vendor/sylius/resource-bundle/src/Bundle/Controller/ResourceController.php line 240

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Sylius package.
  5.  *
  6.  * (c) Paweł Jędrzejewski
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. declare(strict_types=1);
  14. namespace Sylius\Bundle\ResourceBundle\Controller;
  16. use Doctrine\Persistence\ObjectManager;
  17. use FOS\RestBundle\View\View;
  18. use Sylius\Bundle\ResourceBundle\Event\ResourceControllerEvent;
  19. use Sylius\Component\Resource\Exception\DeleteHandlingException;
  20. use Sylius\Component\Resource\Exception\UpdateHandlingException;
  21. use Sylius\Component\Resource\Factory\FactoryInterface;
  22. use Sylius\Component\Resource\Metadata\MetadataInterface;
  23. use Sylius\Component\Resource\Model\ResourceInterface;
  24. use Sylius\Component\Resource\Repository\RepositoryInterface;
  25. use Sylius\Component\Resource\ResourceActions;
  26. use Symfony\Component\DependencyInjection\ContainerAwareTrait;
  27. use Symfony\Component\DependencyInjection\ContainerInterface;
  28. use Symfony\Component\HttpFoundation\Request;
  29. use Symfony\Component\HttpFoundation\Response;
  30. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  31. use Symfony\Component\HttpKernel\Exception\HttpException;
  32. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  33. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  35. class ResourceController
  36. {
  37.     use ControllerTrait;
  38.     use ContainerAwareTrait;
  40.     /** @var MetadataInterface */
  41.     protected $metadata;
  43.     /** @var RequestConfigurationFactoryInterface */
  44.     protected $requestConfigurationFactory;
  46.     /** @var ViewHandlerInterface|null */
  47.     protected $viewHandler;
  49.     /** @var RepositoryInterface */
  50.     protected $repository;
  52.     /** @var FactoryInterface */
  53.     protected $factory;
  55.     /** @var NewResourceFactoryInterface */
  56.     protected $newResourceFactory;
  58.     /** @var ObjectManager */
  59.     protected $manager;
  61.     /** @var SingleResourceProviderInterface */
  62.     protected $singleResourceProvider;
  64.     /** @var ResourcesCollectionProviderInterface */
  65.     protected $resourcesCollectionProvider;
  67.     /** @var ResourceFormFactoryInterface */
  68.     protected $resourceFormFactory;
  70.     /** @var RedirectHandlerInterface */
  71.     protected $redirectHandler;
  73.     /** @var FlashHelperInterface */
  74.     protected $flashHelper;
  76.     /** @var AuthorizationCheckerInterface */
  77.     protected $authorizationChecker;
  79.     /** @var EventDispatcherInterface */
  80.     protected $eventDispatcher;
  82.     /** @var StateMachineInterface|null */
  83.     protected $stateMachine;
  85.     /** @var ResourceUpdateHandlerInterface */
  86.     protected $resourceUpdateHandler;
  88.     /** @var ResourceDeleteHandlerInterface */
  89.     protected $resourceDeleteHandler;
  91.     public function __construct(
  92.         MetadataInterface $metadata,
  93.         RequestConfigurationFactoryInterface $requestConfigurationFactory,
  94.         ?ViewHandlerInterface $viewHandler,
  95.         RepositoryInterface $repository,
  96.         FactoryInterface $factory,
  97.         NewResourceFactoryInterface $newResourceFactory,
  98.         ObjectManager $manager,
  99.         SingleResourceProviderInterface $singleResourceProvider,
  100.         ResourcesCollectionProviderInterface $resourcesFinder,
  101.         ResourceFormFactoryInterface $resourceFormFactory,
  102.         RedirectHandlerInterface $redirectHandler,
  103.         FlashHelperInterface $flashHelper,
  104.         AuthorizationCheckerInterface $authorizationChecker,
  105.         EventDispatcherInterface $eventDispatcher,
  106.         ?StateMachineInterface $stateMachine,
  107.         ResourceUpdateHandlerInterface $resourceUpdateHandler,
  108.         ResourceDeleteHandlerInterface $resourceDeleteHandler
  109.     ) {
  110.         $this->metadata $metadata;
  111.         $this->requestConfigurationFactory $requestConfigurationFactory;
  112.         $this->viewHandler $viewHandler;
  113.         $this->repository $repository;
  114.         $this->factory $factory;
  115.         $this->newResourceFactory $newResourceFactory;
  116.         $this->manager $manager;
  117.         $this->singleResourceProvider $singleResourceProvider;
  118.         $this->resourcesCollectionProvider $resourcesFinder;
  119.         $this->resourceFormFactory $resourceFormFactory;
  120.         $this->redirectHandler $redirectHandler;
  121.         $this->flashHelper $flashHelper;
  122.         $this->authorizationChecker $authorizationChecker;
  123.         $this->eventDispatcher $eventDispatcher;
  124.         $this->stateMachine $stateMachine;
