46 lines
1.6 KiB
PHP
46 lines
1.6 KiB
PHP
<?php
|
|
// src/Security/UserChecker.php
|
|
namespace App\Security;
|
|
|
|
use App\Entity\UsersOrganizations;
|
|
use Doctrine\ORM\EntityManagerInterface;
|
|
use Symfony\Component\Security\Core\User\UserCheckerInterface;
|
|
use Symfony\Component\Security\Core\User\UserInterface;
|
|
use Symfony\Component\Security\Core\Exception\CustomUserMessageAccountStatusException;
|
|
|
|
class UserChecker implements UserCheckerInterface
|
|
{
|
|
public function __construct(private readonly EntityManagerInterface $entityManager)
|
|
{
|
|
}
|
|
|
|
public function checkPreAuth(UserInterface $user): void
|
|
{
|
|
// runs before password is checked
|
|
}
|
|
|
|
public function checkPostAuth(UserInterface $user): void
|
|
{
|
|
//if not Super admin, perform checks
|
|
// runs after credentials are validated
|
|
if (method_exists($user, 'isDeleted') && $user->isDeleted()) {
|
|
throw new CustomUserMessageAccountStatusException('Votre compte a été supprimé.');
|
|
}
|
|
|
|
// check if the user account is active
|
|
if (method_exists($user, 'isActive') && !$user->isActive()) {
|
|
throw new CustomUserMessageAccountStatusException('Votre compte est désactivé.');
|
|
}
|
|
if (!in_array('ROLE_SUPER_ADMIN', $user->getRoles(), true))
|
|
{
|
|
|
|
//check if the user is in an organization
|
|
$uo = $this->entityManager->getRepository(UsersOrganizations::class)->findOneBy(['users' => $user, 'isActive' => true]);
|
|
if (!$uo) {
|
|
throw new CustomUserMessageAccountStatusException('Vous n\'êtes pas relié à une organisation. veuillez contacter un administrateur.');
|
|
}
|
|
}
|
|
|
|
}
|
|
}
|