app/Service/EventSubscriber/KernelErrorSubscriber.php line 113

Open in your IDE?
  1. <?php
  3. namespace Sq\Service\EventSubscriber;
  5. use Psr\Container\ContainerInterface;
  6. use Psr\Log\LoggerInterface;
  7. use Psr\Log\LogLevel;
  8. use Sq\Event\Kernel\InitialiseContainerEvent;
  9. use Sq\Exception\Controller\AdminAccessDeniedException;
  10. use Sq\Exception\Controller\MemberAccessDeniedException;
  11. use Sq\Exception\Controller\MFARequiredException;
  12. use Sq\Exception\Controller\MFAVerificationException;
  13. use Sq\Service\Environment;
  14. use Sq\Service\FeatureChecker;
  15. use Sq\Service\ReactApp;
  16. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  17. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  18. use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
  19. use Symfony\Component\HttpFoundation\JsonResponse;
  20. use Symfony\Component\HttpFoundation\RedirectResponse;
  21. use Symfony\Component\HttpFoundation\Request;
  22. use Symfony\Component\HttpFoundation\Response;
  23. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  24. use Symfony\Component\HttpKernel\EventListener\ErrorListener as SymfonyErrorListener;
  25. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  26. use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
  27. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  28. use Symfony\Component\HttpKernel\KernelEvents;
  29. use Symfony\Component\Routing\Exception\InvalidParameterException;
  30. use Symfony\Component\Routing\Exception\MethodNotAllowedException;
  31. use Symfony\Component\Routing\Exception\ResourceNotFoundException;
  33. class KernelErrorSubscriber implements EventSubscriberInterface
  34. {
  35.     /** @var Environment */
  36.     protected $environment;
  38.     /** @var EventDispatcherInterface */
  39.     protected $dispatcher;
  41.     /** @var LoggerInterface */
  42.     protected $logger;
  44.     /** @var FeatureChecker */
  45.     protected $featureChecker;
  47.     /** @var ContainerInterface */
  48.     protected $container;
  50.     /** @var ReactApp */
  51.     private $reactApp;
  53.     /** @var string[] */
  54.     protected $exceptionLogLevels = [
  55.         SuspiciousOperationException::class => LogLevel::ERROR,
  56.         MethodNotAllowedException::class => LogLevel::ERROR,
  57.         InvalidParameterException::class => LogLevel::ERROR,
  58.         BadRequestHttpException::class => LogLevel::ERROR,
  59.         ResourceNotFoundException::class => LogLevel::ERROR,
  60.     ];
  62.     public function __construct(
  63.         Environment $environment,
  64.         EventDispatcherInterface $dispatcher,
  65.         LoggerInterface $logger,
  66.         FeatureChecker $featureChecker,
  67.         ContainerInterface $container,
  68.         ReactApp $reactApp
  69.     ) {
  70.         $this->environment $environment;
  71.         $this->dispatcher $dispatcher;
  72.         $this->logger $logger;
  73.         $this->featureChecker $featureChecker;
  74.         $this->container $container;
  75.         $this->reactApp $reactApp;
  76.     }
  78.     public static function getSubscribedEvents()
  79.     {
  80.         return [
  81.             KernelEvents::EXCEPTION => ['onKernelException'],
  82.             InitialiseContainerEvent::class => ['onKernelInitialiseContainer']
  83.         ];
  84.     }
  86.     /**
  87.      * Removes the logKernelException listener as we do our own logging.
  88.      * For Symfony 5.x we will need to update this to remove the SymfonyExceptionListener.
  89.      */
  90.     public function onKernelInitialiseContainer()
  91.     {
  92.         $dispatcher $this->dispatcher;
  93.         $listeners $dispatcher->getListeners("kernel.exception");
  94.         foreach ($listeners as $listener)
  95.         {
  96.             if (is_array($listener)
  97.                 && ($listener[0] instanceof SymfonyErrorListener)
  98.                 && $listener[1] == "logKernelException"
  99.             ) {
  100.                 $dispatcher->removeListener("kernel.exception"$listener);
  101.                 break;
  102.             }
  103.         }
  104.     }
  106.     /**
  107.      * Handles kernel exceptions we want to (e.g. 404, 500, access denied).
