/**
* @DI\Observe("kernel.request")
*/
public function onViewAs(GetResponseEvent $event)
{
$request = $event->getRequest();
$attributes = $request->query->all();
if (array_key_exists('view_as', $attributes)) {
$user = $this->tokenStorage->getToken()->getUser();
$viewAs = $attributes['view_as'];
if ($viewAs === 'exit') {
if ($this->authorization->isGranted('ROLE_USURPATE_WORKSPACE_ROLE')) {
$token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
$this->tokenStorage->setToken($token);
}
} else {
$guid = substr($viewAs, strripos($viewAs, '_') + 1);
$baseRole = substr($viewAs, 0, strripos($viewAs, '_'));
if ($this->authorization->isGranted('ROLE_WS_MANAGER_' . $guid)) {
if ($baseRole === 'ROLE_ANONYMOUS') {
throw new \Exception('No implementation yet');
} else {
$role = $this->roleManager->getRoleByName($viewAs);
if ($role === null) {
throw new \Exception("The role {$viewAs} does not exists");
}
$token = new ViewAsToken(array('ROLE_USER', $viewAs, 'ROLE_USURPATE_WORKSPACE_ROLE'));
$token->setUser($user);
$this->tokenStorage->setToken($token);
}
} else {
throw new AccessDeniedException();
}
}
}
}
/**
* @DI\Observe("kernel.request")
*/
public function onViewAs(GetResponseEvent $event)
{
$request = $event->getRequest();
$attributes = $request->query->all();
if (array_key_exists('view_as', $attributes)) {
//first, if we're already usurpating a user role with the sf2 function, we cancel this.
//ROLE_PREVIOUS_ADMIN means we're an administrator usurpating a user account.
if ($this->authorization->isGranted('ROLE_PREVIOUS_ADMIN')) {
$this->tokenUpdater->cancelUserUsurpation($this->tokenStorage->getToken());
}
//then we go as intended
$user = $this->tokenStorage->getToken()->getUser();
$viewAs = $attributes['view_as'];
if ($viewAs === 'exit') {
if ($this->authorization->isGranted('ROLE_USURPATE_WORKSPACE_ROLE')) {
$token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
$this->tokenStorage->setToken($token);
}
} else {
$guid = substr($viewAs, strripos($viewAs, '_') + 1);
$baseRole = substr($viewAs, 0, strripos($viewAs, '_'));
if ($this->authorization->isGranted('ROLE_WS_MANAGER_' . $guid)) {
if ($baseRole === 'ROLE_ANONYMOUS') {
throw new \Exception('No implementation yet');
} else {
$role = $this->roleManager->getRoleByName($viewAs);
if ($role === null) {
throw new \Exception("The role {$viewAs} does not exists");
}
$token = new ViewAsToken(array('ROLE_USER', $viewAs, 'ROLE_USURPATE_WORKSPACE_ROLE'));
$token->setUser($user);
$this->tokenStorage->setToken($token);
}
} else {
throw new AccessDeniedException();
}
}
}
}