  125.         $this->resourceUpdateHandler $resourceUpdateHandler;
  126.         $this->resourceDeleteHandler $resourceDeleteHandler;
  127.     }
  129.     public function showAction(Request $request): Response
  130.     {
  131.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  133.         $this->isGrantedOr403($configurationResourceActions::SHOW);
  134.         $resource $this->findOr404($configuration);
  136.         $this->eventDispatcher->dispatch(ResourceActions::SHOW$configuration$resource);
  138.         if ($configuration->isHtmlRequest()) {
  139.             return $this->render($configuration->getTemplate(ResourceActions::SHOW '.html'), [
  140.                 'configuration' => $configuration,
  141.                 'metadata' => $this->metadata,
  142.                 'resource' => $resource,
  143.                 $this->metadata->getName() => $resource,
  144.             ]);
  145.         }
  147.         return $this->createRestView($configuration$resource);
  148.     }
  150.     public function indexAction(Request $request): Response
  151.     {
  152.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  154.         $this->isGrantedOr403($configurationResourceActions::INDEX);
  155.         $resources $this->resourcesCollectionProvider->get($configuration$this->repository);
  157.         $this->eventDispatcher->dispatchMultiple(ResourceActions::INDEX$configuration$resources);
  159.         if ($configuration->isHtmlRequest()) {
  160.             return $this->render($configuration->getTemplate(ResourceActions::INDEX '.html'), [
  161.                 'configuration' => $configuration,
  162.                 'metadata' => $this->metadata,
  163.                 'resources' => $resources,
  164.                 $this->metadata->getPluralName() => $resources,
  165.             ]);
  166.         }
  168.         return $this->createRestView($configuration$resources);
  169.     }
  171.     public function createAction(Request $request): Response
  172.     {
  173.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  175.         $this->isGrantedOr403($configurationResourceActions::CREATE);
  176.         $newResource $this->newResourceFactory->create($configuration$this->factory);
  178.         $form $this->resourceFormFactory->create($configuration$newResource);
  179.         $form->handleRequest($request);
  181.         if ($request->isMethod('POST') && $form->isSubmitted() && $form->isValid()) {
  182.             $newResource $form->getData();
  184.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::CREATE$configuration$newResource);
  186.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  187.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  188.             }
  189.             if ($event->isStopped()) {
  190.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  192.                 $eventResponse $event->getResponse();
  193.                 if (null !== $eventResponse) {
  194.                     return $eventResponse;
  195.                 }
  197.                 return $this->redirectHandler->redirectToIndex($configuration$newResource);
  198.             }
  200.             if ($configuration->hasStateMachine()) {
  201.                 $stateMachine $this->getStateMachine();
  202.                 $stateMachine->apply($configuration$newResource);
  203.             }
  205.             $this->repository->add($newResource);
  207.             if ($configuration->isHtmlRequest()) {
  208.                 $this->flashHelper->addSuccessFlash($configurationResourceActions::CREATE$newResource);
  209.             }
  211.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::CREATE$configuration$newResource);
  213.             if (!$configuration->isHtmlRequest()) {
  214.                 return $this->createRestView($configuration$newResourceResponse::HTTP_CREATED);
  215.             }
  217.             $postEventResponse $postEvent->getResponse();
  218.             if (null !== $postEventResponse) {
  219.                 return $postEventResponse;
  220.             }
  222.             return $this->redirectHandler->redirectToResource($configuration$newResource);
  223.         }
  225.         if (!$configuration->isHtmlRequest()) {
  226.             return $this->createRestView($configuration$formResponse::HTTP_BAD_REQUEST);
  227.         }
  229.         $initializeEvent $this->eventDispatcher->dispatchInitializeEvent(ResourceActions::CREATE$configuration$newResource);
  230.         $initializeEventResponse $initializeEvent->getResponse();
  231.         if (null !== $initializeEventResponse) {
  232.             return $initializeEventResponse;
  233.         }
  235.         return $this->render($configuration->getTemplate(ResourceActions::CREATE '.html'), [
  236.             'configuration' => $configuration,
