src/EventSubscriber/ActionSubscriber.php line 22

  1. <?php
  3. namespace App\EventSubscriber;
  5. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  6. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  7. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  8. use Symfony\Component\HttpKernel\KernelEvents;
  9. use Symfony\Component\HttpFoundation\RequestStack;
  10. use App\Controller\BaseController;
  12. class ActionSubscriber implements EventSubscriberInterface
  13. {
  14.     private $_requestStack;
  15.     private $_controller;
  17.     public function __construct(RequestStack $requestStack)
  18.     {
  19.         $this->_requestStack $requestStack;
  20.     }
  21.     
  22.     public function onKernelController(ControllerEvent $event)
  23.     {
  24.         $controller $event->getController();
  26.         /*
  27.          * $controller passed can be either a class or a Closure.
  28.          * This is not usual in Symfony but it may happen.
  29.          * If it is a class, it comes in array format
  30.          */
  31.         if (!is_array($controller))
  32.             return;
  34.         if ($controller[0] instanceof BaseController)
  35.         {
  36.             $this->_controller $controller[0];
  37.             $this->_controller->beforeAction();
  38.         }
  39.     }
  41.     public function onKernelResponse(ResponseEvent $event)
  42.     {
  43.         if ($this->_controller)
  44.             $this->_controller->afterAction();
  45.         
  46.         // dodatkowa blokada Basic Auth dla panelu administracyjnego
  47.         
  48.         if (isset($_ENV['ADMIN_BASIC_AUTH_ACTIVE']) && (int)$_ENV['ADMIN_BASIC_AUTH_ACTIVE'] &&
  49.                 isset($_ENV['ADMIN_BASIC_AUTH_USER']) && $_ENV['ADMIN_BASIC_AUTH_USER'] != '' &&
  50.                 isset($_ENV['ADMIN_BASIC_AUTH_PASSWORD']) && $_ENV['ADMIN_BASIC_AUTH_PASSWORD'] != '')
  51.         {
  52.             if (strpos($this->_requestStack->getMainRequest()->get('_route'), 'admin_') === 0)
  53.             {
  54.                 $request $event->getRequest();
  56.                 $username $request->server->get('PHP_AUTH_USER');
  57.                 $password $request->server->get('PHP_AUTH_PW');            
  59.                 if ($_ENV['ADMIN_BASIC_AUTH_USER'] != $username || $_ENV['ADMIN_BASIC_AUTH_PASSWORD'] != $password)
  60.                 {
  61.                     $response $event->getResponse();
  62.                     $response->setStatusCode(401);
  63.                     $response->headers->set('WWW-Authenticate''Basic realm="Restricted Area"');
  64.                     $response->setContent('Brak dostÄ™pu.');
  66.                     $event->setResponse($response);            
  67.                 }
  68.             }
  69.         }
  70.     }
  71.     
  72.     public static function getSubscribedEvents()
  73.     {
  74.         return array(
  75.             KernelEvents::CONTROLLER => 'onKernelController',
  76.             KernelEvents::RESPONSE => 'onKernelResponse'
  77.         );
  78.     }
  79. }