vendor/shopware/core/Framework/Routing/RouteScopeListener.php line 57

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Framework\Routing;
  5. use Shopware\Core\Framework\Log\Package;
  6. use Shopware\Core\Framework\Routing\Annotation\RouteScope as RouteScopeAnnotation;
  7. use Shopware\Core\Framework\Routing\Exception\InvalidRouteScopeException;
  8. use Shopware\Core\PlatformRequest;
  9. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  10. use Symfony\Component\HttpFoundation\Request;
  11. use Symfony\Component\HttpFoundation\RequestStack;
  12. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  13. use Symfony\Component\HttpKernel\KernelEvents;
  15. /**
  16.  * @deprecated tag:v6.5.0 - reason:becomes-internal - EventSubscribers will become internal in v6.5.0
  17.  */
  18. #[Package('core')]
  19. class RouteScopeListener implements EventSubscriberInterface
  20. {
  21.     private RequestStack $requestStack;
  23.     private RouteScopeRegistry $routeScopeRegistry;
  25.     /**
  26.      * @var RouteScopeWhitelistInterface[]
  27.      */
  28.     private array $whitelists;
  30.     /**
  31.      * @internal
  32.      *
  33.      * @param iterable<RouteScopeWhitelistInterface> $whitelists
  34.      */
  35.     public function __construct(
  36.         RouteScopeRegistry $routeScopeRegistry,
  37.         RequestStack $requestStack,
  38.         iterable $whitelists
  39.     ) {
  40.         $this->routeScopeRegistry $routeScopeRegistry;
  41.         $this->requestStack $requestStack;
  42.         $this->whitelists = \is_array($whitelists) ? $whitelists iterator_to_array($whitelists);
  43.     }
  45.     public static function getSubscribedEvents(): array
  46.     {
  47.         return [
  48.             KernelEvents::CONTROLLER => [
  49.                 ['checkScope'KernelListenerPriorities::KERNEL_CONTROLLER_EVENT_SCOPE_VALIDATE],
  50.             ],
  51.         ];
  52.     }
  54.     /**
  55.      * Validate that any given controller invocation creates a valid scope with the original master request
  56.      */
  57.     public function checkScope(ControllerEvent $event): void
  58.     {
  59.         if ($this->isWhitelistedController($event)) {
  60.             return;
  61.         }
  63.         $scopes $this->extractCurrentScopeAnnotation($event);
  64.         $masterRequest $this->getMainRequest();
  66.         foreach ($scopes as $routeScopeName) {
  67.             $routeScope $this->routeScopeRegistry->getRouteScope($routeScopeName);
  69.             $pathAllowed $routeScope->isAllowedPath($masterRequest->getPathInfo());
  70.             $requestAllowed $routeScope->isAllowed($masterRequest);
  72.             if ($pathAllowed && $requestAllowed) {
  73.                 return;
  74.             }
  75.         }
  77.         throw new InvalidRouteScopeException($masterRequest->attributes->get('_route'));
  78.     }
  80.     private function extractControllerClass(ControllerEvent $event): ?string
  81.     {
  82.         $controllerCallable = \Closure::fromCallable($event->getController());
  83.         $controllerCallable = new \ReflectionFunction($controllerCallable);
  85.         $controller $controllerCallable->getClosureThis();
  87.         if (!$controller) {
  88.             return null;
  89.         }
  91.         return \get_class($controller);
  92.     }
  94.     private function isWhitelistedController(ControllerEvent $event): bool
  95.     {
  96.         $controllerClass $this->extractControllerClass($event);
  98.         if (!$controllerClass) {
  99.             return false;
  100.         }
  102.         foreach ($this->whitelists as $whitelist) {
  103.             if ($whitelist->applies($controllerClass)) {
  104.                 return true;
  105.             }
  106.         }
  108.         return false;
  109.     }
  111.     /**
  112.      * @return list<string>
  113.      */
  114.     private function extractCurrentScopeAnnotation(ControllerEvent $event): array
  115.     {
  116.         $currentRequest $event->getRequest();
  118.         /** @var RouteScopeAnnotation|list<string> $scopes */
  119.         $scopes $currentRequest->get(PlatformRequest::ATTRIBUTE_ROUTE_SCOPE, []);
  121.         if ($scopes instanceof RouteScopeAnnotation) {
  122.             return $scopes->getScopes();
  123.         }
  125.         if ($scopes !== []) {
  126.             return $scopes;
  127.         }
  129.         throw new InvalidRouteScopeException($currentRequest->attributes->get('_route'));
  130.     }
  132.     private function getMainRequest(): Request
  133.     {
  134.         $masterRequest $this->requestStack->getMainRequest();
  136.         if (!$masterRequest) {
  137.             throw new \InvalidArgumentException('Unable to check the request scope without master request');
  138.         }
  140.         return $masterRequest;
  141.     }
  142. }