  108.      *
  109.      * @param ExceptionEvent $event
  110.      *
  111.      * @throws \Exception
  112.      */
  113.     public function onKernelException(ExceptionEvent $event)
  114.     {
  115.         // You get the exception object from the received event
  116.         $throwable $event->getThrowable();
  117.         $response null;
  119.         switch (get_class($throwable))
  120.         {
  121.             case MFARequiredException::class:
  122.                 $response $this->handleMFARequired($event->getRequest());
  123.                 break;
  124.             case MFAVerificationException::class:
  125.                 $response $this->handleMFAVerification($event->getRequest());
  126.                 break;
  127.             case AdminAccessDeniedException::class:
  128.                 $response $this->handleAdminAccessDenied($event->getRequest());
  129.                 break;
  130.             case MemberAccessDeniedException::class:
  131.                 $response $this->handleMemberAccessDenied($event->getRequest());
  132.                 break;
  133.             case NotFoundHttpException::class:
  134.                 if ($this->reactApp->shouldUseReactForRequest())
  135.                 {
  136.                     try
  137.                     {
  138.                         $response $this->reactApp->renderReactApp();
  139.                         $event->allowCustomResponseCode();
  140.                     }
  141.                     catch (\Throwable $e)
  142.                     {
  143.                         $event->setThrowable($e);
  144.                     }
  145.                 }
  146.                 break;
  147.         }
  149.         $this->logError($throwable);
  151.         // Send the modified response object to the event
  152.         if ($response instanceof Response)
  153.         {
  154.             $event->setResponse($response);
  155.         }
  156.     }
  158.     /**
  159.      * Logs the error to the appropriate level.
  160.      *
  161.      * @param \Throwable $throwable
  162.      */
  163.     protected function logError(\Throwable $throwable)
  164.     {
  165.         $logLevel LogLevel::CRITICAL;
  167.         if ($throwable instanceof NotFoundHttpException || $throwable instanceof ResourceNotFoundException)
  168.         {
  169.             return;
  170.         }
  172.         if (($throwable instanceof HttpExceptionInterface && $throwable->getStatusCode() < 500) ||
  173.             $throwable instanceof MFARequiredException ||
  174.             $throwable instanceof MFAVerificationException ||
  175.             $throwable instanceof AdminAccessDeniedException ||
  176.             $throwable instanceof MemberAccessDeniedException
  177.         ) {
  178.             $logLevel LogLevel::ERROR;
  179.         }
  180.         if (array_key_exists(get_class($throwable), $this->exceptionLogLevels))
  181.         {
  182.             $logLevel $this->exceptionLogLevels[get_class($throwable)];
  183.         }
  185.         $this->logger->log($logLevel"{exception}", ['exception' => $throwable]);
  186.     }
  188.     /**
  189.      * Handle MFA required for this page.
  190.      * Public method, as it's used in admin_only.inc.php for legacy pages.
  191.      *
  192.      * @param Request $request
  193.      *
  194.      * @return Response|null
  195.      */
  196.     public function handleMFARequired(Request $request)
  197.     {
  198.         if ($request->isXmlHttpRequest())
  199.         {
  200.             return new JsonResponse(["status" => "ERROR""msg" => "MFA is required for this page"], 401);
  201.         }
  203.         return new RedirectResponse("/mfa/required?uri=" urlencode($request->getRequestUri()));
  204.     }
  206.     /**
  207.      * Handle MFA verification required for this page.
  208.      * Public method, as it's used in admin_only.inc.php for legacy pages.
  209.      *
  210.      * @param Request $request
  211.      *
  212.      * @return Response|null
  213.      */
  214.     public function handleMFAVerification(Request $request)
  215.     {
  216.         if ($request->isXmlHttpRequest())
  217.         {
  218.             return new JsonResponse(["status" => "ERROR""msg" => "MFA verification is required for this page"], 401);
  219.         }
  221.         return new RedirectResponse("/mfa/verify?r=" urlencode($request->getRequestUri()));
  222.     }
  224.     /**
  225.      * Handle denied attempt to a member page.
  226.      * Public method, as it's used in admin_only.inc.php for legacy pages.
  227.      *
  228.      * @param Request $request
  229.      *
  230.      * @return Response|null
  231.      */
  232.     public function handleAdminAccessDenied(Request $request)
  233.     {
  234.         if ($request->isXmlHttpRequest())
  235.         {
  236.             return new JsonResponse(["status" => "ERROR""msg" => "You must be logged in as an administrator"], 401);
  237.         }
  239.         return new RedirectResponse($request->getSchemeAndHttpHost());
  240.     }
  242.     /**
  243.      * Handle denied attempt to a member page.
  244.      * Public method, as it's used in members_only.inc.php for legacy pages.
  245.      *
  246.      * @param Request $request
  247.      *
  248.      * @return Response|null
  249.      */
  250.     public function handleMemberAccessDenied(Request $request)
  251.     {
  252.         if ($request->isXmlHttpRequest())
  253.         {
  254.             return new JsonResponse(["status" => "ERROR""msg" => "You are no longer logged in"], 401);
  255.         }
  257.         return new RedirectResponse($request->getSchemeAndHttpHost() . "/login?r=" urlencode(ltrim($request->getRequestUri(), "/")));
  258.     }
  259. }