<?phpdeclare(strict_types=1);/** * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony). * * Copyright (C) 2019 - 2020 Jan Böhmer (https://github.com/jbtronics) * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as published * by the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <https://www.gnu.org/licenses/>. */namespace App\EventSubscriber\LogSystem;use App\Entity\LogSystem\UserNotAllowedLogEntry;use App\Services\LogSystem\EventLogger;use Symfony\Component\EventDispatcher\EventSubscriberInterface;use Symfony\Component\HttpKernel\Event\ExceptionEvent;use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;use Symfony\Component\Security\Core\Exception\AccessDeniedException;/** * Write to event log when a user tries to access an forbidden page and recevies an 403 Access Denied message. */class LogAccessDeniedSubscriber implements EventSubscriberInterface{ private $logger; public function __construct(EventLogger $logger) { $this->logger = $logger; } public function onKernelException(ExceptionEvent $event): void { $throwable = $event->getThrowable(); if ($throwable instanceof AccessDeniedHttpException) { $throwable = $throwable->getPrevious(); } //Ignore everything except AccessDeniedExceptions if (!$throwable instanceof AccessDeniedException) { return; } $path = $event->getRequest()->getPathInfo(); $log_entry = new UserNotAllowedLogEntry($path); $this->logger->logAndFlush($log_entry); } public static function getSubscribedEvents() { return ['kernel.exception' => 'onKernelException']; }}