StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POCustom annotation conflict with @secure from jms/SecurityExtraBundle
text
Body
copied!<p>I have writted an annotation who throw an AccesDeniedException when the action is not called by an AJAX request (XMLHttpRequest).</p> <p>It work but when I want to use the @Secure(roles="A") annotation from JMS/SecurityExtraBundle it don't work like I omitted my custom exception.</p> <p>Controller </p> <pre><code>namespace Mendrock\Bundle\SagaBundle\Controller; use JMS\SecurityExtraBundle\Annotation\Secure; use Symfony\Component\HttpFoundation\Request; use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template; use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method; use Mendrock\Bundle\SagaBundle\Entity\Saison; use Mendrock\Bundle\SagaBundle\Form\SaisonType; use Mendrock\Bundle\ExtraBundle\Annotation\XmlHttpRequest; /** * @Route("/episodesAjax") */ class EpisodeController extends Controller { /** * @XmlHttpRequest() * @Secure(roles="ROLE_SUPER_ADMIN") * * @Route("/saisonAdd", options={"expose"=true}) * @Template() */ public function saisonAddAction() { $entity = new Saison(); $form = $this->createForm(new SaisonType(), $entity); return array( 'entity' => $entity, 'form' => $form->createView(), ); } </code></pre> <p>Annotation </p> <pre><code>namespace Mendrock\Bundle\ExtraBundle\Annotation; use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; /** * @Annotation */ class XmlHttpRequest { public $message = 'The action could be an XMLHttpRequest call.'; public function checkRequest($event){ if (!$event->getRequest()->isXmlHttpRequest()) { throw new AccessDeniedHttpException($this->message); } } public function execute($event){ $this->checkRequest($event); } } </code></pre> <p>Listener </p> <pre><code>namespace Mendrock\Bundle\ExtraBundle\Listener; use Doctrine\Common\Annotations\Reader; use Symfony\Component\HttpKernel\Event\FilterControllerEvent; use Mendrock\Bundle\ExtraBundle\Annotation\XmlHttpRequest; class EventListener { private $reader; public function __construct(Reader $reader) { $this->reader = $reader; } /** * This event will fire during any controller call */ public function onKernelController(FilterControllerEvent $event) { if (!is_array($controller = $event->getController())) { return; } $method = new \ReflectionMethod($controller[0], $controller[1]); foreach ($this->reader->getMethodAnnotations($method) as $configuration) { if ($configuration instanceof XmlHttpRequest) { $configuration->execute($event); } } } } </code></pre> <p>Any idea why I can't use at the same time <code>@Secure(...)</code> and <code>@XMLHttpRequest</code>?</p> <p>Edit: </p> <p>services.yml</p> <pre><code>services: annotations.xmlhttprequest: class: Mendrock\Bundle\ExtraBundle\Listener\EventListener tags: [{name: kernel.event_listener, event: kernel.controller, method: onKernelController}] arguments: [@annotation_reader] </code></pre>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload