vendor/sylius/resource-bundle/src/Bundle/Controller/ResourceController.php line 155

  1. <?php
  3. /*
  4.  * This file is part of the Sylius package.
  5.  *
  6.  * (c) PaweÅ‚ JÄ™drzejewski
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. declare(strict_types=1);
  14. namespace Sylius\Bundle\ResourceBundle\Controller;
  16. use Doctrine\Persistence\ObjectManager;
  17. use FOS\RestBundle\View\View;
  18. use Sylius\Bundle\ResourceBundle\Event\ResourceControllerEvent;
  19. use Sylius\Component\Resource\Exception\DeleteHandlingException;
  20. use Sylius\Component\Resource\Exception\UpdateHandlingException;
  21. use Sylius\Component\Resource\Factory\FactoryInterface;
  22. use Sylius\Component\Resource\Metadata\MetadataInterface;
  23. use Sylius\Component\Resource\Model\ResourceInterface;
  24. use Sylius\Component\Resource\Repository\RepositoryInterface;
  25. use Sylius\Component\Resource\ResourceActions;
  26. use Symfony\Component\DependencyInjection\ContainerAwareTrait;
  27. use Symfony\Component\DependencyInjection\ContainerInterface;
  28. use Symfony\Component\HttpFoundation\Request;
  29. use Symfony\Component\HttpFoundation\Response;
  30. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  31. use Symfony\Component\HttpKernel\Exception\HttpException;
  32. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  33. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  35. class ResourceController
  36. {
  37.     use ControllerTrait;
  38.     use ContainerAwareTrait;
  40.     protected MetadataInterface $metadata;
  42.     protected RequestConfigurationFactoryInterface $requestConfigurationFactory;
  44.     protected ?ViewHandlerInterface $viewHandler;
  46.     protected RepositoryInterface $repository;
  48.     protected FactoryInterface $factory;
  50.     protected NewResourceFactoryInterface $newResourceFactory;
  52.     protected ObjectManager $manager;
  54.     protected SingleResourceProviderInterface $singleResourceProvider;
  56.     protected ResourcesCollectionProviderInterface $resourcesCollectionProvider;
  58.     protected ResourceFormFactoryInterface $resourceFormFactory;
  60.     protected RedirectHandlerInterface $redirectHandler;
  62.     protected FlashHelperInterface $flashHelper;
  64.     protected AuthorizationCheckerInterface $authorizationChecker;
  66.     protected EventDispatcherInterface $eventDispatcher;
  68.     protected ?StateMachineInterface $stateMachine;
  70.     protected ResourceUpdateHandlerInterface $resourceUpdateHandler;
  72.     protected ResourceDeleteHandlerInterface $resourceDeleteHandler;
  74.     public function __construct(
  75.         MetadataInterface $metadata,
  76.         RequestConfigurationFactoryInterface $requestConfigurationFactory,
  77.         ?ViewHandlerInterface $viewHandler,
  78.         RepositoryInterface $repository,
  79.         FactoryInterface $factory,
  80.         NewResourceFactoryInterface $newResourceFactory,
  81.         ObjectManager $manager,
  82.         SingleResourceProviderInterface $singleResourceProvider,
  83.         ResourcesCollectionProviderInterface $resourcesFinder,
  84.         ResourceFormFactoryInterface $resourceFormFactory,
  85.         RedirectHandlerInterface $redirectHandler,
  86.         FlashHelperInterface $flashHelper,
  87.         AuthorizationCheckerInterface $authorizationChecker,
  88.         EventDispatcherInterface $eventDispatcher,
  89.         ?StateMachineInterface $stateMachine,
  90.         ResourceUpdateHandlerInterface $resourceUpdateHandler,
  91.         ResourceDeleteHandlerInterface $resourceDeleteHandler,
  92.     ) {
  93.         $this->metadata $metadata;
  94.         $this->requestConfigurationFactory $requestConfigurationFactory;
  95.         $this->viewHandler $viewHandler;
  96.         $this->repository $repository;
  97.         $this->factory $factory;
  98.         $this->newResourceFactory $newResourceFactory;
  99.         $this->manager $manager;
  100.         $this->singleResourceProvider $singleResourceProvider;
  101.         $this->resourcesCollectionProvider $resourcesFinder;
  102.         $this->resourceFormFactory $resourceFormFactory;
  103.         $this->redirectHandler $redirectHandler;
  104.         $this->flashHelper $flashHelper;
  105.         $this->authorizationChecker $authorizationChecker;
  106.         $this->eventDispatcher $eventDispatcher;
  107.         $this->stateMachine $stateMachine;
  108.         $this->resourceUpdateHandler $resourceUpdateHandler;
  109.         $this->resourceDeleteHandler $resourceDeleteHandler;
  110.     }
  112.     public function showAction(Request $request): Response
  113.     {
  114.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  116.         $this->isGrantedOr403($configurationResourceActions::SHOW);
  117.         $resource $this->findOr404($configuration);
  119.         $event $this->eventDispatcher->dispatch(ResourceActions::SHOW$configuration$resource);
