PHP Class eZ\Publish\Core\MVC\Symfony\Security\EventListener\SecurityListener

Also listens to kernel.request to: - Check if current user (authenticated or not) can access to current SiteAccess
Inheritance: implements Symfony\Component\EventDispatcher\EventSubscriberInterface
Datei anzeigen Open project: ezsystems/ezpublish-kernel Class Usage Examples

Protected Properties

Property Type Description
$authorizationChecker Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface
$configResolver eZ\Publish\Core\MVC\ConfigResolverInterface
$eventDispatcher Symfony\Component\EventDispatcher\EventDispatcherInterface
$fragmentPath string ..).
$repository eZ\Publish\API\Repository\Repository
$tokenStorage Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface

Public Methods

Method Description
__construct ( eZ\Publish\API\Repository\Repository $repository, eZ\Publish\Core\MVC\ConfigResolverInterface $configResolver, Symfony\Component\EventDispatcher\EventDispatcherInterface $eventDispatcher, Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface $tokenStorage, Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface $authorizationChecker, $fragmentPath = '/_fragment' )
checkSiteAccessPermission ( Symfony\Component\Security\Http\Event\InteractiveLoginEvent $event ) Throws an UnauthorizedSiteAccessException if current user doesn't have permission to current SiteAccess.
getSubscribedEvents ( )
onInteractiveLogin ( Symfony\Component\Security\Http\Event\InteractiveLoginEvent $event ) Tries to retrieve a valid eZ user if authenticated user doesn't come from the repository (foreign user provider).
onKernelRequest ( GetResponseEvent $event ) Throws an UnauthorizedSiteAccessException if current user doesn't have access to current SiteAccess.

Protected Methods

Method Description
getUser ( Symfony\Component\Security\Core\User\UserInterface $originalUser, eZ\Publish\API\Repository\Values\User\User $apiUser ) : eZ\Publish\Core\MVC\Symfony\Security\UserInterface Returns new user object based on original user and provided API user.
hasAccess ( SiteAccess $siteAccess ) : boolean Returns true if current user has access to given SiteAccess.

Private Methods

Method Description
isMasterRequest ( Request $request, $requestType ) : boolean Returns true if given request is considered as a master request.

Method Details

__construct() public method

public __construct ( eZ\Publish\API\Repository\Repository $repository, eZ\Publish\Core\MVC\ConfigResolverInterface $configResolver, Symfony\Component\EventDispatcher\EventDispatcherInterface $eventDispatcher, Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface $tokenStorage, Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface $authorizationChecker, $fragmentPath = '/_fragment' )
$repository eZ\Publish\API\Repository\Repository
$configResolver eZ\Publish\Core\MVC\ConfigResolverInterface
$eventDispatcher Symfony\Component\EventDispatcher\EventDispatcherInterface
$tokenStorage Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface
$authorizationChecker Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface

checkSiteAccessPermission() public method

Throws an UnauthorizedSiteAccessException if current user doesn't have permission to current SiteAccess.
public checkSiteAccessPermission ( Symfony\Component\Security\Http\Event\InteractiveLoginEvent $event )
$event Symfony\Component\Security\Http\Event\InteractiveLoginEvent

getSubscribedEvents() public static method

public static getSubscribedEvents ( )

getUser() protected method

One may want to override this method to use their own user class.
protected getUser ( Symfony\Component\Security\Core\User\UserInterface $originalUser, eZ\Publish\API\Repository\Values\User\User $apiUser ) : eZ\Publish\Core\MVC\Symfony\Security\UserInterface
$originalUser Symfony\Component\Security\Core\User\UserInterface
$apiUser eZ\Publish\API\Repository\Values\User\User
return eZ\Publish\Core\MVC\Symfony\Security\UserInterface

hasAccess() protected method

Returns true if current user has access to given SiteAccess.
protected hasAccess ( SiteAccess $siteAccess ) : boolean
$siteAccess eZ\Publish\Core\MVC\Symfony\SiteAccess
return boolean

onInteractiveLogin() public method

Will dispatch an event allowing listeners to return a valid eZ user for current authenticated user. Will by default let the repository load the anonymous user.
public onInteractiveLogin ( Symfony\Component\Security\Http\Event\InteractiveLoginEvent $event )
$event Symfony\Component\Security\Http\Event\InteractiveLoginEvent

onKernelRequest() public method

Throws an UnauthorizedSiteAccessException if current user doesn't have access to current SiteAccess.
public onKernelRequest ( GetResponseEvent $event )
$event Symfony\Component\HttpKernel\Event\GetResponseEvent

Property Details

$authorizationChecker protected_oe property

protected AuthorizationCheckerInterface,Symfony\Component\Security\Core\Authorization $authorizationChecker
return Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface

$configResolver protected_oe property

protected ConfigResolverInterface,eZ\Publish\Core\MVC $configResolver
return eZ\Publish\Core\MVC\ConfigResolverInterface

$eventDispatcher protected_oe property

protected EventDispatcherInterface,Symfony\Component\EventDispatcher $eventDispatcher
return Symfony\Component\EventDispatcher\EventDispatcherInterface

$fragmentPath protected_oe property

..).
protected string $fragmentPath
return string

$repository protected_oe property

protected Repository,eZ\Publish\API\Repository $repository
return eZ\Publish\API\Repository\Repository

$tokenStorage protected_oe property

protected TokenStorageInterface,Symfony\Component\Security\Core\Authentication\Token\Storage $tokenStorage
return Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface