|
|
@@ -5,6 +5,7 @@ namespace App\EventListener;
|
|
|
use ApiPlatform\Symfony\EventListener\EventPriorities;
|
|
|
use App\Entity\Access\Access;
|
|
|
use App\Service\Doctrine\FiltersConfigurationService;
|
|
|
+use App\Service\Utils\ObjectUtils;
|
|
|
use App\Service\Utils\StringsUtils;
|
|
|
use Symfony\Bundle\SecurityBundle\Security;
|
|
|
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
|
|
|
@@ -15,9 +16,10 @@ use Symfony\Component\HttpKernel\KernelEvents;
|
|
|
class OnKernelRequestPreRead implements EventSubscriberInterface
|
|
|
{
|
|
|
public function __construct(
|
|
|
- private RequestStack $requestStack,
|
|
|
- private Security $security,
|
|
|
- private FiltersConfigurationService $filtersConfigurationService
|
|
|
+ private RequestStack $requestStack,
|
|
|
+ private Security $security,
|
|
|
+ private FiltersConfigurationService $filtersConfigurationService,
|
|
|
+ private readonly ObjectUtils $objectUtils
|
|
|
) {
|
|
|
}
|
|
|
|
|
|
@@ -45,8 +47,22 @@ class OnKernelRequestPreRead implements EventSubscriberInterface
|
|
|
);
|
|
|
|
|
|
if ($timeConstraintEnabled) {
|
|
|
+ // Configure les filtres pour prendre en compte les contraintes temporelles
|
|
|
$this->filtersConfigurationService->configureTimeConstraintFilters($access->getId());
|
|
|
}
|
|
|
+
|
|
|
+ $profileHash = $event->getRequest()->headers->get('profileHash');
|
|
|
+ if ($profileHash !== null) {
|
|
|
+ $profileMask = [
|
|
|
+ 'activityYear' => $access->getActivityYear(),
|
|
|
+ 'historical' => $access->getHistorical(),
|
|
|
+ ];
|
|
|
+ $expectedHash = $this->objectUtils->hash($profileMask, 'sha1');
|
|
|
+
|
|
|
+ if ($expectedHash !== $profileHash) {
|
|
|
+ throw new \RuntimeException('Invalid profile hash');
|
|
|
+ }
|
|
|
+ }
|
|
|
}
|
|
|
}
|
|
|
}
|
Olivier Massot