  120.         $eventResponse $event->getResponse();
  121.         if (null !== $eventResponse) {
  122.             return $eventResponse;
  123.         }
  125.         if ($configuration->isHtmlRequest()) {
  126.             return $this->render($configuration->getTemplate(ResourceActions::SHOW '.html'), [
  127.                 'configuration' => $configuration,
  128.                 'metadata' => $this->metadata,
  129.                 'resource' => $resource,
  130.                 $this->metadata->getName() => $resource,
  131.             ]);
  132.         }
  134.         return $this->createRestView($configuration$resource);
  135.     }
  137.     public function indexAction(Request $request): Response
  138.     {
  139.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  141.         $this->isGrantedOr403($configurationResourceActions::INDEX);
  142.         $resources $this->resourcesCollectionProvider->get($configuration$this->repository);
  144.         $event $this->eventDispatcher->dispatchMultiple(ResourceActions::INDEX$configuration$resources);
  145.         $eventResponse $event->getResponse();
  146.         if (null !== $eventResponse) {
  147.             return $eventResponse;
  148.         }
  150.         if ($configuration->isHtmlRequest()) {
  151.             return $this->render($configuration->getTemplate(ResourceActions::INDEX '.html'), [
  152.                 'configuration' => $configuration,
  153.                 'metadata' => $this->metadata,
  154.                 'resources' => $resources,
  155.                 $this->metadata->getPluralName() => $resources,
  156.             ]);
  157.         }
  159.         return $this->createRestView($configuration$resources);
  160.     }
  162.     public function createAction(Request $request): Response
  163.     {
  164.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  166.         $this->isGrantedOr403($configurationResourceActions::CREATE);
  167.         $newResource $this->newResourceFactory->create($configuration$this->factory);
  169.         $form $this->resourceFormFactory->create($configuration$newResource);
  170.         $form->handleRequest($request);
  172.         if ($request->isMethod('POST') && $form->isSubmitted() && $form->isValid()) {
  173.             $newResource $form->getData();
  175.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::CREATE$configuration$newResource);
  177.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  178.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  179.             }
  180.             if ($event->isStopped()) {
  181.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  183.                 $eventResponse $event->getResponse();
  184.                 if (null !== $eventResponse) {
  185.                     return $eventResponse;
  186.                 }
  188.                 return $this->redirectHandler->redirectToIndex($configuration$newResource);
  189.             }
  191.             if ($configuration->hasStateMachine()) {
  192.                 $stateMachine $this->getStateMachine();
  193.                 $stateMachine->apply($configuration$newResource);
  194.             }
  196.             $this->repository->add($newResource);
  198.             if ($configuration->isHtmlRequest()) {
  199.                 $this->flashHelper->addSuccessFlash($configurationResourceActions::CREATE$newResource);
  200.             }
  202.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::CREATE$configuration$newResource);
  204.             if (!$configuration->isHtmlRequest()) {
  205.                 return $this->createRestView($configuration$newResourceResponse::HTTP_CREATED);
  206.             }
  208.             $postEventResponse $postEvent->getResponse();
  209.             if (null !== $postEventResponse) {
  210.                 return $postEventResponse;
  211.             }
  213.             return $this->redirectHandler->redirectToResource($configuration$newResource);
  214.         }
  215.         if ($request->isMethod('POST') && $form->isSubmitted() && !$form->isValid()) {
  216.             $responseCode Response::HTTP_UNPROCESSABLE_ENTITY;
  217.         }
  219.         if (!$configuration->isHtmlRequest()) {
  220.             return $this->createRestView($configuration$formResponse::HTTP_BAD_REQUEST);
  221.         }
  223.         $initializeEvent $this->eventDispatcher->dispatchInitializeEvent(ResourceActions::CREATE$configuration$newResource);
  224.         $initializeEventResponse $initializeEvent->getResponse();
  225.         if (null !== $initializeEventResponse) {
  226.             return $initializeEventResponse;
  227.         }
  229.         return $this->render($configuration->getTemplate(ResourceActions::CREATE '.html'), [
  230.             'configuration' => $configuration,
  231.             'metadata' => $this->metadata,
  232.             'resource' => $newResource,
