vendor/shopware/core/Framework/Routing/RouteScopeListener.php line 53

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Framework\Routing;
  5. use Shopware\Core\Framework\Routing\Annotation\RouteScope as RouteScopeAnnotation;
  6. use Shopware\Core\Framework\Routing\Exception\InvalidRouteScopeException;
  7. use Shopware\Core\PlatformRequest;
  8. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  9. use Symfony\Component\HttpFoundation\Request;
  10. use Symfony\Component\HttpFoundation\RequestStack;
  11. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  12. use Symfony\Component\HttpKernel\KernelEvents;
  14. class RouteScopeListener implements EventSubscriberInterface
  15. {
  16.     /**
  17.      * @var RequestStack
  18.      */
  19.     private $requestStack;
  21.     /**
  22.      * @var RouteScopeRegistry
  23.      */
  24.     private $routeScopeRegistry;
  26.     /**
  27.      * @var RouteScopeWhitelistInterface[]
  28.      */
  29.     private $whitelists;
  31.     public function __construct(
  32.         RouteScopeRegistry $routeScopeRegistry,
  33.         RequestStack $requestStack,
  34.         iterable $whitelists
  35.     ) {
  36.         $this->routeScopeRegistry $routeScopeRegistry;
  37.         $this->requestStack $requestStack;
  38.         $this->whitelists $whitelists;
  39.     }
  41.     public static function getSubscribedEvents(): array
  42.     {
  43.         return [
  44.             KernelEvents::CONTROLLER => [
  45.                 ['checkScope'KernelListenerPriorities::KERNEL_CONTROLLER_EVENT_SCOPE_VALIDATE],
  46.             ],
  47.         ];
  48.     }
  50.     /**
  51.      * Validate that any given controller invocation creates a valid scope with the original master request
  52.      */
  53.     public function checkScope(ControllerEvent $event): void
  54.     {
  55.         if ($this->isWhitelistedController($event)) {
  56.             return;
  57.         }
  59.         $scopes $this->extractCurrentScopeAnnotation($event);
  60.         $masterRequest $this->getMainRequest();
  62.         foreach ($scopes as $routeScopeName) {
  63.             $routeScope $this->routeScopeRegistry->getRouteScope($routeScopeName);
  65.             $pathAllowed $routeScope->isAllowedPath($masterRequest->getPathInfo());
  66.             $requestAllowed $routeScope->isAllowed($masterRequest);
  68.             if ($pathAllowed && $requestAllowed) {
  69.                 return;
  70.             }
  71.         }
  73.         throw new InvalidRouteScopeException($masterRequest->attributes->get('_route'));
  74.     }
  76.     private function extractControllerClass(ControllerEvent $event): string
  77.     {
  78.         $controllerCallable \Closure::fromCallable($event->getController());
  79.         $controllerCallable = new \ReflectionFunction($controllerCallable);
  81.         return \get_class($controllerCallable->getClosureThis());
  82.     }
  84.     private function isWhitelistedController(ControllerEvent $event): bool
  85.     {
  86.         $controllerClass $this->extractControllerClass($event);
  88.         foreach ($this->whitelists as $whitelist) {
  89.             if ($whitelist->applies($controllerClass)) {
  90.                 return true;
  91.             }
  92.         }
  94.         return false;
  95.     }
  97.     private function extractCurrentScopeAnnotation(ControllerEvent $event): array
  98.     {
  99.         $currentRequest $event->getRequest();
  101.         /** @var RouteScopeAnnotation|array $scopes */
  102.         $scopes $currentRequest->get(PlatformRequest::ATTRIBUTE_ROUTE_SCOPE, []);
  104.         if ($scopes instanceof RouteScopeAnnotation) {
  105.             return $scopes->getScopes();
  106.         }
  108.         if ($scopes !== []) {
  109.             return $scopes;
  110.         }
  112.         throw new InvalidRouteScopeException($currentRequest->attributes->get('_route'));
  113.     }
  115.     private function getMainRequest(): Request
  116.     {
  117.         $masterRequest $this->requestStack->getMainRequest();
  119.         if (!$masterRequest) {
  120.             throw new \InvalidArgumentException('Unable to check the request scope without master request');
  121.         }
  123.         return $masterRequest;
  124.     }
  125. }