vendor/sylius/resource-bundle/src/Bundle/Controller/ResourceController.php line 156

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Sylius package.
  5.  *
  6.  * (c) Paweł Jędrzejewski
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. declare(strict_types=1);
  14. namespace Sylius\Bundle\ResourceBundle\Controller;
  16. use Doctrine\Persistence\ObjectManager;
  17. use FOS\RestBundle\View\View;
  18. use Sylius\Bundle\ResourceBundle\Event\ResourceControllerEvent;
  19. use Sylius\Component\Resource\Exception\DeleteHandlingException;
  20. use Sylius\Component\Resource\Exception\UpdateHandlingException;
  21. use Sylius\Component\Resource\Factory\FactoryInterface;
  22. use Sylius\Component\Resource\Metadata\MetadataInterface;
  23. use Sylius\Component\Resource\Model\ResourceInterface;
  24. use Sylius\Component\Resource\Repository\RepositoryInterface;
  25. use Sylius\Component\Resource\ResourceActions;
  26. use Symfony\Component\DependencyInjection\ContainerAwareTrait;
  27. use Symfony\Component\DependencyInjection\ContainerInterface;
  28. use Symfony\Component\HttpFoundation\Request;
  29. use Symfony\Component\HttpFoundation\Response;
  30. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  31. use Symfony\Component\HttpKernel\Exception\HttpException;
  32. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  33. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  35. class ResourceController
  36. {
  37.     use ControllerTrait;
  38.     use ContainerAwareTrait;
  40.     /** @var MetadataInterface */
  41.     protected $metadata;
  43.     /** @var RequestConfigurationFactoryInterface */
  44.     protected $requestConfigurationFactory;
  46.     /** @var ViewHandlerInterface|null */
  47.     protected $viewHandler;
  49.     /** @var RepositoryInterface */
  50.     protected $repository;
  52.     /** @var FactoryInterface */
  53.     protected $factory;
  55.     /** @var NewResourceFactoryInterface */
  56.     protected $newResourceFactory;
  58.     /** @var ObjectManager */
  59.     protected $manager;
  61.     /** @var SingleResourceProviderInterface */
  62.     protected $singleResourceProvider;
  64.     /** @var ResourcesCollectionProviderInterface */
  65.     protected $resourcesCollectionProvider;
  67.     /** @var ResourceFormFactoryInterface */
  68.     protected $resourceFormFactory;
  70.     /** @var RedirectHandlerInterface */
  71.     protected $redirectHandler;
  73.     /** @var FlashHelperInterface */
  74.     protected $flashHelper;
  76.     /** @var AuthorizationCheckerInterface */
  77.     protected $authorizationChecker;
  79.     /** @var EventDispatcherInterface */
  80.     protected $eventDispatcher;
  82.     /** @var StateMachineInterface|null */
  83.     protected $stateMachine;
  85.     /** @var ResourceUpdateHandlerInterface */
  86.     protected $resourceUpdateHandler;
  88.     /** @var ResourceDeleteHandlerInterface */
  89.     protected $resourceDeleteHandler;
  91.     public function __construct(
  92.         MetadataInterface $metadata,
  93.         RequestConfigurationFactoryInterface $requestConfigurationFactory,
  94.         ?ViewHandlerInterface $viewHandler,
  95.         RepositoryInterface $repository,
  96.         FactoryInterface $factory,
  97.         NewResourceFactoryInterface $newResourceFactory,
  98.         ObjectManager $manager,
  99.         SingleResourceProviderInterface $singleResourceProvider,
  100.         ResourcesCollectionProviderInterface $resourcesFinder,
  101.         ResourceFormFactoryInterface $resourceFormFactory,
  102.         RedirectHandlerInterface $redirectHandler,
  103.         FlashHelperInterface $flashHelper,
  104.         AuthorizationCheckerInterface $authorizationChecker,
  105.         EventDispatcherInterface $eventDispatcher,
  106.         ?StateMachineInterface $stateMachine,
  107.         ResourceUpdateHandlerInterface $resourceUpdateHandler,
  108.         ResourceDeleteHandlerInterface $resourceDeleteHandler
  109.     ) {
  110.         $this->metadata $metadata;
  111.         $this->requestConfigurationFactory $requestConfigurationFactory;
  112.         $this->viewHandler $viewHandler;
  113.         $this->repository $repository;
  114.         $this->factory $factory;
  115.         $this->newResourceFactory $newResourceFactory;
  116.         $this->manager $manager;
  117.         $this->singleResourceProvider $singleResourceProvider;
  118.         $this->resourcesCollectionProvider $resourcesFinder;
  119.         $this->resourceFormFactory $resourceFormFactory;
  120.         $this->redirectHandler $redirectHandler;
  121.         $this->flashHelper $flashHelper;
  122.         $this->authorizationChecker $authorizationChecker;
  123.         $this->eventDispatcher $eventDispatcher;
  124.         $this->stateMachine $stateMachine;
