|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* (c) FSi sp. z o.o. <[email protected]> |
|
5
|
|
|
* |
|
6
|
|
|
* For the full copyright and license information, please view the LICENSE |
|
7
|
|
|
* file that was distributed with this source code. |
|
8
|
|
|
*/ |
|
9
|
|
|
|
|
10
|
|
|
declare(strict_types=1); |
|
11
|
|
|
|
|
12
|
|
|
namespace FSi\Bundle\AdminSecurityBundle\EventListener; |
|
13
|
|
|
|
|
14
|
|
|
use FSi\Bundle\AdminBundle\Admin\Element; |
|
15
|
|
|
use FSi\Bundle\AdminBundle\Event\BatchEvents; |
|
16
|
|
|
use FSi\Bundle\AdminBundle\Event\FormEvent; |
|
17
|
|
|
use FSi\Bundle\AdminBundle\Message\FlashMessages; |
|
18
|
|
|
use FSi\Bundle\AdminSecurityBundle\Doctrine\Admin\UserElement; |
|
19
|
|
|
use FSi\Bundle\AdminSecurityBundle\Security\User\UserInterface; |
|
20
|
|
|
use Symfony\Component\EventDispatcher\EventSubscriberInterface; |
|
21
|
|
|
use Symfony\Component\HttpFoundation\RedirectResponse; |
|
22
|
|
|
use Symfony\Component\HttpFoundation\Request; |
|
23
|
|
|
use Symfony\Component\Routing\RouterInterface; |
|
24
|
|
|
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; |
|
25
|
|
|
|
|
26
|
|
|
class PreventDeletingCurrentUser implements EventSubscriberInterface |
|
27
|
|
|
{ |
|
28
|
|
|
/** |
|
29
|
|
|
* @var TokenStorageInterface |
|
30
|
|
|
*/ |
|
31
|
|
|
private $tokenStorage; |
|
32
|
|
|
|
|
33
|
|
|
/** |
|
34
|
|
|
* @var RouterInterface |
|
35
|
|
|
*/ |
|
36
|
|
|
private $router; |
|
37
|
|
|
|
|
38
|
|
|
/** |
|
39
|
|
|
* @var FlashMessages |
|
40
|
|
|
*/ |
|
41
|
|
|
private $flashMessages; |
|
42
|
|
|
|
|
43
|
|
|
public function __construct( |
|
44
|
|
|
TokenStorageInterface $tokenStorage, |
|
45
|
|
|
RouterInterface $router, |
|
46
|
|
|
FlashMessages $flashMessages |
|
47
|
|
|
) { |
|
48
|
|
|
$this->tokenStorage = $tokenStorage; |
|
49
|
|
|
$this->router = $router; |
|
50
|
|
|
$this->flashMessages = $flashMessages; |
|
51
|
|
|
} |
|
52
|
|
|
|
|
53
|
|
|
public static function getSubscribedEvents(): array |
|
54
|
|
|
{ |
|
55
|
|
|
return [ |
|
56
|
|
|
BatchEvents::BATCH_OBJECTS_PRE_APPLY => 'preventDeletingCurrentUser', |
|
57
|
|
|
]; |
|
58
|
|
|
} |
|
59
|
|
|
|
|
60
|
|
|
public function preventDeletingCurrentUser(FormEvent $event): void |
|
61
|
|
|
{ |
|
62
|
|
|
$element = $event->getElement(); |
|
63
|
|
|
if (false === $element instanceof UserElement) { |
|
64
|
|
|
return; |
|
65
|
|
|
} |
|
66
|
|
|
|
|
67
|
|
|
$user = $this->tokenStorage->getToken()->getUser(); |
|
68
|
|
|
$request = $event->getRequest(); |
|
69
|
|
|
$indexes = $request->get('indexes', []); |
|
70
|
|
|
|
|
71
|
|
|
foreach ($indexes as $index) { |
|
72
|
|
|
/** @var UserInterface $entity */ |
|
73
|
|
|
$entity = $element->getDataIndexer()->getData($index); |
|
74
|
|
|
|
|
75
|
|
|
if ($user === $entity) { |
|
76
|
|
|
$this->setRedirectResponse($event); |
|
77
|
|
|
$this->flashMessages->error( |
|
78
|
|
|
'admin.user_list.message.delete_current_user', |
|
79
|
|
|
[], |
|
80
|
|
|
'FSiAdminSecurity' |
|
81
|
|
|
); |
|
82
|
|
|
|
|
83
|
|
|
return; |
|
84
|
|
|
} |
|
85
|
|
|
} |
|
86
|
|
|
} |
|
87
|
|
|
|
|
88
|
|
|
private function setRedirectResponse(FormEvent $event): void |
|
89
|
|
|
{ |
|
90
|
|
|
$event->stopPropagation(); |
|
|
|
|
|
|
91
|
|
|
$redirectUrl = $this->getRedirectUrl($event->getElement(), $event->getRequest()); |
|
92
|
|
|
$event->setResponse(new RedirectResponse($redirectUrl)); |
|
93
|
|
|
} |
|
94
|
|
|
|
|
95
|
|
|
private function getRedirectUrl(Element $element, Request $request): string |
|
96
|
|
|
{ |
|
97
|
|
|
$redirectUrl = $request->get('redirect_uri'); |
|
98
|
|
|
if (null === $redirectUrl) { |
|
99
|
|
|
return $this->router->generate($element->getRoute(), $element->getRouteParameters()); |
|
100
|
|
|
} |
|
101
|
|
|
|
|
102
|
|
|
return $redirectUrl; |
|
103
|
|
|
} |
|
104
|
|
|
} |
|
105
|
|
|
|
fsi-open /
admin-security-bundle
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.