/**
* Check request to decide if user has access to specific route
*
* @param GetResponseEvent $event
* @throws AccessDeniedException
* @throws InvalidRouteException
* @throws UserNotFoundException
*/
public function onKernelRequest(GetResponseEvent $event)
{
$routeName = $event->getRequest()->get("_route");
if (strpos($routeName, "app_default_") === 0) {
throw new InvalidRouteException();
}
$routeCollection = $this->router->getRouteCollection();
$route = $routeCollection->get($routeName);
if ($route instanceof Route) {
//Check if need to validate route
//Sometime we want to allow access without validation: index page, login page
$accessValidation = $route->getOption('access_validation');
if ($accessValidation === false) {
return;
}
//Validate current user access to route
$this->authentication->setCurrentUser($this->request->get("token"));
$user = $this->authentication->getCurrentUser();
if (!$user instanceof User) {
throw new UserNotFoundException();
}
$access = $this->accessService->checkPermissions($user, $routeName);
if ($access === false) {
throw new AccessDeniedException($user, $routeName);
}
}
}
/**
* @param InputInterface $input
* @param OutputInterface $output
* @return null
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
try {
$access = $this->accessService->create($input->getArgument('route'), $this->getType($input), $this->getValue($input));
} catch (Exception $e) {
$output->writeln('<fg=red>' . $e->getMessage() . '</>');
return;
}
$output->writeln(sprintf('<fg=green>Access rule created successfully for route: %s.</>', $access->getRoute()));
}
