vendor/shopware/core/Framework/Api/Acl/AclAnnotationValidator.php line 45

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Framework\Api\Acl;
  5. use Doctrine\DBAL\Connection;
  6. use Shopware\Core\Framework\Api\Exception\MissingPrivilegeException;
  7. use Shopware\Core\Framework\Log\Package;
  8. use Shopware\Core\Framework\Routing\Annotation\Acl;
  9. use Shopware\Core\Framework\Routing\KernelListenerPriorities;
  10. use Shopware\Core\Framework\Uuid\Uuid;
  11. use Shopware\Core\PlatformRequest;
  12. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  15. use Symfony\Component\HttpKernel\KernelEvents;
  17. /**
  18.  * @deprecated tag:v6.5.0 - reason:becomes-internal - EventSubscribers will become internal in v6.5.0
  19.  */
  20. #[Package('core')]
  21. class AclAnnotationValidator implements EventSubscriberInterface
  22. {
  23.     private Connection $connection;
  25.     /**
  26.      * @internal
  27.      */
  28.     public function __construct(Connection $connection)
  29.     {
  30.         $this->connection $connection;
  31.     }
  33.     /**
  34.      * @return array<string, string|array{0: string, 1: int}|list<array{0: string, 1?: int}>>
  35.      */
  36.     public static function getSubscribedEvents()
  37.     {
  38.         return [
  39.             KernelEvents::CONTROLLER => [
  40.                 ['validate'KernelListenerPriorities::KERNEL_CONTROLLER_EVENT_SCOPE_VALIDATE],
  41.             ],
  42.         ];
  43.     }
  45.     public function validate(ControllerEvent $event): void
  46.     {
  47.         $request $event->getRequest();
  49.         $privileges $request->attributes->get(PlatformRequest::ATTRIBUTE_ACL);
  51.         if (!$privileges) {
  52.             return;
  53.         }
  55.         if ($privileges instanceof Acl) {
  56.             $privileges $privileges->getValue();
  57.         }
  59.         $context $request->attributes->get(PlatformRequest::ATTRIBUTE_CONTEXT_OBJECT);
  60.         if ($context === null) {
  61.             throw new MissingPrivilegeException([]);
  62.         }
  64.         foreach ($privileges as $privilege) {
  65.             if ($privilege === 'app') {
  66.                 if ($context->isAllowed('app.all')) {
  67.                     return;
  68.                 }
  70.                 $privilege $this->getAppPrivilege($request);
  71.             }
  73.             if (!$context->isAllowed($privilege)) {
  74.                 throw new MissingPrivilegeException([$privilege]);
  75.             }
  76.         }
  77.     }
  79.     private function getAppPrivilege(Request $request): string
  80.     {
  81.         $actionId $request->get('id');
  83.         if (empty($actionId)) {
  84.             throw new MissingPrivilegeException();
  85.         }
  87.         $appName $this->connection->fetchOne(
  88.             '
  89.                 SELECT `app`.`name` AS `name`
  90.                 FROM `app`
  91.                 INNER JOIN `app_action_button` ON `app`.`id` = `app_action_button`.`app_id`
  92.                 WHERE `app_action_button`.`id` = :id
  93.             ',
  94.             ['id' => Uuid::fromHexToBytes($actionId)],
  95.         );
  97.         return 'app.' $appName;
  98.     }
  99. }