<?php
namespace App\EventListener;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Exception\HttpException;
use Symfony\Component\HttpFoundation\Response;
class ModuleAccessListerner
{
private $em;
private $root;
private $container;
private $user;
private $router;
public function __construct($entityManager ,$container, $router)
{
$this->em = $entityManager;
$this->container = $container;
$this->root = $this->container->get('kernel')->getRootDir() . '/../';
$this->clientPath = $this->container->get('kernel')->getRootDir() . '/../';
$this->router = $router;
}
public function CheckModuleAccess(GetResponseEvent $event)
{
$request = $event->getRequest();
$urlPath = explode('/', trim($request->getPathInfo(),'/'));
$routeName = $request->get('_route');
$ignoreRouteName = [
'mon_profil_save_user',
'user_connect_modif_adresse',
'delete_adresse_user_connect',
'add_new_adresse_user_connect',
'load_adresse_user_connect',
'save_remove_img_user_connected',
'user_profil_change_password'
];
$addActionArray = ['add','ajout','ajouter','ajouté','dupplicate','new'];
$updateActionArray = ['update','modif','modifier','modifié','save','edit'];
$deleteActionArray = ['delete','remove','supr','supprimer','supprimé'];
$otherActionArray = ['load'];
$isAccessDenied = false;
// 1 - Liste
// 2 - Liste Event / Fiche
// 3 - Fiche Event
if(!$this->container->get('security.token_storage')->getToken()){
$user = null;
}else{
if($this->container->get('security.token_storage')->getToken()->getUser() == 'anon.' || !$this->container->get('security.token_storage')->getToken()->getUser()){
$user = null;
}else{
$user = $this->container->get('security.token_storage')->getToken()->getUser();
}
}
if(!in_array($routeName, $ignoreRouteName) && $routeName != null){
if($user){
$userModule = $user->getAllModules();
if(count($urlPath) == 2){
//exemple : (site-internet/evenements)
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['other']))
$isAccessDenied = true;
}else if(count($urlPath) == 3){
if($urlPath[2] == 'data'){
//exemple : (site-internet/evenements/data)
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['other']))
$isAccessDenied = true;
}else if(is_numeric($urlPath[2])){
//exemple : (site-internet/evenements/{id})
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['view']))
$isAccessDenied = true;
}else{
//exemple : (site-internet/evenements/%add%)
//exemple : (site-internet/evenements/%delete%)
//exemple : (site-internet/evenements/%update%)
//exemple : (site-internet/evenements/%load%)
if((str_replace($addActionArray, '', $urlPath[2]) != $urlPath[2])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['add']))
$isAccessDenied = true;
}else if ((str_replace($deleteActionArray, '', $urlPath[2]) != $urlPath[2])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['delete']))
$isAccessDenied = true;
}else if ((str_replace($updateActionArray, '', $urlPath[2]) != $urlPath[2])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['update']))
$isAccessDenied = true;
}else if ((str_replace($otherActionArray, '', $urlPath[2]) != $urlPath[2])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['other']))
$isAccessDenied = true;
}
}
}else if(count($urlPath) >= 4){
if(is_numeric($urlPath[2])){
//exemple : (site-internet/evenements/{id}/%add%)
//exemple : (site-internet/evenements/{id}/%delete%)
//exemple : (site-internet/evenements/{id}/%update%)
//exemple : (site-internet/evenements/{id}/%load%)
if((str_replace($addActionArray, '', $urlPath[3]) != $urlPath[3])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['add']))
$isAccessDenied = true;
}else if ((str_replace($deleteActionArray, '', $urlPath[3]) != $urlPath[3])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['delete']))
$isAccessDenied = true;
}else if ((str_replace($updateActionArray, '', $urlPath[3]) != $urlPath[3])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['update']))
$isAccessDenied = true;
}else if ((str_replace($otherActionArray, '', $urlPath[3]) != $urlPath[3])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['other']))
$isAccessDenied = true;
}
}else if(is_numeric($urlPath[3])){
if(isset($urlPath[4])){
//exemple : (configuration/generale/infos-admin/{id}/%add%)
//exemple : (configuration/generale/infos-admin/{id}/%delete%)
//exemple : (configuration/generale/infos-admin/{id}/%update%)
//exemple : (configuration/generale/infos-admin/{id}/%load%)
if((str_replace($addActionArray, '', $urlPath[4]) != $urlPath[4])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['add']))
$isAccessDenied = true;
}else if ((str_replace($deleteActionArray, '', $urlPath[4]) != $urlPath[4])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['delete']))
$isAccessDenied = true;
}else if ((str_replace($updateActionArray, '', $urlPath[4]) != $urlPath[4])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['update']))
$isAccessDenied = true;
}else if ((str_replace($otherActionArray, '', $urlPath[4]) != $urlPath[4])){
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['other']))
$isAccessDenied = true;
}
}
}else if($urlPath[2] == 'data'){
//exemple : (configuration/generale/data/admins)
if(!isset($userModule[$urlPath[0]][$urlPath[1]]['actions']['other']))
$isAccessDenied = true;
}
}
}
}
if($isAccessDenied){
$event->setResponse(new RedirectResponse($this->router->generate('home') . '?error=module'));
}
}
}