public function onKernelRequest(GetResponseEvent $event) { if ($this->kernel->getEnvironment() != "dev") { if (preg_match("/\\/api\\//", $event->getRequest()->getUri())) { $requestUri = $event->getRequest()->getUri(); $requestMethod = $event->getRequest()->getMethod(); if ($requestMethod !== "GET") { $token = $this->context->getToken(); if (isset($token)) { $user = $token->getUser(); if (!isset($user) || "anon." === $user) { if (!$event->getRequest()->query->has('api_key')) { $event->setResponse(new Response(json_encode(array("code" => 401, "message" => "The request requires user authentication")), 401)); } } } else { $event->setResponse(new Response(json_encode(array("code" => 401, "message" => "The request requires user authentication")), 401)); } } } } $request = $event->getRequest(); if (!count($request->request->all()) && in_array($request->getMethod(), array('POST', 'PUT', 'PATCH', 'DELETE'))) { $contentType = $request->headers->get('Content-Type'); $format = null === $contentType ? $request->getRequestFormat() : $request->getFormat($contentType); if (!$this->decoderProvider->supports($format)) { return; } $decoder = $this->decoderProvider->getDecoder($format); $data = $decoder->decode($request->getContent(), $format); if (is_array($data)) { $request->request = new ParameterBag($data); } } }
/** * Update the user "lastActivity" on each request * * @param FilterControllerEvent $event */ public function onCoreController(FilterControllerEvent $event) { // Here we are checking that the current request is a "MASTER_REQUEST", // and ignore any // subrequest in the process (for example when // doing a render() in a twig template) if ($event->getRequestType() !== HttpKernel::MASTER_REQUEST) { return; } // We are checking a token authentification is available before using // the User if ($this->securityContext->getToken()) { $user = $this->securityContext->getToken()->getUser(); // We are using a delay during wich the user will be considered as // still active, in order to // avoid too much UPDATE in the // database // $delay = new \DateTime (); // $delay->setTimestamp (strtotime ('2 minutes ago')); // We are checking the Admin class in order to be certain we can // call "getLastActivity". // && $user->getLastActivity() < $delay) { if ($user instanceof User) { $user->isActiveNow(); $this->em->persist($user); $this->em->flush(); } } }
public function onFilterController(FilterControllerEvent $event) { list($object, $method) = $event->getController(); // the controller could be a proxy $className = ClassUtils::getClass($object); $reflectionClass = new \ReflectionClass($className); $reflectionMethod = $reflectionClass->getMethod($method); $allControllerAnnotations = $this->annotationReader->getClassAnnotations($reflectionClass); $allMethodAnnotations = $this->annotationReader->getMethodAnnotations($reflectionMethod); $guardAnnotationsFilter = function ($annotation) { return $annotation instanceof Guard; }; $controllerGuardAnnotations = array_filter($allControllerAnnotations, $guardAnnotationsFilter); $methodGuardAnnotations = array_filter($allMethodAnnotations, $guardAnnotationsFilter); $guardAnnotations = array_merge($controllerGuardAnnotations, $methodGuardAnnotations); $permissions = []; foreach ($guardAnnotations as $guardAnnotation) { $value = $guardAnnotation->value; if (!is_array($value)) { $value = [$value]; } $permissions = array_merge($value, $permissions); } $permissions = array_unique($permissions); if (!empty($permissions) && !$this->security->isGranted($permissions)) { $e = new PermissionRequiredException(); $e->setRequiredPermissions($permissions)->setCurrentPermissions($this->security->getToken()->getUser()->getPermissions()); throw $e; } }
public function testGetSetToken() { $context = new SecurityContext($this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\AuthenticationManagerInterface'), $this->getMock('Symfony\\Component\\Security\\Core\\Authorization\\AccessDecisionManagerInterface')); $this->assertNull($context->getToken()); $context->setToken($token = $this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface')); $this->assertSame($token, $context->getToken()); }
/** * Listener for comments' votes persistence to avoid voting for own comments * and multiple voting for comments * * @param VotePersistEvent $event * @return void */ public function avoidIncorrectVoting(VotePersistEvent $event) { try { if (!$this->context->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED)) { throw new \Exception('Avoid voting if user is not authenticated'); } /** @var $vote SignedVoteInterface */ $vote = $event->getVote(); /** @var $user User */ $user = $this->context->getToken()->getUser(); if ($vote->getVoter() !== $user) { throw new \Exception('Attempt to vote for different user'); } if ($vote->getComment()->getAuthor() === $user) { throw new \Exception('Attempt to vote for own comment'); } $existingVote = $this->voteManager->findVoteBy(array('comment' => $vote->getComment(), 'voter' => $user)); if ($existingVote) { throw new \Exception('Attempt to vote multiple times for same comment'); } } catch (\Exception $e) { $event->abortPersistence(); $event->stopPropagation(); } }