  237.             'metadata' => $this->metadata,
  238.             'resource' => $newResource,
  239.             $this->metadata->getName() => $newResource,
  240.             'form' => $form->createView(),
  241.         ]);
  242.     }
  244.     public function updateAction(Request $request): Response
  245.     {
  246.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  248.         $this->isGrantedOr403($configurationResourceActions::UPDATE);
  249.         $resource $this->findOr404($configuration);
  251.         $form $this->resourceFormFactory->create($configuration$resource);
  252.         $form->handleRequest($request);
  254.         if (
  255.             in_array($request->getMethod(), ['POST''PUT''PATCH'], true)
  256.             && $form->isSubmitted()
  257.             && $form->isValid()
  258.         ) {
  259.             $resource $form->getData();
  261.             /** @var ResourceControllerEvent $event */
  262.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::UPDATE$configuration$resource);
  264.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  265.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  266.             }
  267.             if ($event->isStopped()) {
  268.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  270.                 $eventResponse $event->getResponse();
  271.                 if (null !== $eventResponse) {
  272.                     return $eventResponse;
  273.                 }
  275.                 return $this->redirectHandler->redirectToResource($configuration$resource);
  276.             }
  278.             try {
  279.                 $this->resourceUpdateHandler->handle($resource$configuration$this->manager);
  280.             } catch (UpdateHandlingException $exception) {
  281.                 if (!$configuration->isHtmlRequest()) {
  282.                     return $this->createRestView($configuration$form$exception->getApiResponseCode());
  283.                 }
  285.                 $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  287.                 return $this->redirectHandler->redirectToReferer($configuration);
  288.             }
  290.             if ($configuration->isHtmlRequest()) {
  291.                 $this->flashHelper->addSuccessFlash($configurationResourceActions::UPDATE$resource);
  292.             }
  294.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::UPDATE$configuration$resource);
  296.             if (!$configuration->isHtmlRequest()) {
  297.                 if ($configuration->getParameters()->get('return_content'false)) {
  298.                     return $this->createRestView($configuration$resourceResponse::HTTP_OK);
  299.                 }
  301.                 return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  302.             }
  304.             $postEventResponse $postEvent->getResponse();
  305.             if (null !== $postEventResponse) {
  306.                 return $postEventResponse;
  307.             }
  309.             return $this->redirectHandler->redirectToResource($configuration$resource);
  310.         }
  312.         if (!$configuration->isHtmlRequest()) {
  313.             return $this->createRestView($configuration$formResponse::HTTP_BAD_REQUEST);
  314.         }
  316.         $initializeEvent $this->eventDispatcher->dispatchInitializeEvent(ResourceActions::UPDATE$configuration$resource);
  317.         $initializeEventResponse $initializeEvent->getResponse();
  318.         if (null !== $initializeEventResponse) {
  319.             return $initializeEventResponse;
  320.         }
  322.         return $this->render($configuration->getTemplate(ResourceActions::UPDATE '.html'), [
  323.             'configuration' => $configuration,
  324.             'metadata' => $this->metadata,
  325.             'resource' => $resource,
  326.             $this->metadata->getName() => $resource,
  327.             'form' => $form->createView(),
  328.         ]);
  329.     }
  331.     public function deleteAction(Request $request): Response
  332.     {
  333.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  335.         $this->isGrantedOr403($configurationResourceActions::DELETE);
  336.         $resource $this->findOr404($configuration);
  338.         if ($configuration->isCsrfProtectionEnabled() && !$this->isCsrfTokenValid((string) $resource->getId(), (string) $request->request->get('_csrf_token'))) {
  339.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid csrf token.');
  340.         }
  342.         $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::DELETE$configuration$resource);
  344.         if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  345.             throw new HttpException($event->getErrorCode(), $event->getMessage());
  346.         }
