src/EventListener/RequestListener.php line 44

Open in your IDE?
  1. <?php
  3. namespace App\EventListener;
  5. use App\Enum\User\UserRestrictionsEnum;
  6. use Symfony\Component\HttpKernel\Event\RequestEvent;
  7. use Symfony\Component\HttpFoundation\RedirectResponse;
  8. use App\Entity\User;
  9. use App\Entity\Location;
  10. use Symfony\Component\Routing\RouterInterface;
  11. use Symfony\Component\Security\Core\Security;
  12. use App\Service\DatabaseService;
  13. use App\Service\UserAccessService;
  15. class RequestListener
  16. {
  17. /**
  18. * @var RouterInterface
  19. */
  20. private $router;
  22. /**
  23. * @var Security
  24. */
  25. private $security;
  27. /**
  28. * @var DatabaseService
  29. */
  30. private $databaseService;
  32. /**
  33. * @var UserAccessService
  34. */
  35. private $userAccessService;
  37. public function __construct(RouterInterface $router, Security $security, DatabaseService $databaseService, UserAccessService $userAccessService) {
  38. $this->router = $router;
  39. $this->security = $security;
  40. $this->databaseService = $databaseService;
  41. $this->userAccessService = $userAccessService;
  42. }
  44. public function onKernelRequest(RequestEvent $event): void
  45. {
  46. $request = $event->getRequest();
  47. $path = $request->getPathInfo();
  48. $user = $this->security->getUser();
  50. if (!$user instanceof User) {
  51. return;
  52. }
  54. if ($path === "/login" && $request->getSession()->isStarted()) {
  56. /** @var User $user */
  57. $user = $this->databaseService->getManager()->getRepository(User::class)->findOneBy(["username" =>$user->getUsername()]);
  59. $activeLocations = $user->getActiveLocations();
  61. if($activeLocations->isEmpty()) {
  62. if ($user->isHatchAdministrator()) {
  63. $event->setResponse(new RedirectResponse($this->router->generate('admin_index')));
  64. return;
  65. } else {
  66. $event->getRequest()->getSession()->getFlashBag()->add('error', "No active locations for login");
  67. return;
  68. }
  69. }
  70. $defaultLocation = $user->getDefaultLocation();
  71. if ( $defaultLocation instanceof Location && $activeLocations->contains($defaultLocation) ) {
  72. $event->setResponse(new RedirectResponse($this->router->generate('client_index', ['locationId' =>$defaultLocation->getId()])));
  73. return;
  74. }
  76. if($user->isHatchAdministrator()) {
  77. $event->setResponse(new RedirectResponse($this->router->generate('admin_index')));
  78. return;
  79. } elseif ($activeLocations->count() === 1) {
  80. $event->setResponse(new RedirectResponse($this->router->generate('client_index', ['locationId' =>$activeLocations->first()->getId()])));
  81. return;
  82. } else {
  83. $event->setResponse(new RedirectResponse($this->router->generate('location_login_select')));
  84. return;
  85. }
  86. }
  88. if (str_starts_with($path, '/admin')) {
  90. if ($user->isHatchAdministrator() && $user->hasRestrictions()) {
  91. $restrictionsMap = UserRestrictionsEnum::getRestrictionsMap();
  92. $userRestrictions = $user->getRestrictions();
  94. $allowedPaths = [];
  95. $redirectRoute = 'app_login';
  97. foreach ($userRestrictions as $restriction) {
  98. if (isset($restrictionsMap[$restriction])) {
  99. $allowedPaths = array_merge($allowedPaths, $restrictionsMap[$restriction]['paths']);
  100. if ($redirectRoute === 'app_login') {
  101. $redirectRoute = $restrictionsMap[$restriction]['redirect_route'];
  102. }
  103. }
  104. }
  106. $isAllowed = false;
  107. foreach ($allowedPaths as $allowedPath) {
  108. if (str_starts_with($path, $allowedPath)) {
  109. $isAllowed = true;
  110. break;
  111. }
  112. }
  114. if (!$isAllowed) {
  115. $event->setResponse(new RedirectResponse($this->router->generate($redirectRoute)));
  116. return;
  117. }
  119. } elseif (!$user->isHatchAdministrator()) {
  120. $event->setResponse(new RedirectResponse($this->router->generate('app_login')));
  121. return;
  122. }
  123. }
  125. if (str_starts_with($path, '/client')) {
  126. $locationId = $request->attributes->get('locationId');
  127. if ($locationId) {
  128. $location = $this->databaseService->getManager()->getRepository(Location::class)->find($locationId);
  129. if ($location instanceof Location && $location->getCompany() && $location->getCompany()->isBillingHold()) {
  130. $firstValidLocation = $this->userAccessService->getFirstActiveLocationInFirstNonBillingHoldCompany($user);
  131. $companyName = $location->getCompany()->getName();
  132. $request->getSession()->getFlashBag()->add(
  133. 'error',
  134. sprintf(
  135. 'Payment is Past Due for %s. Please submit payment to regain access. For any questions, please contact ComplianceBilling@KipuHealth.com.',
  136. $companyName
  137. )
  138. );
  139. if ($firstValidLocation) {
  140. $event->setResponse(
  141. new RedirectResponse(
  142. $this->router->generate('client_index', ['locationId' => $firstValidLocation->getId()])
  143. )
  144. );
  145. }
  146. }
  147. }
  148. }
  149. }
  150. }