  125.         $this->resourceUpdateHandler $resourceUpdateHandler;
  126.         $this->resourceDeleteHandler $resourceDeleteHandler;
  127.     }
  129.     public function showAction(Request $request): Response
  130.     {
  131.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  133.         $this->isGrantedOr403($configurationResourceActions::SHOW);
  134.         $resource $this->findOr404($configuration);
  136.         $this->eventDispatcher->dispatch(ResourceActions::SHOW$configuration$resource);
  138.         if ($configuration->isHtmlRequest()) {
  139.             return $this->render($configuration->getTemplate(ResourceActions::SHOW '.html'), [
  140.                 'configuration' => $configuration,
  141.                 'metadata' => $this->metadata,
  142.                 'resource' => $resource,
  143.                 $this->metadata->getName() => $resource,
  144.             ]);
  145.         }
  147.         return $this->createRestView($configuration$resource);
  148.     }
  150.     public function indexAction(Request $request): Response
  151.     {
  152.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  155.         $this->isGrantedOr403($configurationResourceActions::INDEX);
  156.         $resources $this->resourcesCollectionProvider->get($configuration$this->repository);
  158.         $this->eventDispatcher->dispatchMultiple(ResourceActions::INDEX$configuration$resources);
  160.         if ($configuration->isHtmlRequest()) {
  161.             return $this->render($configuration->getTemplate(ResourceActions::INDEX '.html'), [
  162.                 'configuration' => $configuration,
  163.                 'metadata' => $this->metadata,
  164.                 'resources' => $resources,
  165.                 $this->metadata->getPluralName() => $resources,
  166.             ]);
  167.         }
  169.         return $this->createRestView($configuration$resources);
  170.     }
  172.     public function createAction(Request $request): Response
  173.     {
  176.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  178.         $this->isGrantedOr403($configurationResourceActions::CREATE);
  179.         $newResource $this->newResourceFactory->create($configuration$this->factory);
  181.         $form $this->resourceFormFactory->create($configuration$newResource);
  182.         $form->handleRequest($request);
  184.         if ($request->isMethod('POST') && $form->isSubmitted() && $form->isValid()) {
  185.             $newResource $form->getData();
  187.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::CREATE$configuration$newResource);
  189.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  190.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  191.             }
  192.             if ($event->isStopped()) {
  193.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  195.                 $eventResponse $event->getResponse();
  196.                 if (null !== $eventResponse) {
  197.                     return $eventResponse;
  198.                 }
  200.                 return $this->redirectHandler->redirectToIndex($configuration$newResource);
  201.             }
  203.             if ($configuration->hasStateMachine()) {
  204.                 $stateMachine $this->getStateMachine();
  205.                 $stateMachine->apply($configuration$newResource);
  206.             }
  208.             $this->repository->add($newResource);
  210.             if ($configuration->isHtmlRequest()) {
  211.                 $this->flashHelper->addSuccessFlash($configurationResourceActions::CREATE$newResource);
  212.             }
  214.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::CREATE$configuration$newResource);
  216.             if (!$configuration->isHtmlRequest()) {
  217.                 return $this->createRestView($configuration$newResourceResponse::HTTP_CREATED);
  218.             }
  220.             $postEventResponse $postEvent->getResponse();
  221.             if (null !== $postEventResponse) {
  222.                 return $postEventResponse;
  223.             }
  225.             return $this->redirectHandler->redirectToResource($configuration$newResource);
  226.         }
  228.         if (!$configuration->isHtmlRequest()) {
  229.             return $this->createRestView($configuration$formResponse::HTTP_BAD_REQUEST);
  230.         }
  232.         $initializeEvent $this->eventDispatcher->dispatchInitializeEvent(ResourceActions::CREATE$configuration$newResource);
  233.         $initializeEventResponse $initializeEvent->getResponse();
  234.         if (null !== $initializeEventResponse) {
  235.             return $initializeEventResponse;
  236.         }
  238.         return $this->render($configuration->getTemplate(ResourceActions::CREATE '.html'), [