  347.         if ($event->isStopped()) {
  348.             $this->flashHelper->addFlashFromEvent($configuration$event);
  350.             $eventResponse $event->getResponse();
  351.             if (null !== $eventResponse) {
  352.                 return $eventResponse;
  353.             }
  355.             return $this->redirectHandler->redirectToIndex($configuration$resource);
  356.         }
  358.         try {
  359.             $this->resourceDeleteHandler->handle($resource$this->repository);
  360.         } catch (DeleteHandlingException $exception) {
  361.             if (!$configuration->isHtmlRequest()) {
  362.                 return $this->createRestView($configurationnull$exception->getApiResponseCode());
  363.             }
  365.             $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  367.             return $this->redirectHandler->redirectToReferer($configuration);
  368.         }
  370.         if ($configuration->isHtmlRequest()) {
  371.             $this->flashHelper->addSuccessFlash($configurationResourceActions::DELETE$resource);
  372.         }
  374.         $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::DELETE$configuration$resource);
  376.         if (!$configuration->isHtmlRequest()) {
  377.             return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  378.         }
  380.         $postEventResponse $postEvent->getResponse();
  381.         if (null !== $postEventResponse) {
  382.             return $postEventResponse;
  383.         }
  385.         return $this->redirectHandler->redirectToIndex($configuration$resource);
  386.     }
  388.     public function bulkDeleteAction(Request $request): Response
  389.     {
  390.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  392.         $this->isGrantedOr403($configurationResourceActions::BULK_DELETE);
  393.         $resources $this->resourcesCollectionProvider->get($configuration$this->repository);
  395.         if (
  396.             $configuration->isCsrfProtectionEnabled() &&
  397.             !$this->isCsrfTokenValid(ResourceActions::BULK_DELETE, (string) $request->request->get('_csrf_token'))
  398.         ) {
  399.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid csrf token.');
  400.         }
  402.         $this->eventDispatcher->dispatchMultiple(ResourceActions::BULK_DELETE$configuration$resources);
  404.         foreach ($resources as $resource) {
  405.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::DELETE$configuration$resource);
  407.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  408.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  409.             }
  410.             if ($event->isStopped()) {
  411.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  413.                 $eventResponse $event->getResponse();
  414.                 if (null !== $eventResponse) {
  415.                     return $eventResponse;
  416.                 }
  418.                 return $this->redirectHandler->redirectToIndex($configuration$resource);
  419.             }
  421.             try {
  422.                 $this->resourceDeleteHandler->handle($resource$this->repository);
  423.             } catch (DeleteHandlingException $exception) {
  424.                 if (!$configuration->isHtmlRequest()) {
  425.                     return $this->createRestView($configurationnull$exception->getApiResponseCode());
  426.                 }
  428.                 $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  430.                 return $this->redirectHandler->redirectToReferer($configuration);
  431.             }
  433.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::DELETE$configuration$resource);
  434.         }
  436.         if (!$configuration->isHtmlRequest()) {
  437.             return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  438.         }
  440.         $this->flashHelper->addSuccessFlash($configurationResourceActions::BULK_DELETE);
  442.         if (isset($postEvent)) {
  443.             $postEventResponse $postEvent->getResponse();
  444.             if (null !== $postEventResponse) {
  445.                 return $postEventResponse;
  446.             }
  447.         }
  449.         return $this->redirectHandler->redirectToIndex($configuration);
  450.     }
  452.     public function applyStateMachineTransitionAction(Request $request): Response
  453.     {
  454.         $stateMachine $this->getStateMachine();
  455.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  457.         $this->isGrantedOr403($configurationResourceActions::UPDATE);
  458.         $resource $this->findOr404($configuration);
  460.         if ($configuration->isCsrfProtectionEnabled() && !$this->isCsrfTokenValid((string) $resource->getId(), $request->get('_csrf_token'))) {
  461.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid CSRF token.');
