Skip to content

Commit 1cfa8b9

Browse files
silverbackdansilverbackdan
committed
Fix ComponentVoter sub request accept json header
1 parent ec9da1f commit 1cfa8b9

File tree

1 file changed

+13
-2
lines changed

1 file changed

+13
-2
lines changed

src/Security/Voter/ComponentVoter.php

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@
2424
use Symfony\Component\HttpKernel\HttpKernelInterface;
2525
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
2626
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
27+
use Symfony\Component\Serializer\Exception\NotEncodableValueException;
2728

2829
/**
2930
* @author Daniel West <[email protected]>
@@ -63,10 +64,11 @@ protected function voteOnAttribute($attribute, $subject, TokenInterface $token):
6364
if (!$request) {
6465
return true;
6566
}
67+
// TODO: if the subject is publishable, we should also check if there is a published version and the pages that one is in.
68+
// The draft will not be in any locations.
6669

6770
$pagesGenerator = $this->getComponentPages($subject);
6871
$pages = iterator_to_array($pagesGenerator);
69-
7072
// Check if accessible via any route
7173
$routes = $this->getComponentRoutesFromPages($pages);
7274
$routeCount = 0;
@@ -104,6 +106,7 @@ protected function voteOnAttribute($attribute, $subject, TokenInterface $token):
104106

105107
private function isRouteReachableResource(Route $route, Request $request): bool
106108
{
109+
dump($route);
107110
$path = $this->iriConverter->getIriFromResource($route);
108111

109112
return $this->isPathReachable($path, $request);
@@ -118,13 +121,17 @@ private function isPageDataReachableResource(AbstractPageData $pageData, Request
118121

119122
private function isPathReachable(string $path, Request $request): bool
120123
{
124+
$serverVars = $request->server->all();
125+
if (isset($serverVars['HTTP_ACCEPT'])) {
126+
$serverVars['HTTP_ACCEPT'] = 'application/ld+json,application/json,text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8';
127+
}
121128
$subRequest = Request::create(
122129
$path,
123130
Request::METHOD_GET,
124131
[],
125132
$request->cookies->all(),
126133
[],
127-
$request->server->all(),
134+
$serverVars,
128135
null
129136
);
130137

@@ -133,6 +140,10 @@ private function isPathReachable(string $path, Request $request): bool
133140

134141
return true;
135142
} catch (\Exception $e) {
143+
// unsupported format requested
144+
if ($e instanceof NotEncodableValueException) {
145+
return false;
146+
}
136147
if (\in_array($e->getCode(), [Response::HTTP_UNAUTHORIZED, Response::HTTP_FORBIDDEN], true)) {
137148
return false;
138149
}

0 commit comments

Comments
 (0)