/**
  * Returns a response when is an ajax request and an AccessDeniedException has been thrown
  *
  * @param GetResponseForExceptionEvent $event
  *
  * @api
  */
 public function onKernelException(GetResponseForExceptionEvent $event)
 {
     $request = $event->getRequest();
     $exception = $event->getException();
     if ($request->isXmlHttpRequest()) {
         if ($exception instanceof AccessDeniedException) {
             $token = $this->context->getToken();
             if (!$this->authenticationTrustResolver->isAnonymous($token)) {
                 $event->setResponse(new Response('You haven\'t enough privileges to perform the required action', 403));
             }
         }
     }
 }
 /**
  * Only allow access if the TokenInterface isAnonymous. But abstain from voting
  * if the attribute IS_ANONYMOUS isnt supported.
  *
  * @param TokenInterface $token
  * @param object $object
  * @param array $attributes
  * @return integer
  */
 public function vote(TokenInterface $token, $object, array $attributes)
 {
     foreach ($attributes as $attribute) {
         if (!$this->supportsAttribute($attribute)) {
             continue;
         }
         // If the user is anonymous then grant access otherwise deny!
         if ($this->authenticationTrustResolver->isAnonymous($token)) {
             return VoterInterface::ACCESS_GRANTED;
         }
         return VoterInterface::ACCESS_DENIED;
     }
     return VoterInterface::ACCESS_ABSTAIN;
 }
Exemplo n.º 3
0
 /**
  * Stores the referer in the session.
  *
  * @param FilterResponseEvent $event
  */
 public function onKernelResponse(FilterResponseEvent $event)
 {
     if (!$this->isContaoMasterRequest($event)) {
         return;
     }
     $token = $this->tokenStorage->getToken();
     if (null === $token || $this->authenticationTrustResolver->isAnonymous($token)) {
         return;
     }
     $request = $event->getRequest();
     if ($this->isBackendScope()) {
         $this->storeBackendReferer($request);
     } else {
         $this->storeFrontendReferer($request);
     }
 }
Exemplo n.º 4
0
 /**
  * Writes the current session data to the database.
  *
  * @param FilterResponseEvent $event
  */
 public function onKernelResponse(FilterResponseEvent $event)
 {
     if (!$this->isContaoMasterRequest($event)) {
         return;
     }
     $token = $this->tokenStorage->getToken();
     if (null === $token || $this->authenticationTrustResolver->isAnonymous($token)) {
         return;
     }
     $user = $this->getUserObject();
     if (!$user instanceof User) {
         return;
     }
     $this->connection->update($user->getTable(), ['session' => serialize($this->getSessionBag()->all())], ['id' => $user->id]);
 }