It gives access to the token representing the current user authentication.
public function onFilterController(FilterControllerEvent $event)
{
list($object, $method) = $event->getController();
// the controller could be a proxy
$className = ClassUtils::getClass($object);
$reflectionClass = new \ReflectionClass($className);
$reflectionMethod = $reflectionClass->getMethod($method);
$allControllerAnnotations = $this->annotationReader->getClassAnnotations($reflectionClass);
$allMethodAnnotations = $this->annotationReader->getMethodAnnotations($reflectionMethod);
$guardAnnotationsFilter = function ($annotation) {
return $annotation instanceof Guard;
};
$controllerGuardAnnotations = array_filter($allControllerAnnotations, $guardAnnotationsFilter);
$methodGuardAnnotations = array_filter($allMethodAnnotations, $guardAnnotationsFilter);
$guardAnnotations = array_merge($controllerGuardAnnotations, $methodGuardAnnotations);
$permissions = [];
foreach ($guardAnnotations as $guardAnnotation) {
$value = $guardAnnotation->value;
if (!is_array($value)) {
$value = [$value];
}
$permissions = array_merge($value, $permissions);
}
$permissions = array_unique($permissions);
if (!empty($permissions) && !$this->security->isGranted($permissions)) {
$e = new PermissionRequiredException();
$e->setRequiredPermissions($permissions)->setCurrentPermissions($this->security->getToken()->getUser()->getPermissions());
throw $e;
}
}
/**
* Listener for comments' votes persistence to avoid voting for own comments
* and multiple voting for comments
*
* @param VotePersistEvent $event
* @return void
*/
public function avoidIncorrectVoting(VotePersistEvent $event)
{
try {
if (!$this->context->isGranted(AuthenticatedVoter::IS_AUTHENTICATED_REMEMBERED)) {
throw new \Exception('Avoid voting if user is not authenticated');
}
/** @var $vote SignedVoteInterface */
$vote = $event->getVote();
/** @var $user User */
$user = $this->context->getToken()->getUser();
if ($vote->getVoter() !== $user) {
throw new \Exception('Attempt to vote for different user');
}
if ($vote->getComment()->getAuthor() === $user) {
throw new \Exception('Attempt to vote for own comment');
}
$existingVote = $this->voteManager->findVoteBy(array('comment' => $vote->getComment(), 'voter' => $user));
if ($existingVote) {
throw new \Exception('Attempt to vote multiple times for same comment');
}
} catch (\Exception $e) {
$event->abortPersistence();
$event->stopPropagation();
}
}
public function __construct(AkismetInterface $akismet, SecurityContext $securityContext)
{
$this->akismet = $akismet;
// On détermine si l'utilisateur courant est identifié
// Si c'est le cas, on n'utilisera pas akismet
$this->isAuthenticated = $securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED');
}
/**
* @param EntityManager $manager
* @param SecurityContext $context
* @param GlobalAccessorObject $globalAccessorObject
* @param Stopwatch $stopwatch
*/
public function __construct(EntityManager $manager, SecurityContext $context, GlobalAccessorObject $globalAccessorObject, Stopwatch $stopwatch = null)
{
$this->manager = $manager;
$this->user = $context->getToken()->getUser();
$this->globalAccessorObject = $globalAccessorObject;
$this->stopwatch = $stopwatch;
}
/**
* Update the user "lastActivity" on each request
*
* @param FilterControllerEvent $event
*/
public function onCoreController(FilterControllerEvent $event)
{
// Here we are checking that the current request is a "MASTER_REQUEST",
// and ignore any
// subrequest in the process (for example when
// doing a render() in a twig template)
if ($event->getRequestType() !== HttpKernel::MASTER_REQUEST) {
return;
}
// We are checking a token authentification is available before using
// the User
if ($this->securityContext->getToken()) {
$user = $this->securityContext->getToken()->getUser();
// We are using a delay during wich the user will be considered as
// still active, in order to
// avoid too much UPDATE in the
// database
// $delay = new \DateTime ();
// $delay->setTimestamp (strtotime ('2 minutes ago'));
// We are checking the Admin class in order to be certain we can
// call "getLastActivity".