  239.             'configuration' => $configuration,
  240.             'metadata' => $this->metadata,
  241.             'resource' => $newResource,
  242.             $this->metadata->getName() => $newResource,
  243.             'form' => $form->createView(),
  244.         ]);
  245.     }
  247.     public function updateAction(Request $request): Response
  248.     {
  249.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  251.         $this->isGrantedOr403($configurationResourceActions::UPDATE);
  252.         $resource $this->findOr404($configuration);
  254.         $form $this->resourceFormFactory->create($configuration$resource);
  255.         $form->handleRequest($request);
  257.         if (
  258.             in_array($request->getMethod(), ['POST''PUT''PATCH'], true)
  259.             && $form->isSubmitted()
  260.             && $form->isValid()
  261.         ) {
  262.             $resource $form->getData();
  264.             /** @var ResourceControllerEvent $event */
  265.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::UPDATE$configuration$resource);
  267.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  268.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  269.             }
  270.             if ($event->isStopped()) {
  271.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  273.                 $eventResponse $event->getResponse();
  274.                 if (null !== $eventResponse) {
  275.                     return $eventResponse;
  276.                 }
  278.                 return $this->redirectHandler->redirectToResource($configuration$resource);
  279.             }
  281.             try {
  282.                 $this->resourceUpdateHandler->handle($resource$configuration$this->manager);
  283.             } catch (UpdateHandlingException $exception) {
  284.                 if (!$configuration->isHtmlRequest()) {
  285.                     return $this->createRestView($configuration$form$exception->getApiResponseCode());
  286.                 }
  288.                 $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  290.                 return $this->redirectHandler->redirectToReferer($configuration);
  291.             }
  293.             if ($configuration->isHtmlRequest()) {
  294.                 $this->flashHelper->addSuccessFlash($configurationResourceActions::UPDATE$resource);
  295.             }
  297.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::UPDATE$configuration$resource);
  299.             if (!$configuration->isHtmlRequest()) {
  300.                 if ($configuration->getParameters()->get('return_content'false)) {
  301.                     return $this->createRestView($configuration$resourceResponse::HTTP_OK);
  302.                 }
  304.                 return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  305.             }
  307.             $postEventResponse $postEvent->getResponse();
  308.             if (null !== $postEventResponse) {
  309.                 return $postEventResponse;
  310.             }
  312.             return $this->redirectHandler->redirectToResource($configuration$resource);
  313.         }
  315.         if (!$configuration->isHtmlRequest()) {
  316.             return $this->createRestView($configuration$formResponse::HTTP_BAD_REQUEST);
  317.         }
  319.         $initializeEvent $this->eventDispatcher->dispatchInitializeEvent(ResourceActions::UPDATE$configuration$resource);
  320.         $initializeEventResponse $initializeEvent->getResponse();
  321.         if (null !== $initializeEventResponse) {
  322.             return $initializeEventResponse;
  323.         }
  325.         return $this->render($configuration->getTemplate(ResourceActions::UPDATE '.html'), [
  326.             'configuration' => $configuration,
  327.             'metadata' => $this->metadata,
  328.             'resource' => $resource,
  329.             $this->metadata->getName() => $resource,
  330.             'form' => $form->createView(),
  331.         ]);
  332.     }
  334.     public function deleteAction(Request $request): Response
  335.     {
  336.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  338.         $this->isGrantedOr403($configurationResourceActions::DELETE);
  339.         $resource $this->findOr404($configuration);
  341.         if ($configuration->isCsrfProtectionEnabled() && !$this->isCsrfTokenValid((string) $resource->getId(), $request->request->get('_csrf_token'))) {
  342.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid csrf token.');
  343.         }
  345.         $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::DELETE$configuration$resource);
  347.         if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  348.             throw new HttpException($event->getErrorCode(), $event->getMessage());
  349.         }