  233.             $this->metadata->getName() => $newResource,
  234.             'form' => $form->createView(),
  235.         ], null$responseCode ?? Response::HTTP_OK);
  236.     }
  238.     public function updateAction(Request $request): Response
  239.     {
  240.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  242.         $this->isGrantedOr403($configurationResourceActions::UPDATE);
  243.         $resource $this->findOr404($configuration);
  245.         $form $this->resourceFormFactory->create($configuration$resource);
  246.         $form->handleRequest($request);
  248.         if (
  249.             in_array($request->getMethod(), ['POST''PUT''PATCH'], true) &&
  250.             $form->isSubmitted() &&
  251.             $form->isValid()
  252.         ) {
  253.             $resource $form->getData();
  255.             /** @var ResourceControllerEvent $event */
  256.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::UPDATE$configuration$resource);
  258.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  259.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  260.             }
  261.             if ($event->isStopped()) {
  262.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  264.                 $eventResponse $event->getResponse();
  265.                 if (null !== $eventResponse) {
  266.                     return $eventResponse;
  267.                 }
  269.                 return $this->redirectHandler->redirectToResource($configuration$resource);
  270.             }
  272.             try {
  273.                 $this->resourceUpdateHandler->handle($resource$configuration$this->manager);
  274.             } catch (UpdateHandlingException $exception) {
  275.                 if (!$configuration->isHtmlRequest()) {
  276.                     return $this->createRestView($configuration$form$exception->getApiResponseCode());
  277.                 }
  279.                 $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  281.                 return $this->redirectHandler->redirectToReferer($configuration);
  282.             }
  284.             if ($configuration->isHtmlRequest()) {
  285.                 $this->flashHelper->addSuccessFlash($configurationResourceActions::UPDATE$resource);
  286.             }
  288.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::UPDATE$configuration$resource);
  290.             if (!$configuration->isHtmlRequest()) {
  291.                 if ($configuration->getParameters()->get('return_content'false)) {
  292.                     return $this->createRestView($configuration$resourceResponse::HTTP_OK);
  293.                 }
  295.                 return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  296.             }
  298.             $postEventResponse $postEvent->getResponse();
  299.             if (null !== $postEventResponse) {
  300.                 return $postEventResponse;
  301.             }
  303.             return $this->redirectHandler->redirectToResource($configuration$resource);
  304.         }
  305.         if (in_array($request->getMethod(), ['POST''PUT''PATCH'], true) && $form->isSubmitted() && !$form->isValid()) {
  306.             $responseCode Response::HTTP_UNPROCESSABLE_ENTITY;
  307.         }
  309.         if (!$configuration->isHtmlRequest()) {
  310.             return $this->createRestView($configuration$formResponse::HTTP_BAD_REQUEST);
  311.         }
  313.         $initializeEvent $this->eventDispatcher->dispatchInitializeEvent(ResourceActions::UPDATE$configuration$resource);
  314.         $initializeEventResponse $initializeEvent->getResponse();
  315.         if (null !== $initializeEventResponse) {
  316.             return $initializeEventResponse;
  317.         }
  319.         return $this->render($configuration->getTemplate(ResourceActions::UPDATE '.html'), [
  320.             'configuration' => $configuration,
  321.             'metadata' => $this->metadata,
  322.             'resource' => $resource,
  323.             $this->metadata->getName() => $resource,
  324.             'form' => $form->createView(),
  325.         ], null$responseCode ?? Response::HTTP_OK);
  326.     }
  328.     public function deleteAction(Request $request): Response
  329.     {
  330.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  332.         $this->isGrantedOr403($configurationResourceActions::DELETE);
  333.         $resource $this->findOr404($configuration);
  335.         if ($configuration->isCsrfProtectionEnabled() && !$this->isCsrfTokenValid((string) $resource->getId(), (string) $request->request->get('_csrf_token'))) {
  336.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid csrf token.');
  337.         }
  339.         $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::DELETE$configuration$resource);
  341.         if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  342.             throw new HttpException($event->getErrorCode(), $event->getMessage());
