CaracoleBundle/EventSubscriber/User/UserRolesEventSubscriber.php

<?php

namespace Lc\CaracoleBundle\EventSubscriber\User;

use Doctrine\ORM\EntityManagerInterface;
use Lc\CaracoleBundle\Doctrine\Extension\FilterMerchantInterface;
use Lc\CaracoleBundle\Doctrine\Extension\FilterMultipleMerchantsInterface;
use Lc\CaracoleBundle\Doctrine\Extension\FilterSectionInterface;
use Lc\CaracoleBundle\Model\User\UserMerchantInterface;
use Lc\CaracoleBundle\Resolver\MerchantResolver;
use Lc\CaracoleBundle\Resolver\SectionResolver;
use Lc\SovBundle\Event\EntityManager\EntityManagerEvent;
use Lc\SovBundle\Model\User\UserInterface;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\ControllerEvent;
use Symfony\Component\HttpKernel\Event\KernelEvent;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Guard\Token\PostAuthenticationGuardToken;

class UserRolesEventSubscriber implements EventSubscriberInterface
{
    protected $em;
    protected $tokenStorage;
    protected $security;
    protected $merchantResolver;
    protected $sectionResolver;

    public function __construct(
            TokenStorageInterface $tokenStorage,
            EntityManagerInterface $entityManager,
            Security $security,
            MerchantResolver $merchantResolver,
            SectionResolver $sectionResolver
    ) {
        $this->em = $entityManager;
        $this->tokenStorage = $tokenStorage;
        $this->security = $tokenStorage;
        $this->merchantResolver = $merchantResolver;
        $this->sectionResolver = $sectionResolver;
    }

    public static function getSubscribedEvents()
    {
        return [
                KernelEvents::REQUEST => ['setUserRoles'],
        ];
    }

    public function setUserRoles(RequestEvent $event)
    {
        if (!$event->isMasterRequest()) {
            return;
        }

        if ($this->tokenStorage && $this->tokenStorage->getToken()) {
            $token = $this->tokenStorage->getToken();
            $sessionUser = $token->getUser();
            if($sessionUser instanceof UserInterface) {
                $roles = $this->merchantResolver->getUserMerchant($sessionUser)->getRoles();

                if($roles != $sessionUser->getRoles()) {
                    $sessionUser->setRoles($roles);
                    $this->em->update($sessionUser);
                    $this->em->flush();

                    $token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken(
                            $sessionUser,
                            null,
                            'main',
                            $sessionUser->getRoles()
                    );
                    $this->security->setToken($token);
                }

            }
/*
            // This check can be just `is_object` like in symfony core
            // we're explicit about the class used
            if ($sessionUser instanceof UserInterface) {
               /* if ($this->merchantResolver->getCurrent()->getId() == 2) {
                    $sessionUser->setRoles(array('ROLE_ADMIN', 'ROLE_BEST_USER'));
                }
                $this->tokenStorage->setToken(
                        new PostAuthenticationGuardToken($sessionUser, 'main', $sessionUser->getRoles())
                );
            }*/
        }
    }


}