src/Tuer24/EventSubscriber/DisableUserAwareFilterSubscriber.php line 49

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace App\Tuer24\EventSubscriber;
  7. use App\Tuer24\ApiResource\Tuer24Article;
  8. use App\Tuer24\ApiResource\Tuer24DistributorRequest;
  9. use App\Tuer24\Controller\Tuer24DistributorOrderController;
  10. use Doctrine\ORM\EntityManagerInterface;
  11. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpKernel\Event\RequestEvent;
  14. use Symfony\Component\HttpKernel\KernelEvents;
  16. /**
  17. * Disables the UserAware SQL filter for specific controllers.
  18. *
  19. * This subscriber runs before EasyAdmin's AdminRouterSubscriber (priority -1)
  20. * to ensure the filter is disabled before entity fetching occurs.
  21. *
  22. * Required for distributors to view orders from other users.
  23. */
  24. class DisableUserAwareFilterSubscriber implements EventSubscriberInterface
  25. {
  26. private EntityManagerInterface $em;
  28. /**
  29. * Controllers that should bypass the UserAware filter
  30. */
  31. private const BYPASS_CONTROLLERS = [
  32. Tuer24DistributorOrderController::class,
  33. ];
  35. public function __construct(EntityManagerInterface $em)
  36. {
  37. $this->em = $em;
  38. }
  40. public static function getSubscribedEvents(): array
  41. {
  42. return [
  43. // Run AFTER UserDetection (priority 5/PRE_READ) but BEFORE EasyAdmin's AdminRouterSubscriber (priority -1)
  44. // UserDetection enables the filter, we need to disable it after that
  45. KernelEvents::REQUEST => ['onKernelRequest', 1],
  46. ];
  47. }
  49. public function onKernelRequest(RequestEvent $event): void
  50. {
  51. if (!$event->isMainRequest()) {
  52. return;
  53. }
  55. $request = $event->getRequest();
  56. // Check if this is an EasyAdmin request with a controller we want to bypass
  58. if ($this->isDisabled($request)) {
  59. $filters = $this->em->getFilters();
  60. if ($filters->isEnabled('user_aware_filter')) {
  61. $filters->disable('user_aware_filter');
  62. }
  63. }
  64. }
  66. private function isDisabled(Request $request): bool
  67. {
  68. $disable = false;
  69. if($request->query->has('crudControllerFqcn')){
  70. $disable = in_array($request->query->get('crudControllerFqcn'), self::BYPASS_CONTROLLERS, true);
  71. }
  72. if($request->attributes->has('_api_resource_class') && !$disable) {
  73. $disable = in_array($request->attributes->get('_api_resource_class'), [Tuer24Article::class, Tuer24DistributorRequest::class], true);
  74. }
  76. return $disable;
  78. }
  79. }