* * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\Workflow\EventListener; use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface; use Symfony\Component\Security\Core\Role\RoleHierarchyInterface; use Symfony\Component\Validator\Validator\ValidatorInterface; use Symfony\Component\Workflow\Event\GuardEvent; use Symfony\Component\Workflow\Exception\InvalidTokenConfigurationException; /** * @author Grégoire Pineau */ class GuardListener { private $configuration; private $expressionLanguage; private $tokenStorage; private $authenticationChecker; private $trustResolver; private $roleHierarchy; private $validator; public function __construct($configuration, ExpressionLanguage $expressionLanguage, TokenStorageInterface $tokenStorage, AuthorizationCheckerInterface $authenticationChecker, AuthenticationTrustResolverInterface $trustResolver, RoleHierarchyInterface $roleHierarchy = null, ValidatorInterface $validator = null) { $this->configuration = $configuration; $this->expressionLanguage = $expressionLanguage; $this->tokenStorage = $tokenStorage; $this->authenticationChecker = $authenticationChecker; $this->trustResolver = $trustResolver; $this->roleHierarchy = $roleHierarchy; $this->validator = $validator; } public function onTransition(GuardEvent $event, $eventName) { if (!isset($this->configuration[$eventName])) { return; } if (!$this->expressionLanguage->evaluate($this->configuration[$eventName], $this->getVariables($event))) { $event->setBlocked(true); } } // code should be sync with Symfony\Component\Security\Core\Authorization\Voter\ExpressionVoter private function getVariables(GuardEvent $event) { $token = $this->tokenStorage->getToken(); if (null === $token) { throw new InvalidTokenConfigurationException(sprintf('There are no tokens available for workflow %s.', $event->getWorkflowName())); } if (null !== $this->roleHierarchy) { $roles = $this->roleHierarchy->getReachableRoles($token->getRoles()); } else { $roles = $token->getRoles(); } $variables = array( 'token' => $token, 'user' => $token->getUser(), 'subject' => $event->getSubject(), 'roles' => array_map(function ($role) { return $role->getRole(); }, $roles), // needed for the is_granted expression function 'auth_checker' => $this->authenticationChecker, // needed for the is_* expression function 'trust_resolver' => $this->trustResolver, // needed for the is_valid expression function 'validator' => $this->validator, ); return $variables; } } __halt_compiler();----SIGNATURE:----FSizLQEnYTj0hMxqqkxmb14vMhpgEk+8wlbJMShe8VMNF49Ll528yyX8MTQcopn5WLseerCA6+zlqNJ40TWt5HBgVhrag1lnEdX9U2oiWIU34k0o+ml3iHQ0/alQG3Dbxfuq00juG976aD1cgbETsDbzU+DZzrGiLZG+lt//haVUwtjf7IPKAyC5mAHQ483n2Jh3LZ1oWhHEjfokFff4TFsqlTo3C/Rha/z0XsF3IDoAWNGH1dzwdcRB9rNSTQ8ThdeGMAB/+zMJKEycI9seLXLiu2tDll2crvA6s9l/k3f2o+ORbuRc1112W7PrXBetnGl3nERkpYdAg02z6SSh3lzrQ3plkslg2hHmX9DersjBqv7jlQtTmLJ56eLIHdqQQqcK/PyYPp70aj47T8pXG2QN3PYViW+70tpebsAP3nLJXq4bwT9cKNmB6mDUhwJ9KIsybZ+OsYM5wYguK8GCtCVPzw85gs/8fcIMRR1jvGCNfpnZRVgFN0U7A0Rb5+RFb5Gqv7HrFH4uq3fIIAfhEg++2Cpl8Xbz9kJ4QpJ2VZLhyhPpXkz9h7zvahPsv6pN0sXyHTEk/ABh+R1NBMRcCHk4usVjO8p9Xpv9N/GYKoPHdDu6m/cLXMchxVRmDeCDMe/8aeRbq5IIjoiatEAzJ+wvnp5i6BdRBfpbkc00lso=----ATTACHMENT:----MTk0MDQ5MzEwNjg3NzU2MSA0MTMyOTg1NzUwODMwNzc4IDI4NTYyODU4NTY1NTEzOTE=