", "ctsweb_affichage_evenement", "api_liste_conge"];
if (in_array($event->getRequest()->attributes->get('_route'), $url)) {
$idCts = $event->getRequest()->attributes->get('idUser');
if ($idCts != 0) {
if ($user->getUtilisateur()->getIdRole() != RefRole::ROLE_CTS || $user->getUtilisateur()->getIdRole() != 12) {
$listCts = $this->entityManager->getRepository(UtilisateurInformation::class)->findMyCts($idCts, $user);
if ((is_countable($listCts) ? count($listCts) : 0) == 0) {
$data = ['success' => false, 'data' => 'access denied'];
$event->setResponse(new Response($this->container->get('jms_serializer')->serialize($data, 'json')));
}
} else {
$data = ['success' => false, 'data' => 'access denied'];
$event->setResponse(new Response($this->container->get('jms_serializer')->serialize($data, 'json')));
}
}
}
// Droit d'accès d'un DS Lecteur
if ($user instanceof UtilisateurInformation && $user->getUtilisateur()->getIdRole() == RefRole::ROLE_LECTEUR) {
$current_url = $event->getRequest()->attributes->get('_route');
$denied_urls = ['ctsweb_informations_generales', 'ctsweb_ordres_de_missions', 'ctsweb_tout_om', 'actualite_cts', 'detail_cts_article'];
if (in_array($current_url, $denied_urls)) {
$data = ['status' => 403, 'success' => false, 'data' => 'access denied'];
$event->setResponse(new Response($this->container->get('jms_serializer')->serialize($data, 'json')));
}
}
}
}