// && $user->getLastActivity() < $delay) {
if ($user instanceof User) {
$user->isActiveNow();
$this->em->persist($user);
$this->em->flush();
}
}
}
/**
* @param string $blockName
* @param array $options
* @param string $default
* @return string
*/
public function contentBlock($blockName, $options = array(), $default = null)
{
$em = $this->doctrine->getManager();
$repository = $em->getRepository('GlavwebContentBlockBundle:ContentBlock');
$contentBlock = $repository->findOneByName($blockName);
$tag = isset($options['tag']) ? $options['tag'] : 'div';
$attr = isset($options['attr']) ? $options['attr'] : array();
if (isset($options['class'])) {
$attr['class'] = $options['class'];
}
if (isset($options['href'])) {
$attr['href'] = $options['href'];
}
if (!$contentBlock) {
$contentBlock = new ContentBlock();
$contentBlock->setName($blockName);
$contentBlock->setBody($default ? $default : $blockName);
$em->persist($contentBlock);
$em->flush();
}
$contentEditable = '';
$dataBlockName = '';
$isEditable = $this->request && $this->request->get('contenteditable') && $this->securityContext->isGranted('ROLE_ADMIN');
if ($isEditable) {
$contentEditable = ' contenteditable="true"';
$dataBlockName = ' data-block-name="' . $blockName . '"';
$attr['class'] = isset($attr['class']) ? $attr['class'] . ' js-content-block' : 'js-content-block';
}
$attrParts = array();
foreach ($attr as $attrName => $value) {
$attrParts[] = sprintf('%s="%s"', $attrName, $value);
}
return '<' . $tag . ' ' . implode(' ', $attrParts) . ' ' . $contentEditable . $dataBlockName . '>' . $contentBlock->getBody() . '</' . $tag . '>';
}
public function let(ArticleService $articleService, AuthorService $authorService, CacheService $cacheService, Container $container, ArticleRepository $articleRepository, LanguageRepository $languageRepository, ArticleTypeRepository $articleTypeRepository, PublicationRepository $publicationRepository, IssueRepository $issueRepository, SectionRepository $sectionRepository, AuthorTypeRepository $authorTypeRepository, EntityManager $entityManager, Request $request, FormFactory $formFactory, FormBuilder $formBuilder, Form $form, FormView $formView, User $user, UserService $userService, Article $article, Publication $publication, ArticleType $articleType, Issue $issue, Section $section, Language $language, Author $author, AuthorType $authorType, AbstractQuery $query, SecurityContext $security, TokenInterface $token, Router $router)
{
$container->get('em')->willReturn($entityManager);
$container->get('request')->willReturn($request);
$container->get('user')->willReturn($userService);
$container->get('form.factory')->willReturn($formFactory);
$container->get('newscoop_newscoop.article_service')->willReturn($articleService);
$container->get('author')->willReturn($authorService);
$container->get('newscoop.cache')->willReturn($cacheService);
$container->get('router')->willReturn($router);
$formBuilder->getForm(Argument::cetera())->willReturn($form);
$formFactory->create(Argument::cetera())->willReturn($form);
$form->createView()->willReturn($formView);
$form->handleRequest(Argument::cetera())->willReturn(true);
$form->isValid()->willReturn(true);
$security->getToken()->willReturn($token);
$container->get('security.context')->willReturn($security);
$container->has('security.context')->willReturn(true);
$this->setContainer($container);
$entityManager->getRepository('Newscoop\\Entity\\Article')->willReturn($articleRepository);
$entityManager->getRepository('Newscoop\\Entity\\Language')->willReturn($languageRepository);
$entityManager->getRepository('Newscoop\\Entity\\ArticleType')->willReturn($articleTypeRepository);
$entityManager->getRepository('Newscoop\\Entity\\Publication')->willReturn($publicationRepository);
$entityManager->getRepository('Newscoop\\Entity\\Issue')->willReturn($issueRepository);
$entityManager->getRepository('Newscoop\\Entity\\Section')->willReturn($sectionRepository);
$entityManager->getRepository('Newscoop\\Entity\\AuthorType')->willReturn($authorTypeRepository);
$articleRepository->getArticle(Argument::cetera())->willReturn($query);
$entityManager->flush(Argument::any())->willReturn(true);
$userService->getCurrentUser()->willReturn($user);
$number = 64;
$language = "en";
}
public function onKernelRequest(GetResponseEvent $event)
{
if ($this->kernel->getEnvironment() != "dev") {
if (preg_match("/\\/api\\//", $event->getRequest()->getUri())) {
$requestUri = $event->getRequest()->getUri();
$requestMethod = $event->getRequest()->getMethod();
if ($requestMethod !== "GET") {
$token = $this->context->getToken();
if (isset($token)) {
$user = $token->getUser();
if (!isset($user) || "anon." === $user) {
if (!$event->getRequest()->query->has('api_key')) {
$event->setResponse(new Response(json_encode(array("code" => 401, "message" => "The request requires user authentication")), 401));
}
}
} else {
$event->setResponse(new Response(json_encode(array("code" => 401, "message" => "The request requires user authentication")), 401));
}
}
}
}
$request = $event->getRequest();
if (!count($request->request->all()) && in_array($request->getMethod(), array('POST', 'PUT', 'PATCH', 'DELETE'))) {
$contentType = $request->headers->get('Content-Type');
$format = null === $contentType ? $request->getRequestFormat() : $request->getFormat($contentType);
if (!$this->decoderProvider->supports($format)) {
return;
}
$decoder = $this->decoderProvider->getDecoder($format);
$data = $decoder->decode($request->getContent(), $format);
if (is_array($data)) {
$request->request = new ParameterBag($data);
}
}
}
/**
* Do the magic.
*
* @param InteractiveLoginEvent $event
*/
public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
{
if ($this->securityContext->isGranted('IS_AUTHENTICATED_FULLY')) {
// user has just logged in
}
if ($this->securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
// user has logged in using remember_me cookie
}
// do some other magic here
$session = $event->getRequest()->getSession();
$referrer = $session->get('referrer');
if (empty($referrer)) {
$referrer = $event->getRequest()->getUri();
}
$user = $event->getAuthenticationToken()->getUser();
$log = new Log();
$log->setIdUsuario($user);
$log->setDtAcao(new \DateTime());
$log->setNmTabela('acesso');
$log->setCsAcao('ACE');
$log->setTeIpOrigem($event->getRequest()->getClientIp());
$log->setNmScript($referrer);
// Registra login
$this->em->persist($log);
$this->em->flush();
// TODO: Redireciona para útima página visitada
}
public function __construct(EntityManager $em, SecurityContext $securityContext, ServerManager $serverManager, Translator $translator)
{
$this->em = $em;
$this->user = $securityContext->getToken()->getUser();
$this->serverManager = $serverManager;
$this->translator = $translator;
}
public function testGetSetToken()
{
$context = new SecurityContext($this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\AuthenticationManagerInterface'), $this->getMock('Symfony\\Component\\Security\\Core\\Authorization\\AccessDecisionManagerInterface'));
$this->assertNull($context->getToken());
$context->setToken($token = $this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface'));
$this->assertSame($token, $context->getToken());
}
/**
* @return CustomerInterface null
*/
protected function getCustomer()
{
$customer = null;
if ($user = $this->securityContext->getToken()->getUser()) {
$customer = $user->getCustomer();
}
return $customer;
}
/**
* Return current user's entity or null if not logged in
*
* @return null|App/UserBundle/Entity/User
*/
public function getCurrentUser()
{
$user = $this->security->getToken()->getUser();
if ($user === 'anon.') {
return null;
}
return $user;
}
public function buildForm(FormBuilderInterface $builder, array $options)
{
$user = $this->securityContext->getToken()->getUser();
if ($user === 'anon.') {
$user = false;
}
$builder->add('clientFirstName', null, array('attr' => array('placeholder' => 'Иван', 'class' => 'input_block'), 'label' => 'Имя', 'data' => $user ? $user->getFirstname() : ''))->add('clientLastName', null, array('attr' => array('placeholder' => 'Иванов', 'class' => 'input_block'), 'label' => 'Фамилия', 'data' => $user ? $user->getLastname() : ''))->add('telephone', null, array('attr' => array('placeholder' => '+7 910 001 10 10', 'class' => 'input_block'), 'label' => 'Телефон', 'data' => $user ? $user->getPhone() : ''))->add('email', EmailType::class, array('attr' => array('placeholder' => '*****@*****.**', 'class' => 'input_block'), 'label' => 'E-mail', 'data' => $user ? $user->getEmail() : ''))->add('address', new AddressOrderType(), array('label' => false, 'required' => false, 'data_class' => 'ShopBundle\\Entity\\AddressOrder'))->add('wishes', null, array('label' => 'Ваши пожелания'))->add('deliveryType', 'hidden', array('data' => DeliveryType::PICKUP))->add('products', 'hidden', array('data' => $this->session->get('ids')))->add('summ', 'hidden', array('data' => $this->session->get('basketSumm')))->add('bonus', 'hidden', array('data' => 0));
}
/**
* @param EntityManager $entityManager
* @param TranslatorInterface $translator
* @param SecurityContext $securityContext
* @param ServiceLink $securityFacadeLink
* @param EmailManager $emailManager
*/
public function __construct(EntityManager $entityManager, TranslatorInterface $translator, SecurityContext $securityContext, ServiceLink $securityFacadeLink, EmailManager $emailManager)
{
$this->entityManager = $entityManager;
$this->translator = $translator;
$this->securityContext = $securityContext;
$this->user = $this->securityContext->getToken()->getUser();
$this->securityFacade = $securityFacadeLink->getService();
$this->emailManager = $emailManager;
}
/**
* @param FormBuilderInterface $builder
* @param array $options
*/
public function buildForm(FormBuilderInterface $builder, array $options)
{
$user = $this->securityContext->getToken()->getUser();
