diff --git a/Controller/AccompanyingPeriodController.php b/Controller/AccompanyingPeriodController.php index b7d4241ab..5af5bc14f 100644 --- a/Controller/AccompanyingPeriodController.php +++ b/Controller/AccompanyingPeriodController.php @@ -22,20 +22,45 @@ namespace Chill\PersonBundle\Controller; +use Chill\PersonBundle\Privacy\PrivacyEvent; use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Chill\PersonBundle\Entity\Person; use Chill\PersonBundle\Form\AccompanyingPeriodType; use Chill\PersonBundle\Entity\AccompanyingPeriod; use Doctrine\Common\Collections\Criteria; use Chill\PersonBundle\Security\Authorization\PersonVoter; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; class AccompanyingPeriodController extends Controller { + /** + * @var EventDispatcherInterface + */ + protected $eventDispatcher; + + /** + * ReportController constructor. + * + * @param EventDispatcherInterface $eventDispatcher + */ + public function __construct(EventDispatcherInterface $eventDispatcher) + { + $this->eventDispatcher = $eventDispatcher; + } + + + public function listAction($person_id){ $person = $this->_getPerson($person_id); + + $event = new PrivacyEvent($person, array( + 'element_class' => AccompanyingPeriod::class, + 'action' => 'list' + )); + $this->eventDispatcher->dispatch(PrivacyEvent::PERSON_PRIVACY_EVENT, $event); return $this->render('ChillPersonBundle:AccompanyingPeriod:list.html.twig', array('accompanying_periods' => $person->getAccompanyingPeriodsOrdered(), diff --git a/Controller/PersonController.php b/Controller/PersonController.php index 1ab1f5fa1..d89b55a75 100644 --- a/Controller/PersonController.php +++ b/Controller/PersonController.php @@ -22,10 +22,12 @@ namespace Chill\PersonBundle\Controller; +use Chill\PersonBundle\Privacy\PrivacyEvent; use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Chill\PersonBundle\Entity\Person; use Chill\PersonBundle\Form\PersonType; use Chill\PersonBundle\Form\CreationPersonType; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\Security\Core\Role\Role; @@ -48,12 +50,20 @@ class PersonController extends Controller */ protected $translator; + + /** + * @var EventDispatcherInterface + */ + protected $eventDispatcher; + public function __construct( SimilarPersonMatcher $similarPersonMatcher, - TranslatorInterface $translator + TranslatorInterface $translator, + EventDispatcherInterface $eventDispatcher ) { $this->similarPersonMatcher = $similarPersonMatcher; $this->translator = $translator; + $this->eventDispatcher = $eventDispatcher; } public function getCFGroup() @@ -79,10 +89,13 @@ class PersonController extends Controller throw $this->createNotFoundException("Person with id $person_id not" . " found on this server"); } - + $this->denyAccessUnlessGranted('CHILL_PERSON_SEE', $person, "You are not allowed to see this person."); - + + $event = new PrivacyEvent($person); + $this->eventDispatcher->dispatch(PrivacyEvent::PERSON_PRIVACY_EVENT, $event); + return $this->render('ChillPersonBundle:Person:view.html.twig', array("person" => $person, "cFGroup" => $this->getCFGroup())); diff --git a/Controller/TimelinePersonController.php b/Controller/TimelinePersonController.php index ad8d46a67..35935163d 100644 --- a/Controller/TimelinePersonController.php +++ b/Controller/TimelinePersonController.php @@ -19,6 +19,8 @@ namespace Chill\PersonBundle\Controller; +use Chill\PersonBundle\Privacy\PrivacyEvent; +use Symfony\Component\EventDispatcher\EventDispatcherInterface; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Request; use Symfony\Bundle\FrameworkBundle\Controller\Controller; @@ -30,7 +32,23 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller; */ class TimelinePersonController extends Controller { - + + /** + * @var EventDispatcherInterface + */ + protected $eventDispatcher; + + /** + * TimelinePersonController constructor. + * + * @param EventDispatcherInterface $eventDispatcher + */ + public function __construct(EventDispatcherInterface $eventDispatcher) + { + $this->eventDispatcher = $eventDispatcher; + } + + public function personAction(Request $request, $person_id) { $person = $this->getDoctrine() @@ -52,7 +70,10 @@ class TimelinePersonController extends Controller ); $paginator = $paginatorFactory->create($nbItems); - + + $event = new PrivacyEvent($person, array('action' => 'timeline')); + $this->eventDispatcher->dispatch(PrivacyEvent::PERSON_PRIVACY_EVENT, $event); + return $this->render('ChillPersonBundle:Timeline:index.html.twig', array ( 'timeline' => $timelineBuilder->getTimelineHTML( diff --git a/DependencyInjection/ChillPersonExtension.php b/DependencyInjection/ChillPersonExtension.php index f74ed63aa..ff2a59acc 100644 --- a/DependencyInjection/ChillPersonExtension.php +++ b/DependencyInjection/ChillPersonExtension.php @@ -62,6 +62,7 @@ class ChillPersonExtension extends