src/EventListener/CheckAdminPathListener.php line 30

Open in your IDE?
  1. <?php
  3. namespace App\EventListener;
  5. use App\Entity\Users;
  6. use Symfony\Component\Security\Core\Security;
  7. use Symfony\Component\HttpKernel\KernelEvents;
  8. use Symfony\Component\HttpKernel\Event\RequestEvent;
  9. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  10. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  12. class CheckAdminPathListener implements EventSubscriberInterface
  13. {
  15.     private $security;
  17.     public function __construct(Security $security)
  18.     {
  19.         $this->security $security;
  20.     }
  21.     public static function getSubscribedEvents()
  22.     {
  23.         return [
  24.             KernelEvents::REQUEST =>[
  25.                 ['onKernelRequest',  -10], 
  26.             ],
  27.         ];
  28.     }
  30.     public function onKernelRequest(RequestEvent $event)
  31.     {
  32.         $request $event->getRequest();
  33.         $pathInfo $request->getPathInfo();
  35.         if (substr($pathInfo07) === '/admin/') {
  36.             $token $this->security->getToken();
  38.             if ($token && $token->getUser() && in_array("ROLE_ADMIN"$token->getUser()->getRoles())) {
  39.                 $attributes $token->getAttributes();
  41.                 if (isset($attributes['custom_roles']) && $attributes['custom_roles'] == Users::ROLE_ADMIN_CLIENT_ACCESS) {
  42.                     throw new AccessDeniedException('You do not have access to this resource.');
  43.                 }
  44.             }
  45.         }
  46.     }
  47. }