<?php

declare(strict_types=1);

/**
 * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
 *
 * Copyright (C) 2019 - 2020 Jan Böhmer (https://github.com/jbtronics)
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as published
 * by the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 */

namespace App\EventSubscriber\LogSystem;

use App\Entity\LogSystem\UserNotAllowedLogEntry;
use App\Services\LogSystem\EventLogger;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpKernel\Event\ExceptionEvent;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;

/**
 * Write to event log when a user tries to access an forbidden page and recevies an 403 Access Denied message.
 */
class LogAccessDeniedSubscriber implements EventSubscriberInterface
{
    private $logger;

    public function __construct(EventLogger $logger)
    {
        $this->logger = $logger;
    }

    public function onKernelException(ExceptionEvent $event): void
    {
        $throwable = $event->getThrowable();
        if ($throwable instanceof AccessDeniedHttpException) {
            $throwable = $throwable->getPrevious();
        }
        //Ignore everything except AccessDeniedExceptions
        if (! $throwable instanceof AccessDeniedException) {
            return;
        }

        $path = $event->getRequest()->getPathInfo();
        $log_entry = new UserNotAllowedLogEntry($path);
        $this->logger->logAndFlush($log_entry);
    }

    public static function getSubscribedEvents()
    {
        return ['kernel.exception' => 'onKernelException'];
    }
}