  350.         if ($event->isStopped()) {
  351.             $this->flashHelper->addFlashFromEvent($configuration$event);
  353.             $eventResponse $event->getResponse();
  354.             if (null !== $eventResponse) {
  355.                 return $eventResponse;
  356.             }
  358.             return $this->redirectHandler->redirectToIndex($configuration$resource);
  359.         }
  361.         try {
  362.             $this->resourceDeleteHandler->handle($resource$this->repository);
  363.         } catch (DeleteHandlingException $exception) {
  364.             if (!$configuration->isHtmlRequest()) {
  365.                 return $this->createRestView($configurationnull$exception->getApiResponseCode());
  366.             }
  368.             $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  370.             return $this->redirectHandler->redirectToReferer($configuration);
  371.         }
  373.         if ($configuration->isHtmlRequest()) {
  374.             $this->flashHelper->addSuccessFlash($configurationResourceActions::DELETE$resource);
  375.         }
  377.         $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::DELETE$configuration$resource);
  379.         if (!$configuration->isHtmlRequest()) {
  380.             return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  381.         }
  383.         $postEventResponse $postEvent->getResponse();
  384.         if (null !== $postEventResponse) {
  385.             return $postEventResponse;
  386.         }
  388.         return $this->redirectHandler->redirectToIndex($configuration$resource);
  389.     }
  391.     public function bulkDeleteAction(Request $request): Response
  392.     {
  393.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  395.         $this->isGrantedOr403($configurationResourceActions::BULK_DELETE);
  396.         $resources $this->resourcesCollectionProvider->get($configuration$this->repository);
  398.         if (
  399.             $configuration->isCsrfProtectionEnabled() &&
  400.             !$this->isCsrfTokenValid(ResourceActions::BULK_DELETE$request->request->get('_csrf_token'))
  401.         ) {
  402.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid csrf token.');
  403.         }
  405.         $this->eventDispatcher->dispatchMultiple(ResourceActions::BULK_DELETE$configuration$resources);
  407.         foreach ($resources as $resource) {
  408.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::DELETE$configuration$resource);
  410.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  411.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  412.             }
  413.             if ($event->isStopped()) {
  414.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  416.                 $eventResponse $event->getResponse();
  417.                 if (null !== $eventResponse) {
  418.                     return $eventResponse;
  419.                 }
  421.                 return $this->redirectHandler->redirectToIndex($configuration$resource);
  422.             }
  424.             try {
  425.                 $this->resourceDeleteHandler->handle($resource$this->repository);
  426.             } catch (DeleteHandlingException $exception) {
  427.                 if (!$configuration->isHtmlRequest()) {
  428.                     return $this->createRestView($configurationnull$exception->getApiResponseCode());
  429.                 }
  431.                 $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  433.                 return $this->redirectHandler->redirectToReferer($configuration);
  434.             }
  436.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::DELETE$configuration$resource);
  437.         }
  439.         if (!$configuration->isHtmlRequest()) {
  440.             return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  441.         }
  443.         $this->flashHelper->addSuccessFlash($configurationResourceActions::BULK_DELETE);
  445.         if (isset($postEvent)) {
  446.             $postEventResponse $postEvent->getResponse();
  447.             if (null !== $postEventResponse) {
  448.                 return $postEventResponse;
  449.             }
  450.         }
  452.         return $this->redirectHandler->redirectToIndex($configuration);
  453.     }
  455.     public function applyStateMachineTransitionAction(Request $request): Response
  456.     {
  457.         $stateMachine $this->getStateMachine();
  458.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  460.         $this->isGrantedOr403($configurationResourceActions::UPDATE);
  461.         $resource $this->findOr404($configuration);
  463.         if ($configuration->isCsrfProtectionEnabled() && !$this->isCsrfTokenValid((string) $resource->getId(), $request->get('_csrf_token'))) {
  464.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid CSRF token.');
