eZ\Publish\Core\MVC\Symfony\Security\EventListener\SecurityListener::checkSiteAccessPermission PHP Method

SecurityListener Class Documentation Usage Examples Of eZ\Publish\Core\MVC\Symfony\Security\EventListener\SecurityListener::checkSiteAccessPermission Show file Open project: ezsystems/ezpublish-kernel

checkSiteAccessPermission() public method

Throws an UnauthorizedSiteAccessException if current user doesn't have permission to current SiteAccess.

public checkSiteAccessPermission ( Symfony\Component\Security\Http\Event\InteractiveLoginEvent $event )
$event	Symfony\Component\Security\Http\Event\InteractiveLoginEvent

    public function checkSiteAccessPermission(BaseInteractiveLoginEvent $event)
    {
        $token = $event->getAuthenticationToken();
        $originalUser = $token->getUser();
        $request = $event->getRequest();
        $siteAccess = $request->attributes->get('siteaccess');
        if (!($originalUser instanceof eZUser && $siteAccess instanceof SiteAccess)) {
            return;
        }
        if (!$this->hasAccess($siteAccess, $originalUser->getUsername())) {
            throw new UnauthorizedSiteAccessException($siteAccess, $originalUser->getUsername());
        }
    }

Usage Example

Example #1

Show file

File: SecurityListenerTest.php Project: ezsystems/ezpublish-kernel

 public function testCheckSiteAccessNoSiteAccess()
 {
     $user = $this->getMock('eZ\\Publish\\Core\\MVC\\Symfony\\Security\\UserInterface');
     $token = $this->getMock('Symfony\\Component\\Security\\Core\\Authentication\\Token\\TokenInterface');
     $token->expects($this->once())->method('getUser')->will($this->returnValue($user));
     $this->authChecker->expects($this->never())->method('isGranted');
     $this->listener->checkSiteAccessPermission(new BaseInteractiveLoginEvent(new Request(), $token));
 }

SecurityListener

__construct

checkSiteAccessPermission

getSubscribedEvents

getUser

hasAccess

isMasterRequest

onInteractiveLogin

onKernelRequest