$builder->add('srcCard', 'entity', array('label' => 'account.main.card.issuing.loyalty', 'required' => false, 'class' => 'SehBundle:Customer\\AccentCard', 'property' => 'number', 'empty_value' => false, 'multiple' => false, 'expanded' => false, 'query_builder' => function (EntityRepository $er) use($user) {
return $er->createQueryBuilder('u')->where('u.customer = :user')->andWhere('u.status = :active')->setParameters(array('user' => $user, 'active' => AccentCard::ACTIF));
}))->add('destCard', 'entity', array('label' => 'account.main.receiving.loyalty.card', 'required' => false, 'class' => 'SehBundle:Customer\\AccentCard', 'property' => 'number', 'empty_value' => false, 'multiple' => false, 'expanded' => false, 'query_builder' => function (EntityRepository $er) use($user) {
return $er->createQueryBuilder('u')->where('u.customer = :user')->andWhere('u.status = :active')->setParameters(array('user' => $user, 'active' => AccentCard::ACTIF));
}))->add('nbPoints', 'text', array('label' => 'account.main.point.transferred', 'required' => false));
}
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder->add('grid', 'enhavo_grid', array('label' => 'form.label.content', 'translation_domain' => 'EnhavoAppBundle'));
if ($this->securityContext->isGranted('WORKFLOW_ACTIVE', $this->dataClass)) {
$entityName = array();
$entityName[0] = $this->dataClass;
$builder->add('workflow_status', 'enhavo_workflow_status', array('label' => 'workflow.form.label.next_state', 'translation_domain' => 'EnhavoWorkflowBundle', 'attr' => $entityName));
}
}
/**
* Construit le menu supplémentaire de la gestion des services du serveur
*
* @param SidebarItem $sidebar Sidebar d'origine à completer
*/
public function build(SidebarItem $sidebar)
{
if (!$this->context->isGranted('ROLE_SUPER_ADMIN')) {
return;
}
$server = $sidebar->addChild('olix_server', array('label' => 'Gestion du serveur', 'icon' => 'fa fa-server fa-fw'));
$server->addChild('olix_server_monit', array('label' => 'Gestion des services', 'icon' => 'fa fa-circle fa-fw', 'route' => 'olix_server_monit'));
$server->addChild('olix_server_collectd', array('label' => 'Monitoring', 'icon' => 'fa fa-area-chart fa-fw', 'route' => 'olix_server_collectd'));
}
protected function createSecurityContext($granted = false)
{
$authManager = $this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\AuthenticationManagerInterface');
$decisionManager = $this->getMock('Symfony\\Component\\Security\\Core\\Authorization\\AccessDecisionManagerInterface');
$decisionManager->expects($this->any())->method('decide')->will($this->returnValue($granted));
$context = new SecurityContext($authManager, $decisionManager, false);
$context->setToken($token = $this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface'));
$token->expects($this->any())->method('isAuthenticated')->will($this->returnValue(true));
return $context;
}
public function register(User $user)
{
$user->setSalt(md5(time()));
$password = $this->securityEncoderFactory->getEncoder($user)->encodePassword($user->getPassword(), $user->getSalt());
$user->setPassword($password);
$this->em->persist($user);
$this->em->flush();
$token = new UsernamePasswordToken($user, $user->getPassword(), 'app', $user->getRoles());
$this->securityContext->setToken($token);
}
/**
* Get requested reminders
*
* @return string
*/
public function getRequestedRemindersData()
{
/** @var User|null */
$user = $this->securityContext->getToken() ? $this->securityContext->getToken()->getUser() : null;
if (is_object($user) && $user instanceof User) {
$reminders = $this->entityManager->getRepository('OroReminderBundle:Reminder')->findRequestedReminders($user);
return $this->messageParamsProvider->getMessageParamsForReminders($reminders);
}
return array();
}
public function onKernelRequest(GetResponseEvent $event)
{
$request = $event->getRequest();
$user = $this->securityContext->getToken() ? $this->securityContext->getToken()->getUser() : null;
if (!$user instanceof User) {
if ($request->get('_route') != null && $request->get('_route') != "esn_login_homepage" && $request->get('_route') != "esn_login_check" && $request->get('_route') != "fos_user_security_login" && $request->get('_route') != "esn_hr_recruitment_create" && $request->get('_route') != "esn_hr_recruitment_create_short") {