public function isOwnerOrAdmin(User $user = null) { if ($this->isAdmin()) { return true; } return $user && $user === $this->context->getToken()->getUser(); }
public function buildForm(FormBuilderInterface $builder, array $options) { $user = $this->securityContext->getToken()->getUser(); if ($user === 'anon.') { $user = false; } $builder->add('clientFirstName', null, array('attr' => array('placeholder' => 'Иван', 'class' => 'input_block'), 'label' => 'Имя', 'data' => $user ? $user->getFirstname() : ''))->add('clientLastName', null, array('attr' => array('placeholder' => 'Иванов', 'class' => 'input_block'), 'label' => 'Фамилия', 'data' => $user ? $user->getLastname() : ''))->add('telephone', null, array('attr' => array('placeholder' => '+7 910 001 10 10', 'class' => 'input_block'), 'label' => 'Телефон', 'data' => $user ? $user->getPhone() : ''))->add('email', EmailType::class, array('attr' => array('placeholder' => '*****@*****.**', 'class' => 'input_block'), 'label' => 'E-mail', 'data' => $user ? $user->getEmail() : ''))->add('address', new AddressOrderType(), array('label' => false, 'required' => false, 'data_class' => 'ShopBundle\\Entity\\AddressOrder'))->add('wishes', null, array('label' => 'Ваши пожелания'))->add('deliveryType', 'hidden', array('data' => DeliveryType::PICKUP))->add('products', 'hidden', array('data' => $this->session->get('ids')))->add('summ', 'hidden', array('data' => $this->session->get('basketSumm')))->add('bonus', 'hidden', array('data' => 0)); }
/** * Return current user's entity or null if not logged in * * @return null|App/UserBundle/Entity/User */ public function getCurrentUser() { $user = $this->security->getToken()->getUser(); if ($user === 'anon.') { return null; } return $user; }
/** * Get the user entity, if applicable * * @return User|null */ public function getUser() { $token = $this->token_storage->getToken(); if (!$token || !$token->getUsername()) { return null; } return $this->getUserByUsername($token->getUsername()); }
/** * @return CustomerInterface null */ protected function getCustomer() { $customer = null; if ($user = $this->securityContext->getToken()->getUser()) { $customer = $user->getCustomer(); } return $customer; }
/** * @param FormBuilderInterface $builder * @param array $options */ public function buildForm(FormBuilderInterface $builder, array $options) { $user = $this->securityContext->getToken()->getUser(); $builder->add('srcCard', 'entity', array('label' => 'account.main.card.issuing.loyalty', 'required' => false, 'class' => 'SehBundle:Customer\\AccentCard', 'property' => 'number', 'empty_value' => false, 'multiple' => false, 'expanded' => false, 'query_builder' => function (EntityRepository $er) use($user) { return $er->createQueryBuilder('u')->where('u.customer = :user')->andWhere('u.status = :active')->setParameters(array('user' => $user, 'active' => AccentCard::ACTIF)); }))->add('destCard', 'entity', array('label' => 'account.main.receiving.loyalty.card', 'required' => false, 'class' => 'SehBundle:Customer\\AccentCard', 'property' => 'number', 'empty_value' => false, 'multiple' => false, 'expanded' => false, 'query_builder' => function (EntityRepository $er) use($user) { return $er->createQueryBuilder('u')->where('u.customer = :user')->andWhere('u.status = :active')->setParameters(array('user' => $user, 'active' => AccentCard::ACTIF)); }))->add('nbPoints', 'text', array('label' => 'account.main.point.transferred', 'required' => false)); }
/** * @param EntityManager $entityManager * @param TranslatorInterface $translator * @param SecurityContext $securityContext * @param ServiceLink $securityFacadeLink * @param EmailManager $emailManager */ public function __construct(EntityManager $entityManager, TranslatorInterface $translator, SecurityContext $securityContext, ServiceLink $securityFacadeLink, EmailManager $emailManager) { $this->entityManager = $entityManager; $this->translator = $translator; $this->securityContext = $securityContext; $this->user = $this->securityContext->getToken()->getUser(); $this->securityFacade = $securityFacadeLink->getService(); $this->emailManager = $emailManager; }