  465.         }
  467.         $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::UPDATE$configuration$resource);
  469.         if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  470.             throw new HttpException($event->getErrorCode(), $event->getMessage());
  471.         }
  472.         if ($event->isStopped()) {
  473.             $this->flashHelper->addFlashFromEvent($configuration$event);
  475.             $eventResponse $event->getResponse();
  476.             if (null !== $eventResponse) {
  477.                 return $eventResponse;
  478.             }
  480.             return $this->redirectHandler->redirectToResource($configuration$resource);
  481.         }
  483.         if (!$stateMachine->can($configuration$resource)) {
  484.             throw new BadRequestHttpException();
  485.         }
  487.         try {
  488.             $this->resourceUpdateHandler->handle($resource$configuration$this->manager);
  489.         } catch (UpdateHandlingException $exception) {
  490.             if (!$configuration->isHtmlRequest()) {
  491.                 return $this->createRestView($configuration$resource$exception->getApiResponseCode());
  492.             }
  494.             $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  496.             return $this->redirectHandler->redirectToReferer($configuration);
  497.         }
  499.         if ($configuration->isHtmlRequest()) {
  500.             $this->flashHelper->addSuccessFlash($configurationResourceActions::UPDATE$resource);
  501.         }
  503.         $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::UPDATE$configuration$resource);
  505.         if (!$configuration->isHtmlRequest()) {
  506.             if ($configuration->getParameters()->get('return_content'true)) {
  507.                 return $this->createRestView($configuration$resourceResponse::HTTP_OK);
  508.             }
  510.             return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  511.         }
  513.         $postEventResponse $postEvent->getResponse();
  514.         if (null !== $postEventResponse) {
  515.             return $postEventResponse;
  516.         }
  518.         return $this->redirectHandler->redirectToResource($configuration$resource);
  519.     }
  521.     /**
  522.      * @return mixed
  523.      */
  524.     protected function getParameter(string $name)
  525.     {
  526.         if (!$this->container instanceof ContainerInterface) {
  527.             throw new \RuntimeException(sprintf(
  528.                 'Container passed to "%s" has to implements "%s".',
  529.                 self::class,
  530.                 ContainerInterface::class
  531.             ));
  532.         }
  534.         return $this->container->getParameter($name);
  535.     }
  537.     /**
  538.      * @throws AccessDeniedException
  539.      */
  540.     protected function isGrantedOr403(RequestConfiguration $configurationstring $permission): void
  541.     {
  542.         if (!$configuration->hasPermission()) {
  543.             return;
  544.         }
  546.         $permission $configuration->getPermission($permission);
  548.         if (!$this->authorizationChecker->isGranted($configuration$permission)) {
  549.             throw new AccessDeniedException();
  550.         }
  551.     }
  553.     /**
  554.      * @throws NotFoundHttpException
  555.      */
  556.     protected function findOr404(RequestConfiguration $configuration): ResourceInterface
  557.     {
  558.         if (null === $resource $this->singleResourceProvider->get($configuration$this->repository)) {
  559.             throw new NotFoundHttpException(sprintf('The "%s" has not been found'$this->metadata->getHumanizedName()));
  560.         }
  562.         return $resource;
  563.     }
  565.     /**
  566.      * @param mixed $data
  567.      */
  568.     protected function createRestView(RequestConfiguration $configuration$dataint $statusCode null): Response
  569.     {
  570.         if (null === $this->viewHandler) {
  571.             throw new \LogicException('You can not use the "non-html" request if FriendsOfSymfony Rest Bundle is not available. Try running "composer require friendsofsymfony/rest-bundle".');
  572.         }
  574.         $view View::create($data$statusCode);
  576.         return $this->viewHandler->handle($configuration$view);
  577.     }
  579.     protected function getStateMachine(): StateMachineInterface
  580.     {
  581.         if (null === $this->stateMachine) {
  582.             throw new \LogicException('You can not use the "state-machine" if Winzou State Machine Bundle is not available. Try running "composer require winzou/state-machine-bundle".');
  583.         }
  585.         return $this->stateMachine;
  586.     }
  587. }