Class

eZ\Publish\Core\MVC\Symfony\Security\EventListener\SecurityListener

class SecurityListener implements EventSubscriberInterface

This security listener listens to security.interactive_login event to: - Give a chance to retrieve an eZ user when using multiple user providers - Check if user can actually login to the current SiteAccess.

Also listens to kernel.request to: - Check if current user (authenticated or not) can access to current SiteAccess

Methods

__construct(Repository $repository, ConfigResolverInterface $configResolver, EventDispatcherInterface $eventDispatcher, TokenStorageInterface $tokenStorage, AuthorizationCheckerInterface $authorizationChecker, $fragmentPath = '/_fragment')

static  getSubscribedEvents()

onInteractiveLogin(InteractiveLoginEvent $event)

Tries to retrieve a valid eZ user if authenticated user doesn't come from the repository (foreign user provider).

checkSiteAccessPermission(InteractiveLoginEvent $event)

Throws an UnauthorizedSiteAccessException if current user doesn't have permission to current SiteAccess.

onKernelRequest(GetResponseEvent $event)

Throws an UnauthorizedSiteAccessException if current user doesn't have access to current SiteAccess.

Details

at line 76
public __construct(Repository $repository, ConfigResolverInterface $configResolver, EventDispatcherInterface $eventDispatcher, TokenStorageInterface $tokenStorage, AuthorizationCheckerInterface $authorizationChecker, $fragmentPath = '/_fragment')

Parameters

Repository $repository
ConfigResolverInterface $configResolver
EventDispatcherInterface $eventDispatcher
TokenStorageInterface $tokenStorage
AuthorizationCheckerInterface $authorizationChecker
$fragmentPath

at line 92
static public getSubscribedEvents()

at line 111
public onInteractiveLogin(InteractiveLoginEvent $event)

Tries to retrieve a valid eZ user if authenticated user doesn't come from the repository (foreign user provider).

Will dispatch an event allowing listeners to return a valid eZ user for current authenticated user. Will by default let the repository load the anonymous user.

Parameters

InteractiveLoginEvent $event

at line 173
public checkSiteAccessPermission(InteractiveLoginEvent $event)

Throws an UnauthorizedSiteAccessException if current user doesn't have permission to current SiteAccess.

Parameters

InteractiveLoginEvent $event

Exceptions

UnauthorizedSiteAccessException

at line 195
public onKernelRequest(GetResponseEvent $event)

Throws an UnauthorizedSiteAccessException if current user doesn't have access to current SiteAccess.

Parameters

GetResponseEvent $event

Exceptions

UnauthorizedSiteAccessException