/** * {@inheritdoc} */ protected function configureFormFields(FormMapper $formMapper) { $formMapper->with('General')->add('username')->add('email')->add('plainPassword', 'text', array('required' => false))->end()->with('Groups')->add('groups', 'sonata_type_model', array('required' => false, 'expanded' => true, 'multiple' => true))->end()->with('Profile')->add('firstname', null, array('required' => false))->add('lastname', null, array('required' => false))->add('phone', null, array('required' => false))->end(); /** @var $user \Application\Sonata\UserBundle\Entity\User */ $user = $this->security_context->getToken()->getUser(); if ($user->hasRole('ROLE_SUPER_ADMIN')) { $formMapper->with('Management')->add('roles', 'sonata_security_roles', array('expanded' => true, 'multiple' => true, 'required' => false))->add('locked', null, array('required' => false))->add('expired', null, array('required' => false))->add('enabled', null, array('required' => false, 'attr' => array('checked' => 'yes')))->add('credentialsExpired', null, array('required' => false))->end(); } $formMapper->with('Security')->add('token', null, array('required' => false))->add('twoStepVerificationCode', null, array('required' => false))->end(); }
public function onKernelRequest(GetResponseEvent $event) { $request = $event->getRequest(); $user = $this->securityContext->getToken() ? $this->securityContext->getToken()->getUser() : null; if (!$user instanceof User) { if ($request->get('_route') != null && $request->get('_route') != "login" && $request->get('_route') != "login_check" && $request->get('_route') != "logout" && $request->get('_route') != "fos_user_security_login" && $request->get('_route') != "index" && $request->get('_route') != "api_logo") { $event->setResponse(new RedirectResponse($this->router->generate('login'))); } } }
public function onKernelRequest(GetResponseEvent $event) { $request = $event->getRequest(); $user = $this->securityContext->getToken() ? $this->securityContext->getToken()->getUser() : null; if (!$user instanceof User) { if ($request->get('_route') != null && $request->get('_route') != "esn_login_homepage" && $request->get('_route') != "esn_login_check" && $request->get('_route') != "fos_user_security_login" && $request->get('_route') != "esn_hr_recruitment_create" && $request->get('_route') != "esn_hr_recruitment_create_short") { $event->setResponse(new RedirectResponse($this->router->generate('esn_login_homepage'))); } } }
/** * Get requested reminders * * @return string */ public function getRequestedRemindersData() { /** @var User|null */ $user = $this->securityContext->getToken() ? $this->securityContext->getToken()->getUser() : null; if (is_object($user) && $user instanceof User) { $reminders = $this->entityManager->getRepository('OroReminderBundle:Reminder')->findRequestedReminders($user); return $this->messageParamsProvider->getMessageParamsForReminders($reminders); } return array(); }
/** * Get a user from the Security Context * Borrowed from Silex\Application\SecurityTrait * * @return mixed * * @see TokenInterface::getUser() */ public function getUser() { if (null === ($token = $this->security->getToken())) { return null; } $user = $token->getUser(); if (!is_object($user)) { return null; } return $user; }
/** * Do the magic. * * @param InteractiveLoginEvent $event */ public function onSecurityInteractiveLogin(InteractiveLoginEvent $event) { if ($this->securityContext->isGranted('IS_AUTHENTICATED_FULLY')) { $user = $this->securityContext->getToken()->getUser(); if ($user instanceof User) { $user->setLastLoginAt(new DateTime()); $this->em->persist($user); $this->em->flush($user); } } }
/** * Grants access to ajaxfilemanager * * @param array $authorizedRoles * @return void */ public function authorize(array $authorizedRoles) { $authorized = false; if ($token = $this->securityContext->getToken()) { $user = $token->getUser(); if ($user != 'anon.' && count(array_intersect($user->getRoles(), $authorizedRoles)) > 0) { $authorized = true; } } $this->session->set('authorized', $authorized); }
public function closeAccount(Response $response) { $user = $this->securityContext->getToken()->getUser(); $user->setEnabled(false); $this->userManager->updateUser($user); $cookieHandler = new CookieClearingLogoutHandler($this->request->cookies->all()); $cookieHandler->logout($this->request, $response, $this->securityContext->getToken()); $sessionHandler = new SessionLogoutHandler(); $sessionHandler->logout($this->request, $response, $this->securityContext->getToken()); $this->securityContext->setToken(null); }
/** * onKernelRequest * * @param GetResponseEvent $event */ public function onKernelRequest(GetResponseEvent $event) { $url = $event->getRequest()->getRequestUri(); $token = $this->context->getToken(); if ($token && $this->isAdminToken($this->providerKey, $token) && $this->isAdminRoute($url)) { $locale = $token->getUser()->getAdminLocale(); if (!$locale) { $locale = $this->defaultAdminLocale; } $this->translator->setLocale($locale); } }
/** * Handles access authorization. * * @param GetResponseEvent $event An Event instance */ public function handle(GetResponseEvent $event) { if (HttpKernelInterface::MASTER_REQUEST !== $event->getRequestType()) { return; } if ($this->securityContext) { $token = $this->securityContext->getToken(); if ($token && $token->isAuthenticated()) { $this->auditConfiguration->setCurrentUsername($token->getUsername()); } } }
