vendor/dachcom-digital/members/src/MembersBundle/EventListener/AssetFrontendPathListener.php line 37

Open in your IDE?
  1. <?php
  3. namespace MembersBundle\EventListener;
  5. use MembersBundle\Configuration\Configuration;
  6. use MembersBundle\Security\RestrictionUri;
  7. use Pimcore\Event\FrontendEvents;
  8. use Pimcore\Http\Request\Resolver\PimcoreContextResolver;
  9. use Pimcore\Model\Asset;
  10. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  11. use Symfony\Component\EventDispatcher\GenericEvent;
  12. use Symfony\Component\HttpFoundation\Request;
  13. use Symfony\Component\HttpFoundation\RequestStack;
  14. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  16. class AssetFrontendPathListener implements EventSubscriberInterface
  17. {
  18.     public function __construct(
  19.         protected Configuration $configuration,
  20.         protected RequestStack $requestStack,
  21.         protected PimcoreContextResolver $contextResolver,
  22.         protected RestrictionUri $restrictionUri
  23.     ) {
  24.     }
  26.     public static function getSubscribedEvents(): array
  27.     {
  28.         return [
  29.             FrontendEvents::ASSET_PATH                     => 'checkAssetPath',
  30.             FrontendEvents::ASSET_VIDEO_THUMBNAIL          => 'checkVideoThumbnailPath',
  31.             FrontendEvents::ASSET_VIDEO_IMAGE_THUMBNAIL    => 'checkVideoImageThumbnailPath',
  32.             FrontendEvents::ASSET_DOCUMENT_IMAGE_THUMBNAIL => 'checkDocumentImageThumbnailPath',
  33.             FrontendEvents::ASSET_IMAGE_THUMBNAIL          => 'checkImageThumbnailPath',
  34.         ];
  35.     }
  37.     public function checkAssetPath(GenericEvent $event): void
  38.     {
  39.         if ($this->contextMatches() === false) {
  40.             return;
  41.         }
  43.         if (!$event->getSubject() instanceof Asset) {
  44.             return;
  45.         }
  47.         $this->checkAsset($event$event->getSubject());
  48.     }
  50.     public function checkVideoThumbnailPath(GenericEvent $event): void
  51.     {
  52.         if ($this->contextMatches() === false) {
  53.             return;
  54.         }
  56.         if (!$event->getSubject() instanceof Asset) {
  57.             return;
  58.         }
  60.         $this->checkAsset($event$event->getSubject());
  61.     }
  63.     public function checkVideoImageThumbnailPath(GenericEvent $event): void
  64.     {
  65.         if ($this->contextMatches() === false) {
  66.             return;
  67.         }
  69.         $thumbnail $event->getSubject();
  70.         if (!$thumbnail instanceof Asset\Video\ImageThumbnail) {
  71.             return;
  72.         }
  74.         $this->checkAsset($event$thumbnail->getAsset());
  75.     }
  77.     public function checkDocumentImageThumbnailPath(GenericEvent $event): void
  78.     {
  79.         if ($this->contextMatches() === false) {
  80.             return;
  81.         }
  83.         $thumbnail $event->getSubject();
  84.         if (!$thumbnail instanceof Asset\Document\ImageThumbnail) {
  85.             return;
  86.         }
  88.         $this->checkAsset($event$thumbnail->getAsset());
  89.     }
  91.     public function checkImageThumbnailPath(GenericEvent $event): void
  92.     {
  93.         if ($this->contextMatches() === false) {
  94.             return;
  95.         }
  97.         $thumbnail $event->getSubject();
  98.         if (!$thumbnail instanceof Asset\Image\Thumbnail) {
  99.             return;
  100.         }
  102.         $this->checkAsset($event$thumbnail->getAsset());
  103.     }
  105.     private function checkAsset(GenericEvent $eventAsset $asset): void
  106.     {
  107.         if (!$event->hasArgument('frontendPath')) {
  108.             return;
  109.         }
  111.         $publicAssetPath $this->restrictionUri->generatePublicAssetUrl($asset$event->getArgument('frontendPath'));
  113.         if ($publicAssetPath === null) {
  114.             return;
  115.         }
  117.         $event->setArgument('frontendPath'$publicAssetPath);
  118.     }
  120.     private function contextMatches(): bool
  121.     {
  122.         $restrictionConfig $this->configuration->getConfig('restriction');
  124.         if ($restrictionConfig['enabled'] === false) {
  125.             return false;
  126.         }
  128.         if ($restrictionConfig['enable_public_asset_path_protection'] === false) {
  129.             return false;
  130.         }
  132.         if (!$this->requestStack->getMainRequest() instanceof Request) {
  133.             return false;
  134.         }
  136.         if (!$this->contextResolver->matchesPimcoreContext($this->requestStack->getMainRequest(), PimcoreContextResolver::CONTEXT_DEFAULT)) {
  137.             return false;
  138.         }
  140.         return true;
  141.     }
  142. }