1 | <?php |
||||||
2 | |||||||
3 | /* |
||||||
4 | * @copyright 2014 Mautic Contributors. All rights reserved |
||||||
5 | * @author Mautic |
||||||
6 | * |
||||||
7 | * @link http://mautic.org |
||||||
8 | * |
||||||
9 | * @license GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html |
||||||
10 | */ |
||||||
11 | |||||||
12 | namespace Mautic\ApiBundle\EventListener; |
||||||
13 | |||||||
14 | use Doctrine\ORM\EntityManager; |
||||||
15 | use FOS\OAuthServerBundle\Event\OAuthEvent; |
||||||
16 | use Mautic\CoreBundle\Security\Permissions\CorePermissions; |
||||||
17 | use Symfony\Component\Security\Core\Exception\AccessDeniedException; |
||||||
18 | use Symfony\Component\Translation\TranslatorInterface; |
||||||
19 | |||||||
20 | class OAuthEventListener |
||||||
21 | { |
||||||
22 | /** |
||||||
23 | * @var \Doctrine\ORM\EntityManager |
||||||
24 | */ |
||||||
25 | private $em; |
||||||
26 | |||||||
27 | /** |
||||||
28 | * @var \Mautic\CoreBundle\Security\Permissions\CorePermissions |
||||||
29 | */ |
||||||
30 | private $mauticSecurity; |
||||||
31 | |||||||
32 | /** |
||||||
33 | * @var \Symfony\Bundle\FrameworkBundle\Translation\Translator |
||||||
34 | */ |
||||||
35 | private $translator; |
||||||
36 | |||||||
37 | /** |
||||||
38 | * OAuthEventListener constructor. |
||||||
39 | */ |
||||||
40 | public function __construct(EntityManager $entityManager, CorePermissions $corePermissions, TranslatorInterface $translator) |
||||||
41 | { |
||||||
42 | $this->em = $entityManager; |
||||||
43 | $this->mauticSecurity = $corePermissions; |
||||||
44 | $this->translator = $translator; |
||||||
45 | } |
||||||
46 | |||||||
47 | /** |
||||||
48 | * @throws AccessDeniedException |
||||||
49 | */ |
||||||
50 | public function onPreAuthorizationProcess(OAuthEvent $event) |
||||||
51 | { |
||||||
52 | if ($user = $this->getUser($event)) { |
||||||
53 | //check to see if user has api access |
||||||
54 | if (!$this->mauticSecurity->isGranted('api:access:full')) { |
||||||
55 | throw new AccessDeniedException($this->translator->trans('mautic.core.error.accessdenied', [], 'flashes')); |
||||||
56 | } |
||||||
57 | $client = $event->getClient(); |
||||||
58 | $event->setAuthorizedClient( |
||||||
59 | $client->isAuthorizedClient($user, $this->em) |
||||||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||||||
60 | ); |
||||||
61 | } |
||||||
62 | } |
||||||
63 | |||||||
64 | public function onPostAuthorizationProcess(OAuthEvent $event) |
||||||
65 | { |
||||||
66 | if ($event->isAuthorizedClient()) { |
||||||
67 | if (null !== $client = $event->getClient()) { |
||||||
68 | $user = $this->getUser($event); |
||||||
69 | $client->addUser($user); |
||||||
0 ignored issues
–
show
The method
addUser() does not exist on FOS\OAuthServerBundle\Model\ClientInterface . It seems like you code against a sub-type of FOS\OAuthServerBundle\Model\ClientInterface such as Mautic\ApiBundle\Entity\oAuth2\Client .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||||
70 | $this->em->persist($client); |
||||||
71 | $this->em->flush(); |
||||||
72 | } |
||||||
73 | } |
||||||
74 | } |
||||||
75 | |||||||
76 | /** |
||||||
77 | * @return mixed |
||||||
78 | */ |
||||||
79 | protected function getUser(OAuthEvent $event) |
||||||
80 | { |
||||||
81 | return $this->em->getRepository('MauticUserBundle:User')->findOneByUsername($event->getUser()->getUsername()); |
||||||
0 ignored issues
–
show
The method
findOneByUsername() does not exist on Doctrine\Common\Persistence\ObjectRepository . Did you maybe mean findOneBy() ?
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed.
Loading history...
|
|||||||
82 | } |
||||||
83 | } |
||||||
84 |