  462.         }
  464.         $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::UPDATE$configuration$resource);
  466.         if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  467.             throw new HttpException($event->getErrorCode(), $event->getMessage());
  468.         }
  469.         if ($event->isStopped()) {
  470.             $this->flashHelper->addFlashFromEvent($configuration$event);
  472.             $eventResponse $event->getResponse();
  473.             if (null !== $eventResponse) {
  474.                 return $eventResponse;
  475.             }
  477.             return $this->redirectHandler->redirectToResource($configuration$resource);
  478.         }
  480.         if (!$stateMachine->can($configuration$resource)) {
  481.             throw new BadRequestHttpException();
  482.         }
  484.         try {
  485.             $this->resourceUpdateHandler->handle($resource$configuration$this->manager);
  486.         } catch (UpdateHandlingException $exception) {
  487.             if (!$configuration->isHtmlRequest()) {
  488.                 return $this->createRestView($configuration$resource$exception->getApiResponseCode());
  489.             }
  491.             $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  493.             return $this->redirectHandler->redirectToReferer($configuration);
  494.         }
  496.         if ($configuration->isHtmlRequest()) {
  497.             $this->flashHelper->addSuccessFlash($configurationResourceActions::UPDATE$resource);
  498.         }
  500.         $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::UPDATE$configuration$resource);
  502.         if (!$configuration->isHtmlRequest()) {
  503.             if ($configuration->getParameters()->get('return_content'true)) {
  504.                 return $this->createRestView($configuration$resourceResponse::HTTP_OK);
  505.             }
  507.             return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  508.         }
  510.         $postEventResponse $postEvent->getResponse();
  511.         if (null !== $postEventResponse) {
  512.             return $postEventResponse;
  513.         }
  515.         return $this->redirectHandler->redirectToResource($configuration$resource);
  516.     }
  518.     /**
  519.      * @return mixed
  520.      */
  521.     protected function getParameter(string $name)
  522.     {
  523.         if (!$this->container instanceof ContainerInterface) {
  524.             throw new \RuntimeException(sprintf(
  525.                 'Container passed to "%s" has to implements "%s".',
  526.                 self::class,
  527.                 ContainerInterface::class
  528.             ));
  529.         }
  531.         return $this->container->getParameter($name);
  532.     }
  534.     /**
  535.      * @throws AccessDeniedException
  536.      */
  537.     protected function isGrantedOr403(RequestConfiguration $configurationstring $permission): void
  538.     {
  539.         if (!$configuration->hasPermission()) {
  540.             return;
  541.         }
  543.         $permission $configuration->getPermission($permission);
  545.         if (!$this->authorizationChecker->isGranted($configuration$permission)) {
  546.             throw new AccessDeniedException();
  547.         }
  548.     }
  550.     /**
  551.      * @throws NotFoundHttpException
  552.      */
  553.     protected function findOr404(RequestConfiguration $configuration): ResourceInterface
  554.     {
  555.         if (null === $resource $this->singleResourceProvider->get($configuration$this->repository)) {
  556.             throw new NotFoundHttpException(sprintf('The "%s" has not been found'$this->metadata->getHumanizedName()));
  557.         }
  559.         return $resource;
  560.     }
  562.     /**
  563.      * @param mixed $data
  564.      */
  565.     protected function createRestView(RequestConfiguration $configuration$dataint $statusCode null): Response
  566.     {
  567.         if (null === $this->viewHandler) {
  568.             throw new \LogicException('You can not use the "non-html" request if FriendsOfSymfony Rest Bundle is not available. Try running "composer require friendsofsymfony/rest-bundle".');
  569.         }
  571.         $view View::create($data$statusCode);
  573.         return $this->viewHandler->handle($configuration$view);
  574.     }
  576.     protected function getStateMachine(): StateMachineInterface
  577.     {
  578.         if (null === $this->stateMachine) {
  579.             throw new \LogicException('You can not use the "state-machine" if Winzou State Machine Bundle is not available. Try running "composer require winzou/state-machine-bundle".');
  580.         }
  582.         return $this->stateMachine;
  583.     }
  584. }