  343.         }
  344.         if ($event->isStopped()) {
  345.             $this->flashHelper->addFlashFromEvent($configuration$event);
  347.             $eventResponse $event->getResponse();
  348.             if (null !== $eventResponse) {
  349.                 return $eventResponse;
  350.             }
  352.             return $this->redirectHandler->redirectToIndex($configuration$resource);
  353.         }
  355.         try {
  356.             $this->resourceDeleteHandler->handle($resource$this->repository);
  357.         } catch (DeleteHandlingException $exception) {
  358.             if (!$configuration->isHtmlRequest()) {
  359.                 return $this->createRestView($configurationnull$exception->getApiResponseCode());
  360.             }
  362.             $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  364.             return $this->redirectHandler->redirectToReferer($configuration);
  365.         }
  367.         if ($configuration->isHtmlRequest()) {
  368.             $this->flashHelper->addSuccessFlash($configurationResourceActions::DELETE$resource);
  369.         }
  371.         $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::DELETE$configuration$resource);
  373.         if (!$configuration->isHtmlRequest()) {
  374.             return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  375.         }
  377.         $postEventResponse $postEvent->getResponse();
  378.         if (null !== $postEventResponse) {
  379.             return $postEventResponse;
  380.         }
  382.         return $this->redirectHandler->redirectToIndex($configuration$resource);
  383.     }
  385.     public function bulkDeleteAction(Request $request): Response
  386.     {
  387.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  389.         $this->isGrantedOr403($configurationResourceActions::BULK_DELETE);
  390.         $resources $this->resourcesCollectionProvider->get($configuration$this->repository);
  392.         if (
  393.             $configuration->isCsrfProtectionEnabled() &&
  394.             !$this->isCsrfTokenValid(ResourceActions::BULK_DELETE, (string) $request->request->get('_csrf_token'))
  395.         ) {
  396.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid csrf token.');
  397.         }
  399.         $this->eventDispatcher->dispatchMultiple(ResourceActions::BULK_DELETE$configuration$resources);
  401.         foreach ($resources as $resource) {
  402.             $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::DELETE$configuration$resource);
  404.             if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  405.                 throw new HttpException($event->getErrorCode(), $event->getMessage());
  406.             }
  407.             if ($event->isStopped()) {
  408.                 $this->flashHelper->addFlashFromEvent($configuration$event);
  410.                 $eventResponse $event->getResponse();
  411.                 if (null !== $eventResponse) {
  412.                     return $eventResponse;
  413.                 }
  415.                 return $this->redirectHandler->redirectToIndex($configuration$resource);
  416.             }
  418.             try {
  419.                 $this->resourceDeleteHandler->handle($resource$this->repository);
  420.             } catch (DeleteHandlingException $exception) {
  421.                 if (!$configuration->isHtmlRequest()) {
  422.                     return $this->createRestView($configurationnull$exception->getApiResponseCode());
  423.                 }
  425.                 $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  427.                 return $this->redirectHandler->redirectToReferer($configuration);
  428.             }
  430.             $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::DELETE$configuration$resource);
  431.         }
  433.         if (!$configuration->isHtmlRequest()) {
  434.             return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  435.         }
  437.         $this->flashHelper->addSuccessFlash($configurationResourceActions::BULK_DELETE);
  439.         if (isset($postEvent)) {
  440.             $postEventResponse $postEvent->getResponse();
  441.             if (null !== $postEventResponse) {
  442.                 return $postEventResponse;
  443.             }
  444.         }
  446.         return $this->redirectHandler->redirectToIndex($configuration);
  447.     }
  449.     public function applyStateMachineTransitionAction(Request $request): Response
  450.     {
  451.         $stateMachine $this->getStateMachine();
  452.         $configuration $this->requestConfigurationFactory->create($this->metadata$request);
  454.         $this->isGrantedOr403($configurationResourceActions::UPDATE);
  455.         $resource $this->findOr404($configuration);
  457.         if ($configuration->isCsrfProtectionEnabled() && !$this->isCsrfTokenValid((string) $resource->getId(), $request->get('_csrf_token'))) {