Extension implements PrependExtensionInterfac $loader->load('services/controller.yml'); $loader->load('services/search.yml'); $loader->load('services/menu.yml'); + $loader->load('services/privacyEvent.yml'); $loader->load('services/command.yml'); } diff --git a/Privacy/PrivacyEvent.php b/Privacy/PrivacyEvent.php new file mode 100644 index 000000000..65304f96a --- /dev/null +++ b/Privacy/PrivacyEvent.php @@ -0,0 +1,110 @@ +, + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +use Symfony\Component\EventDispatcher\Event; +use Chill\PersonBundle\Entity\Person; + +/** + * Class PrivacyEvent + * + * Array $args expects arguments with the following keys: 'element_class', 'element_id', 'action' + * By default, action is set to 'show' + * + * @package Chill\PersonBundle\Privacy + */ +class PrivacyEvent extends Event +{ + const PERSON_PRIVACY_EVENT = 'chill_person.privacy_event'; + + /** + * @var Person + */ + private $person; + + /** + * @var array + */ + private $args; + + /** + * @var array + */ + private $persons; + + /** + * PrivacyEvent constructor. + * + * @param Person $person + * @param array $args + */ + public function __construct(Person $person, array $args = array('action' => 'show')) + { + $this->person = $person; + $this->args = $args; + $this->persons = array(); + } + + /** + * @return Person + */ + public function getPerson() + { + return $this->person; + } + + /** + * @param Person $person + */ + public function addPerson(Person $person) + { + $this->persons[] = $person; + + return $this; + } + + /** + * @return array $persons + */ + public function getPersons() + { + return $this->persons; + } + + /** + * @return bool + */ + public function hasPersons() + { + return count($this->persons) >= 1; + } + + /** + * @return array + */ + public function getArgs() + { + return $this->args; + } + +} \ No newline at end of file diff --git a/Privacy/PrivacyEventSubscriber.php b/Privacy/PrivacyEventSubscriber.php new file mode 100644 index 000000000..9af711ed9 --- /dev/null +++ b/Privacy/PrivacyEventSubscriber.php @@ -0,0 +1,85 @@ +, + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + */ + +use Psr\Log\LoggerInterface; +use Symfony\Component\EventDispatcher\EventSubscriberInterface; +use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface; + +class PrivacyEventSubscriber implements EventSubscriberInterface +{ + + /** + * @var LoggerInterface + */ + protected $logger; + + /** + * @var TokenStorageInterface + */ + protected $token; + + /** + * PrivacyEventSubscriber constructor. + * + * @param LoggerInterface $logger + */ + public function __construct(LoggerInterface $logger, TokenStorageInterface $token) + { + $this->logger = $logger; + $this->token = $token; + } + + public static function getSubscribedEvents() + { + return array(PrivacyEvent::PERSON_PRIVACY_EVENT => array( + array('onPrivacyEvent') + )); + } + + public function onPrivacyEvent(PrivacyEvent $event) + { + $persons = array(); + + if ($event->hasPersons() === true) { + foreach ($event->getPersons() as $person) { + $persons[] = $person->getId(); + } + } + + $involved = array( + 'by_user' => $this->token->getToken()->getUser()->getUsername(), + 'by_user_id' => $this->token->getToken()->getUser()->getId(), + 'person_id' => $event->getPerson()->getId(), + ); + + if ($event->hasPersons()) { + $involved['persons'] = $event->getPersons(); + } + + $this->logger->notice( + "[Privacy Event] A Person Folder has been viewed", + array_merge($involved, $event->getArgs()) + ); + } +} \ No newline at end of file diff --git a/Resources/config/services/controller.yml b/Resources/config/services/controller.yml index d47ab2cbd..8e2fb9fdf 100644 --- a/Resources/config/services/controller.yml +++ b/Resources/config/services/controller.yml @@ -3,4 +3,13 @@ services: arguments: $similarPersonMatcher: '@Chill\PersonBundle\Search\SimilarPersonMatcher' $translator: '@Symfony\Component\Translation\TranslatorInterface' + $eventDispatcher: '@Symfony\Component\EventDispatcher\EventDispatcherInterface' tags: ['controller.service_arguments'] + + Chill\PersonBundle\Controller\TimelinePersonController: + arguments: + $eventDispatcher: '@Symfony\Component\EventDispatcher\EventDispatcherInterface' + + Chill\PersonBundle\Controller\AccompanyingPeriodController: + arguments: + $eventDispatcher: '@Symfony\Component\EventDispatcher\EventDispatcherInterface' diff --git a/Resources/config/services/privacyEvent.yml b/Resources/config/services/privacyEvent.yml new file mode 100644 index 000000000..780601d9d --- /dev/null +++ b/Resources/config/services/privacyEvent.yml @@ -0,0 +1,7 @@ +services: + Chill\PersonBundle\Privacy\PrivacyEventSubscriber: + arguments: + $logger: '@chill.main.logger' + $token: '@Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface' + tags: + - { name: kernel.event_subscriber }