[TwigBridge] Create impersonation_exit_path() and *_url() functions

Amrouche Hamza · Amrouche Hamza · commit b84b82fa7efe · 2017-10-29T09:20:34.000+01:00
diff --git a/src/Symfony/Bridge/Twig/Extension/ImpersonateExitExtension.php b/src/Symfony/Bridge/Twig/Extension/ImpersonateExitExtension.php
@@ -0,0 +1,60 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Bridge\Twig\Extension;
+
+use Symfony\Component\Security\Http\Logout\ImpersonateUrlGenerator;
+use Twig\Extension\AbstractExtension;
+use Twig\TwigFunction;
+
+/**
+ * SecurityExtension exposes security context features.
+ *
+ * @author Amrouche Hamza <hamza.simperfit@gmail.com>
+ */
+class ImpersonateExitExtension extends AbstractExtension
+{
+    private $impersonateUrlGenerator;
+
+    public function __construct(ImpersonateUrlGenerator $impersonateUrlGenerator)
+    {
+        $this->impersonateUrlGenerator = $impersonateUrlGenerator;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getFunctions()
+    {
+        return array(
+            new TwigFunction('impersonation_exit_path', array($this, 'getImpersonateExitPath')),
+            new TwigFunction('impersonation_exit_url', array($this, 'getImpersonateExitUrl')),
+        );
+    }
+
+    public function getImpersonateExitPath()
+    {
+        $this->impersonateUrlGenerator->getImpersonateExitPath();
+    }
+
+    public function getImpersonateExitUrl()
+    {
+        $this->impersonateUrlGenerator->getImpersonateExitUrl();
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getName()
+    {
+        return 'impersonation_exit';
+    }
+}
diff --git a/src/Symfony/Component/Security/Http/Impersonate/ImpersonateUrlGenerator.php b/src/Symfony/Component/Security/Http/Impersonate/ImpersonateUrlGenerator.php
@@ -0,0 +1,129 @@
+<?php
+
+/*
+ * This file is part of the Symfony package.
+ *
+ * (c) Fabien Potencier <fabien@symfony.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Symfony\Component\Security\Http\Logout;
+
+use Symfony\Component\HttpFoundation\RequestStack;
+use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\Role\SwitchUserRole;
+use Symfony\Component\Security\Http\Firewall\SwitchUserListener;
+use Symfony\Component\Security\Http\FirewallMapInterface;
+use Symfony\Bundle\SecurityBundle\Security\FirewallMap;
+
+/**
+ * Provides generator functions for the impersonate url exit.
+ *
+ * @author Amrouche Hamza <hamza.simperfit@gmail.com>
+ */
+class ImpersonateUrlGenerator
+{
+    private $requestStack;
+    private $router;
+    private $tokenStorage;
+    private $firewallMap;
+
+    public function __construct(RequestStack $requestStack = null, UrlGeneratorInterface $router = null, TokenStorageInterface $tokenStorage = null, FirewallMapInterface $firewallMap)
+    {
+        $this->requestStack = $requestStack;
+        $this->router = $router;
+        $this->tokenStorage = $tokenStorage;
+        $this->firewallMap = $firewallMap;
+    }
+
+    /**
+     * Generates the absolute logout path for the firewall.
+     **.
+     *
+     * @return string The Impersonate exit path
+     */
+    public function getImpersonateExitPath()
+    {
+        return $this->generateImpersonateExitUrl(UrlGeneratorInterface::ABSOLUTE_PATH);
+    }
+
+    /**
+     * Generates the absolute logout URL for the firewall.
+     *
+     * @return string The Impersonate exit URL
+     */
+    public function getImpersonateExitUrl()
+    {
+        return $this->generateImpersonateExitUrl(UrlGeneratorInterface::ABSOLUTE_URL);
+    }
+
+    /**
+     * Generates the Impersonate exit URL for the firewall.
+     *
+     * @param int $referenceType The type of reference (one of the constants in UrlGeneratorInterface)
+     *
+     * @return string The Impersonate exit URL
+     */
+    private function generateImpersonateExitUrl($referenceType)
+    {
+        $request = $this->requestStack->getCurrentRequest();
+        $exitPath = null;
+        if ($this->firewallMap instanceof FirewallMap) {
+            $firewallConfig = $this->firewallMap->getFirewallConfig($request);
+
+            // generate exit impersonation path from current request
+            if ($this->getImpersonatedUser() && null !== $switchUserConfig = $firewallConfig->getSwitchUser()) {
+                $exitPath = $request->getRequestUri();
+                $exitPath .= null === $request->getQueryString() ? '?' : '&';
+                $exitPath .= sprintf(
+                    '%s=%s',
+                    urlencode($switchUserConfig['parameter']),
+                    SwitchUserListener::EXIT_VALUE
+                );
+            }
+        }
+        if (null === $exitPath) {
+            throw new \LogicException('Unable to generate the impersonate exit URL without a path.');
+        }
+
+        if ('/' === $exitPath[0]) {
+            if (!$this->requestStack) {
+                throw new \LogicException('Unable to generate the impersonate exit URL without a RequestStack.');
+            }
+
+            $url = UrlGeneratorInterface::ABSOLUTE_URL === $referenceType ? $request->getUriForPath($exitPath) : $request->getBaseUrl().$exitPath;
+
+            if (!empty($parameters)) {
+                $url .= '?'.http_build_query($parameters);
+            }
+        } else {
+            if (!$this->router) {
+                throw new \LogicException('Unable to generate the impersonate exit URL without a Router.');
+            }
+
+            $url = $this->router->generate($exitPath, array(), $referenceType);
+        }
+
+        return $url;
+    }
+
+    private function getImpersonatedUser()
+    {
+        $token = $this->tokenStorage->getToken();
+        if (null === $token) {
+            return false;
+        }
+
+        $assignedRoles = $token->getRoles();
+
+        $impersonatorUser = null;
+        foreach ($assignedRoles as $role) {
+            if ($role instanceof SwitchUserRole) {
+                return $role->getSource()->getUsername();
+            }
+        }
+    }
+}