  458.             throw new HttpException(Response::HTTP_FORBIDDEN'Invalid CSRF token.');
  459.         }
  461.         $event $this->eventDispatcher->dispatchPreEvent(ResourceActions::UPDATE$configuration$resource);
  463.         if ($event->isStopped() && !$configuration->isHtmlRequest()) {
  464.             throw new HttpException($event->getErrorCode(), $event->getMessage());
  465.         }
  466.         if ($event->isStopped()) {
  467.             $this->flashHelper->addFlashFromEvent($configuration$event);
  469.             $eventResponse $event->getResponse();
  470.             if (null !== $eventResponse) {
  471.                 return $eventResponse;
  472.             }
  474.             return $this->redirectHandler->redirectToResource($configuration$resource);
  475.         }
  477.         if (!$stateMachine->can($configuration$resource)) {
  478.             throw new BadRequestHttpException();
  479.         }
  481.         try {
  482.             $this->resourceUpdateHandler->handle($resource$configuration$this->manager);
  483.         } catch (UpdateHandlingException $exception) {
  484.             if (!$configuration->isHtmlRequest()) {
  485.                 return $this->createRestView($configuration$resource$exception->getApiResponseCode());
  486.             }
  488.             $this->flashHelper->addErrorFlash($configuration$exception->getFlash());
  490.             return $this->redirectHandler->redirectToReferer($configuration);
  491.         }
  493.         if ($configuration->isHtmlRequest()) {
  494.             $this->flashHelper->addSuccessFlash($configurationResourceActions::UPDATE$resource);
  495.         }
  497.         $postEvent $this->eventDispatcher->dispatchPostEvent(ResourceActions::UPDATE$configuration$resource);
  499.         if (!$configuration->isHtmlRequest()) {
  500.             if ($configuration->getParameters()->get('return_content'true)) {
  501.                 return $this->createRestView($configuration$resourceResponse::HTTP_OK);
  502.             }
  504.             return $this->createRestView($configurationnullResponse::HTTP_NO_CONTENT);
  505.         }
  507.         $postEventResponse $postEvent->getResponse();
  508.         if (null !== $postEventResponse) {
  509.             return $postEventResponse;
  510.         }
  512.         return $this->redirectHandler->redirectToResource($configuration$resource);
  513.     }
  515.     /**
  516.      * @return mixed
  517.      */
  518.     protected function getParameter(string $name)
  519.     {
  520.         if (!$this->container instanceof ContainerInterface) {
  521.             throw new \RuntimeException(sprintf(
  522.                 'Container passed to "%s" has to implements "%s".',
  523.                 self::class,
  524.                 ContainerInterface::class,
  525.             ));
  526.         }
  528.         return $this->container->getParameter($name);
  529.     }
  531.     /**
  532.      * @throws AccessDeniedException
  533.      */
  534.     protected function isGrantedOr403(RequestConfiguration $configurationstring $permission): void
  535.     {
  536.         if (!$configuration->hasPermission()) {
  537.             return;
  538.         }
  540.         $permission $configuration->getPermission($permission);
  542.         if (!$this->authorizationChecker->isGranted($configuration$permission)) {
  543.             throw new AccessDeniedException();
  544.         }
  545.     }
  547.     /**
  548.      * @throws NotFoundHttpException
  549.      */
  550.     protected function findOr404(RequestConfiguration $configuration): ResourceInterface
  551.     {
  552.         if (null === $resource $this->singleResourceProvider->get($configuration$this->repository)) {
  553.             throw new NotFoundHttpException(sprintf('The "%s" has not been found'$this->metadata->getHumanizedName()));
  554.         }
  556.         return $resource;
  557.     }
  559.     /**
  560.      * @param mixed $data
  561.      */
  562.     protected function createRestView(RequestConfiguration $configuration$dataint $statusCode null): Response
  563.     {
  564.         if (null === $this->viewHandler) {
  565.             throw new \LogicException('You can not use the "non-html" request if FriendsOfSymfony Rest Bundle is not available. Try running "composer require friendsofsymfony/rest-bundle".');
  566.         }
  568.         $view View::create($data$statusCode);
  570.         return $this->viewHandler->handle($configuration$view);
  571.     }
  573.     protected function getStateMachine(): StateMachineInterface
  574.     {
  575.         if (null === $this->stateMachine) {
  576.             throw new \LogicException('You can not use the "state-machine" if Winzou State Machine Bundle is not available. Try running "composer require winzou/state-machine-bundle".');
  577.         }
  579.         return $this->stateMachine;
  580.     }
  581. }