<?php
namespace App\EventSubscriber;
use App\Controller\AdminPermissionController;
use App\Controller\MainController;
use App\Service\Storage\AdminSession;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\ControllerArgumentsEvent;
use Symfony\Component\HttpKernel\Event\ControllerEvent;
use Symfony\Component\HttpKernel\Event\ResponseEvent;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\HttpKernel\KernelEvents;
class AdminPermissionListener implements EventSubscriberInterface
{
/** @var AdminSession */
private $adminSession;
public function __construct(AdminSession $adminSession)
{
$this->adminSession = $adminSession;
}
public function onKernelController(ControllerEvent $event)
{
$controller = $event->getController();
if (is_array($controller)) {
$controller = $controller[0];
}
/*if ($controller instanceof AdminPermissionController || $controller instanceof MainController) {
//check_white_ip_list
if (!$this->adminSession->isTrustedIP($event->getRequest()->getClientIp()))
{
header('Location: https://google.com/');
exit;
}
}*/
if ($controller instanceof AdminPermissionController) {
//check_route permission
if (!$this->adminSession->checkPermissions($event->getRequest()) && $this->adminSession->isLogged()) {
throw new AccessDeniedHttpException('No permission');
}
}
}
public function onKernelView(ControllerArgumentsEvent $event)
{
return;
$controller = $event->getController();
if (is_array($controller)) {
$controller = $controller[0];
}
if ($controller instanceof AdminPermissionController) {
}
return;
}
public function onKernelResponse(ResponseEvent $event)
{
return;
// check to see if onKernelController marked this as a token "auth'ed" request
if (!$token = $event->getRequest()->attributes->get('auth_token')) {
return;
}
$response = $event->getResponse();
// create a hash and set it as a response header
$hash = sha1($response->getContent().$token);
$response->headers->set('X-CONTENT-HASH', $hash);
}
public static function getSubscribedEvents()
{
return [
KernelEvents::CONTROLLER => 'onKernelController',
KernelEvents::CONTROLLER_ARGUMENTS => 'onKernelView',
KernelEvents::RESPONSE => 'onKernelResponse',
];
}
}