<?php
declare(strict_types=1);
namespace Orcamultimedia\OciPunchout\Subscriber;
use Orcamultimedia\OciPunchout\Service\OciService;
use Shopware\Core\SalesChannelRequest;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\Routing\RouterInterface;
class StorefrontSubscriber implements EventSubscriberInterface
{
/**
* @var OciService
*/
private OciService $ociService;
/**
* @var RouterInterface
*/
private RouterInterface $router;
public function __construct(
OciService $ociService,
RouterInterface $router
)
{
$this->ociService = $ociService;
$this->router = $router;
}
public static function getSubscribedEvents(): array
{
return [
KernelEvents::REQUEST => 'preventPageLoadingInOciSession'
];
}
public function preventPageLoadingInOciSession(RequestEvent $event): void
{
if ($event->getRequest()->isXmlHttpRequest()) {
return;
}
if (!$event->getRequest()->attributes->has(SalesChannelRequest::ATTRIBUTE_IS_SALES_CHANNEL_REQUEST)) {
return;
}
if (!$this->ociService->isPunchout()) {
return;
}
$route = $event->getRequest()->attributes->get('_route');
$forbiddenRoutes = [
'frontend.account.profile.email.save',
'frontend.account.profile.password.save',
'frontend.checkout.finish.page',
'frontend.checkout.finish.order'
];
if (in_array($route, $forbiddenRoutes)) {
throw new AccessDeniedHttpException('This page isn\'t allowed during an OCI session.');
}
$disallowedRoutes = ['frontend.checkout.confirm.page'];
if (in_array($route, $disallowedRoutes)) {
$event->setResponse(new RedirectResponse($this->router->generate('frontend.checkout.cart.page')));
}
}
}