Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
83.33% |
15 / 18 |
|
66.67% |
2 / 3 |
CRAP | |
0.00% |
0 / 1 |
AccessModuleConformiteSubscriber | |
83.33% |
15 / 18 |
|
66.67% |
2 / 3 |
12.67 | |
0.00% |
0 / 1 |
__construct | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
getSubscribedEvents | |
100.00% |
5 / 5 |
|
100.00% |
1 / 1 |
1 | |||
onKernelController | |
75.00% |
9 / 12 |
|
0.00% |
0 / 1 |
11.56 |
1 | <?php |
2 | |
3 | /** |
4 | * This file is part of the MADIS - RGPD Management application. |
5 | * |
6 | * @copyright Copyright (c) 2018-2019 Soluris - Solutions Numériques Territoriales Innovantes |
7 | * |
8 | * This program is free software: you can redistribute it and/or modify |
9 | * it under the terms of the GNU Affero General Public License as published by |
10 | * the Free Software Foundation, either version 3 of the License, or |
11 | * (at your option) any later version. |
12 | * |
13 | * This program is distributed in the hope that it will be useful, |
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | * GNU Affero General Public License for more details. |
17 | * |
18 | * You should have received a copy of the GNU Affero General Public License |
19 | * along with this program. If not, see <https://www.gnu.org/licenses/>. |
20 | */ |
21 | |
22 | declare(strict_types=1); |
23 | |
24 | namespace App\Application\Symfony\EventSubscriber\Kernel; |
25 | |
26 | use App\Domain\Registry\Controller\ConformiteOrganisationController; |
27 | use App\Domain\Registry\Controller\ConformiteTraitementController; |
28 | use App\Domain\User\Model\User; |
29 | use Symfony\Component\EventDispatcher\EventSubscriberInterface; |
30 | use Symfony\Component\HttpKernel\Event\ControllerEvent; |
31 | use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; |
32 | use Symfony\Component\HttpKernel\KernelEvents; |
33 | use Symfony\Component\Security\Core\Security; |
34 | |
35 | class AccessModuleConformiteSubscriber implements EventSubscriberInterface |
36 | { |
37 | /** |
38 | * @var Security |
39 | */ |
40 | private $security; |
41 | |
42 | public function __construct(Security $security) |
43 | { |
44 | $this->security = $security; |
45 | } |
46 | |
47 | public static function getSubscribedEvents() |
48 | { |
49 | return [ |
50 | KernelEvents::CONTROLLER => [ |
51 | ['onKernelController'], |
52 | ], |
53 | ]; |
54 | } |
55 | |
56 | public function onKernelController(ControllerEvent $event): void |
57 | { |
58 | $controller = $event->getController(); |
59 | /** @var User|null $user */ |
60 | $user = $this->security->getUser(); |
61 | |
62 | if (!is_array($controller) || (is_array($controller) && !isset($controller[0])) || \is_null($user)) { |
63 | return; |
64 | } |
65 | |
66 | if ($this->security->isGranted('ROLE_ADMIN')) { |
67 | return; |
68 | } |
69 | |
70 | switch (true) { |
71 | case $controller[0] instanceof ConformiteTraitementController |
72 | && !$user->hasModuleConformiteTraitement(): |
73 | throw new AccessDeniedHttpException('You can\'t access conformite des traitements'); |
74 | break; |
75 | case $controller[0] instanceof ConformiteOrganisationController |
76 | && !$user->hasModuleConformiteOrganisation(): |
77 | throw new AccessDeniedHttpException('You can\'t access conformite de la structure'); |
78 | break; |
79 | } |
80 | } |
81 | } |