CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
MissingPrivilegeException example
#[Route(path: '/api/_admin/search', name: 'api.admin.search', defaults: ['_routeScope' => ['administration']], methods: ['POST'])]
public function search(Request $request, Context $context): Response
{
$criteriaCollection = $this->buildSearchEntities($request, $context);
$violations = [];
foreach ($criteriaCollection as $entity => $criteria) {
$missing = $this->criteriaValidator->validate($entity, $criteria, $context);
if (!empty($missing)) {
$violations[$entity] = (new MissingPrivilegeException($missing))->getErrors()->current();
$criteriaCollection->remove($entity);
}
}
$results = $this->searcher->search($criteriaCollection, $context);
foreach ($results as $entityName => $result) {
if (!$criteriaCollection->has($entityName)) {
continue;
}
{
$criteriaCollection = $this->buildSearchEntities($request, $context);
$violations = [];
foreach ($criteriaCollection as $entity => $criteria) {
$missing = $this->criteriaValidator->validate($entity, $criteria, $context);
if (!empty($missing)) {
$violations[$entity] = (new MissingPrivilegeException($missing))->getErrors()->current();
$criteriaCollection->remove($entity);
}
}
$results = $this->searcher->search($criteriaCollection, $context);
foreach ($results as $entityName => $result) {
if (!$criteriaCollection->has($entityName)) {
continue;
}
if ($this->isAdmin($userId)) {
return true;
}
$permissions = $this->fetchPermissions($userId);
$allAppsPrivileged = \in_array('app.all', $permissions, true);
$appPrivilegeName = \sprintf('app.%s', $appName);
$specificAppPrivileged = \in_array($appPrivilegeName, $permissions, true);
if (!($specificAppPrivileged || $allAppsPrivileged)) {
throw new MissingPrivilegeException([$appPrivilegeName]);
}
return true;
}
}
return true;
}
$permissions = $this->fetchPermissions($userId);
$allAppsPrivileged = \in_array('app.all', $permissions, true);
$appPrivilegeName = \sprintf('app.%s', $appName);
$specificAppPrivileged = \in_array($appPrivilegeName, $permissions, true);
if (!($specificAppPrivileged || $allAppsPrivileged)) {
throw new MissingPrivilegeException([$appPrivilegeName]);
}
return true;
}
}
$definition = $this->definitionInstanceRegistry->getByEntityName($sourceEntity);
$mappings = $profile->getMapping() ?? [];
$mappedKeys = array_column($mappings, 'key');
$propertyPaths = array_map(fn (string $key): array => explode('.', $key), $mappedKeys);
foreach ($propertyPaths as $properties) {
$missingPrivileges = $this->getMissingPrivilges($properties, $definition, $context, $missingPrivileges);
}
if (!empty($missingPrivileges)) {
throw new MissingPrivilegeException($missingPrivileges);
}
}
/** * @param array<string> $properties * @param array<string> $missingPrivileges * * @return array<string> */
private function getMissingPrivilges(
array $properties,
$mappings = $profile->getMapping() ?? [];
$mappedKeys = array_column($mappings, 'key');
$propertyPaths = array_map(fn (string $key): array => explode('.', $key), $mappedKeys);
foreach ($propertyPaths as $properties) {
$missingPrivileges = $this->getMissingPrivilges($properties, $definition, $context, $missingPrivileges);
}
if (!empty($missingPrivileges)) {
throw new MissingPrivilegeException($missingPrivileges);
}
}
/** * @param array<string> $properties * @param array<string> $missingPrivileges * * @return array<string> */
private function getMissingPrivilges(
array $properties,
public function get(string $key, ?string $salesChannelId = null)
{
if (!$salesChannelId) {
$salesChannelId = $this->salesChannelId;
}
if ($this->scriptAppInformation) {
$privileges = $this->fetchAppPrivileges($this->scriptAppInformation->getAppId());
if (!\in_array(self::PRIVILEGE, $privileges, true)) {
throw new MissingPrivilegeException([self::PRIVILEGE]);
}
}
return $this->systemConfigService->get($key, $salesChannelId);
}
/** * The `app()` method allows you to access the config values your app's configuration. * Notice that your app does not need any additional privileges to use this method, as you can only access your own app's configuration. * * @param string $key The name of the configuration value specified in the config.xml e.g. `exampleTextField`. * @param string|null $salesChannelId The SalesChannelId if you need the config value for a specific SalesChannel, if you don't provide a SalesChannelId, the one of the current Context is used as default. * * @return array|bool|float|int|string|null * * @example test-config/script.twig 5 1 Read your app's config value. */
self::API_UNSUPPORTED_ASSOCIATION_FIELD,
'Unsupported association for field {{ field }}',
['field' => $field]
);
}
/** * @param string[] $permissions */
public static function missingPrivileges(array $permissions): ShopwareHttpException
{
return new MissingPrivilegeException($permissions);
}
public static function missingReverseAssociation(string $entity, string $parentEntity): ShopwareHttpException
{
return new MissingReverseAssociation($entity, $parentEntity);
}
public static function definitionNotFound(DefinitionNotFoundException $exception): self
{
return new self(
Response::HTTP_NOT_FOUND,
'Unsupported association for field {{ field }}',
['field' => $field]
);
}
/** * @param string[] $permissions */
public static function missingPrivileges(array $permissions): ShopwareHttpException
{
return new MissingPrivilegeException($permissions);
}
public static function missingReverseAssociation(string $entity, string $parentEntity): ShopwareHttpException
{
return new MissingReverseAssociation($entity, $parentEntity);
}
public static function definitionNotFound(DefinitionNotFoundException $exception): self
{
return new self(
Response::HTTP_NOT_FOUND,
private function prepareCriteria(string $entityName, array $criteria): Criteria
{
$definition = $this->registry->getByEntityName($entityName);
$criteriaObject = new Criteria();
$this->criteriaBuilder->fromArray($criteria, $criteriaObject, $definition, $this->context);
$missingPermissions = $this->criteriaValidator->validate($entityName, $criteriaObject, $this->context);
if (!empty($missingPermissions)) {
throw new MissingPrivilegeException($missingPermissions);
}
return $criteriaObject;
}
}