$event->setResponse(new RedirectResponse($this->router->generate('esn_login_homepage')));
}
}
}
public function onKernelRequest(GetResponseEvent $event)
{
$request = $event->getRequest();
$user = $this->securityContext->getToken() ? $this->securityContext->getToken()->getUser() : null;
if (!$user instanceof User) {
if ($request->get('_route') != null && $request->get('_route') != "login" && $request->get('_route') != "login_check" && $request->get('_route') != "logout" && $request->get('_route') != "fos_user_security_login" && $request->get('_route') != "index" && $request->get('_route') != "api_logo") {
$event->setResponse(new RedirectResponse($this->router->generate('login')));
}
}
}
/**
* {@inheritdoc}
*/
protected function configureFormFields(FormMapper $formMapper)
{
$formMapper->with('General')->add('username')->add('email')->add('plainPassword', 'text', array('required' => false))->end()->with('Groups')->add('groups', 'sonata_type_model', array('required' => false, 'expanded' => true, 'multiple' => true))->end()->with('Profile')->add('firstname', null, array('required' => false))->add('lastname', null, array('required' => false))->add('phone', null, array('required' => false))->end();
/** @var $user \Application\Sonata\UserBundle\Entity\User */
$user = $this->security_context->getToken()->getUser();
if ($user->hasRole('ROLE_SUPER_ADMIN')) {
$formMapper->with('Management')->add('roles', 'sonata_security_roles', array('expanded' => true, 'multiple' => true, 'required' => false))->add('locked', null, array('required' => false))->add('expired', null, array('required' => false))->add('enabled', null, array('required' => false, 'attr' => array('checked' => 'yes')))->add('credentialsExpired', null, array('required' => false))->end();
}
$formMapper->with('Security')->add('token', null, array('required' => false))->add('twoStepVerificationCode', null, array('required' => false))->end();
}
public function __construct(EntityManager $em, Session $session, SecurityContext $securityContext)
{
$this->em = $em;
$this->session = $session;
$this->securityContext = $securityContext;
if ($token = $securityContext->getToken()) {
$this->user = $token->getUser();
} else {
$this->user = null;
}
}
/**
* @param string $class
* @param ManagerRegistry $registry
*/
public function __construct($class, ManagerRegistry $registry, SecurityContext $securityContext)
{
parent::__construct($class, $registry);
$this->user = $securityContext->getToken()->getUser();
if ($this->user) {
$this->userId = $this->user->getId();
} else {
$this->userId = 0;
}
$this->categories = array();
}
public function __construct(EntityManager $em, $path, SecurityContext $context, $acl)
{
$this->em = $em;
$this->projectsDirectory = $path;
$this->context = $context;
$token = $context->getToken();
if (isset($token)) {
$this->user = $token->getUser();
}
$this->acl = $acl;
}
/**
* {@inheritdoc}
*/
public function setDefaultOptions(OptionsResolverInterface $resolver)
{
$choices = [];
if ($this->context->isGranted(User::ROLE_SUPER_ADMIN)) {
$choices = $this->repository->findAll();
} else {
$groups = $this->groupResolver->getAccessibleGroupsId();
$choices = $this->repository->findByGroups($groups);
}
$resolver->setDefaults(array('label' => 'game.selectMachine', 'class' => 'DPMachineBundle:Machine', 'choices' => $choices));
}
/**
* Grants access to ajaxfilemanager
*
* @param array $authorizedRoles
* @return void
*/
public function authorize(array $authorizedRoles)
{
$authorized = false;
if ($token = $this->securityContext->getToken()) {
$user = $token->getUser();
if ($user != 'anon.' && count(array_intersect($user->getRoles(), $authorizedRoles)) > 0) {
$authorized = true;
}
}
$this->session->set('authorized', $authorized);
}
public function closeAccount(Response $response)
{
$user = $this->securityContext->getToken()->getUser();
$user->setEnabled(false);
$this->userManager->updateUser($user);
$cookieHandler = new CookieClearingLogoutHandler($this->request->cookies->all());
$cookieHandler->logout($this->request, $response, $this->securityContext->getToken());
$sessionHandler = new SessionLogoutHandler();
$sessionHandler->logout($this->request, $response, $this->securityContext->getToken());
$this->securityContext->setToken(null);
}
