<?phpdeclare(strict_types=1);namespace NetInventors\NetiNextAdminTools\Subscriber;use League\OAuth2\Server\Exception\OAuthServerException;use NetInventors\NetiNextAdminTools\Services\FilterCheck;use NetInventors\NetiNextAdminTools\Services\FilterCriteriaBuilder;use Shopware\Core\Framework\DataAbstractionLayer\Event\EntitySearchedEvent;use Shopware\Core\PlatformRequest;use Symfony\Component\EventDispatcher\EventSubscriberInterface;use Symfony\Component\HttpKernel\Event\ControllerEvent;use Symfony\Component\HttpKernel\KernelEvents;class ApiSubscriber implements EventSubscriberInterface{ public const ENTITY_NAME = 'neti_admin_tools_filter'; private FilterCriteriaBuilder $filterCriteriaBuilder; private FilterCheck $filterCheck; public function __construct( FilterCriteriaBuilder $filterCriteriaBuilder, FilterCheck $filterCheck ) { $this->filterCriteriaBuilder = $filterCriteriaBuilder; $this->filterCheck = $filterCheck; } public static function getSubscribedEvents(): array { return [ EntitySearchedEvent::class => 'onEntitySearched', KernelEvents::CONTROLLER => [ 'onKernelController', -100 ], ]; } /** * @throws OAuthServerException */ public function onEntitySearched(EntitySearchedEvent $event): void { if (static::ENTITY_NAME !== $event->getDefinition()->getEntityName()) { return; } $this->filterCriteriaBuilder->buildConditions( $event->getCriteria(), $event->getContext() ); } public function onKernelController(ControllerEvent $event) { $request = $event->getRequest(); $route = $request->get('_route'); $id = $request->get('id'); $updateRoute = \sprintf('api.%s.update', static::ENTITY_NAME); $deleteRoute = \sprintf('api.%s.delete', static::ENTITY_NAME); if (null === $id) { return; } if ($route !== $updateRoute && $route !== $deleteRoute) { return; } $this->filterCheck->checkUserForFilter( $id, $request->attributes->get(PlatformRequest::ATTRIBUTE_CONTEXT_OBJECT) ); }}