src/Listeners/ControllerListener.php line 51

Open in your IDE?
  1. <?php
  3. namespace App\Listeners;
  5. use App\Annotation\Authorization;
  6. use App\Security\CallerAuthorizationService;
  7. use Doctrine\Common\Annotations\Reader;
  8. use Doctrine\Common\Util\ClassUtils;
  9. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController as Controller;
  10. use Symfony\Component\HttpFoundation\RequestStack;
  11. use Symfony\Component\HttpKernel\Event\ControllerArgumentsEvent;
  13. class ControllerListener
  14. {
  15.     /**
  16.      * @var Reader
  17.      */
  18.     protected $reader;
  20.     /**
  21.      * @var RequestStack
  22.      */
  23.     protected $requestStack;
  25.     /**
  26.      * @var CallerAuthorizationService
  27.      */
  28.     protected $callerAuthorizationService;
  30.     /**
  31.      * @param Reader                     $reader
  32.      * @param RequestStack               $requestStack
  33.      * @param CallerAuthorizationService $callerAuthorizationService
  34.      */
  35.     public function __construct(
  36.         Reader $reader,
  37.         RequestStack $requestStack,
  38.         CallerAuthorizationService $callerAuthorizationService
  39.     ) {
  40.         $this->reader $reader;
  41.         $this->requestStack $requestStack;
  42.         $this->callerAuthorizationService $callerAuthorizationService;
  43.     }
  45.     /**
  46.      * @param ControllerArgumentsEvent $event
  47.      *
  48.      * @throws \App\Exception\AccessDeniedException
  49.      * @throws \ReflectionException
  50.      */
  51.     public function onKernelControllerArguments(ControllerArgumentsEvent $event)
  52.     {
  53.         $controller $event->getController();
  55.         if (!is_array($controller)) {
  56.             return;
  57.         }
  59.         /** @var Controller $controllerObject */
  60.         list($controllerObject$methodName) = $controller;
  61.         $request $this->requestStack->getCurrentRequest();
  63.         if (null == $request) {
  64.             return;
  65.         }
  67.         $callerId $request->headers->get('X-CALLER-ID');
  69.         $callers $controllerObject;
  70.         $annotation Authorization::class;
  71.         $classAnnotation $this->reader->getClassAnnotation(
  72.             new \ReflectionClass(ClassUtils::getClass($controllerObject)),
  73.             $annotation
  74.         );
  77.         $controllerReflectionMethod = (new \ReflectionObject($controllerObject))->getMethod($methodName);
  78.         $methodAnnotation $this->reader->getMethodAnnotation($controllerReflectionMethod$annotation);
  79.         if ($classAnnotation || $methodAnnotation) {
  80.             $annotation $classAnnotation ?? $methodAnnotation;
  81.             if (null == $annotation) {
  82.                 return;
  83.             }
  84.             $callers $annotation->apps;
  87.             $this->callerAuthorizationService->checkCallerAuthorization(
  88.                 $callerId,
  89.                 $callers,
  90.                 $request->attributes->get('_route')
  91.             );
  92.         }
  93.     }
  94. }