private function markAsModified(PreUpdateEventArgs $args) { $entity = $args->getEntity(); $securityToken = $this->securityContext->getToken(); if (!$entity instanceof Advertisement || null == $securityToken) { return; } $user = $securityToken->getUser(); if (($args->hasChangedField('description') || $args->hasChangedField('title')) && $user instanceof Advertiser && $user->getId() == $entity->getAdvertiser()->getId()) { $entity->markAsModified(); $args->getEntityManager()->getUnitOfWork()->computeChangeSet($args->getEntityManager()->getClassMetadata(get_class($entity)), $entity); } }
/** * Remove media item from user's watchlist * * @param Media $media */ public function removeItem(Media $media) { $user = $this->securityContext->getToken()->getUser(); if (!$user->getWatchlist()->contains($media)) { $this->session->getFlashBag()->add('watchlist_notice', "you didn't have it!"); return; } $user->removeWatchlist($media); $this->entityManager->persist($user); $this->entityManager->flush(); $this->session->getFlashBag()->add('watchlist_notice', 'successfully removed!'); return; }
public function getUser() { if (!$this->security) { throw new \LogicException('The SecurityBundle is not registered in your application.'); } if (null === ($token = $this->security->getToken())) { return; } if (!is_object($user = $token->getUser())) { return; } return $user; }
/** * @param Request $request * * @return \Knp\Menu\ItemInterface */ public function createUserMenu(Request $request) { $menu = $this->factory->createItem('user'); if (false === $this->securityContext->isGranted('IS_AUTHENTICATED_FULLY')) { $menu->addChild('login', ['route' => 'fos_user_security_login', 'label' => $this->translator->trans('login', [], 'menu')]); } else { $user = $this->securityContext->getToken()->getUser(); $currentUserMenu = $menu->addChild('current_user', ['label' => $user->getUsername()]); $currentUserMenu->addChild('profile', ['route' => 'fos_user_profile_show', 'label' => '.icon-user ' . $this->translator->trans('profile', [], 'menu')]); $currentUserMenu->addChild('logout', ['route' => 'fos_user_security_logout', 'label' => '.icon-off ' . $this->translator->trans('logout', [], 'menu')]); } return $menu; }
/** * Event to find subscriptions on page laod */ public function onKernelRequest() { $layer = new UserLayer($this->securityContext->getToken()->getUser()); $subscriptions = array(); if ($layer->isUser()) { /** @var $em EntityManager */ $em = $this->doctrine->getManager(); $subscriptions = $em->getRepository('EtuCoreBundle:Subscription')->findBy(array('user' => $layer->getUser())); } $this->globalAccessor->set('notifs', new ArrayCollection()); $this->globalAccessor->get('notifs')->set('subscriptions', $subscriptions); $this->globalAccessor->get('notifs')->set('new', []); $this->globalAccessor->get('notifs')->set('new_count', 0); }
/** * @TODO: Move below to config * * @param Request $request * * @return \Knp\Menu\ItemInterface */ public function createMainMenu(Request $request) { $menu = $this->factory->createItem('root'); $menu->setChildrenAttributes(array('class' => 'navbar-nav nav')); $menu->addChild('nav.home', array('route' => 'quickstart_app_homepage')); if ($this->securityContext->isGranted('IS_AUTHENTICATED_FULLY')) { $menu->addChild($this->securityContext->getToken()->getUser()->getEmail(), array('route' => 'quickstart_app_account')); $menu->addChild('nav.logout', array('route' => 'fos_user_security_logout')); } else { $menu->addChild('nav.register', array('route' => 'fos_user_registration_register')); $menu->addChild('nav.login', array('route' => 'fos_user_security_login')); } return $menu; }
/** * Switches the security context to the given user * * @param User $user * * @return TokenInterface|null The previous security token * * @throws \UnexpectedValueException * @throws AccessDeniedException */ protected function impersonateUser(User $user) { $currentToken = $this->securityContext->getToken(); if (!$currentToken instanceof OrganizationContextTokenInterface) { throw new \UnexpectedValueException('The current security token must be aware of the organization.'); } $organization = $currentToken->getOrganizationContext(); // check if new user has access to the current organization if (!$user->hasOrganization($organization)) { throw new AccessDeniedException(); } $this->securityContext->setToken(new ImpersonationToken($user, $organization, $user->getRoles())); return $currentToken; }
/** * {@inheritdoc} */ public function finishView(FormView $view, FormInterface $form, array $options) { $data = $form->getData(); if ($data) { /** @var UsernamePasswordOrganizationToken $token */ $token = $this->securityContext->getToken(); $currentOrganization = $token->getOrganizationContext(); if ($data->getId() == $currentOrganization->getId()) { $view->children['enabled']->vars['required'] = false; $view->children['enabled']->vars['disabled'] = true; $view->children['enabled']->vars['value'] = true; } } }