vendor/sonata-project/admin-bundle/src/Controller/CRUDController.php line 108

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. /*
  6. * This file is part of the Sonata Project package.
  7. *
  8. * (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
  9. *
  10. * For the full copyright and license information, please view the LICENSE
  11. * file that was distributed with this source code.
  12. */
  14. namespace Sonata\AdminBundle\Controller;
  16. use Psr\Log\LoggerInterface;
  17. use Psr\Log\NullLogger;
  18. use Sonata\AdminBundle\Admin\AdminInterface;
  19. use Sonata\AdminBundle\Admin\Pool;
  20. use Sonata\AdminBundle\Bridge\Exporter\AdminExporter;
  21. use Sonata\AdminBundle\Datagrid\ProxyQueryInterface;
  22. use Sonata\AdminBundle\Exception\BadRequestParamHttpException;
  23. use Sonata\AdminBundle\Exception\LockException;
  24. use Sonata\AdminBundle\Exception\ModelManagerException;
  25. use Sonata\AdminBundle\Exception\ModelManagerThrowable;
  26. use Sonata\AdminBundle\Form\FormErrorIteratorToConstraintViolationList;
  27. use Sonata\AdminBundle\Model\AuditManagerInterface;
  28. use Sonata\AdminBundle\Request\AdminFetcherInterface;
  29. use Sonata\AdminBundle\Templating\TemplateRegistryInterface;
  30. use Sonata\AdminBundle\Util\AdminAclUserManagerInterface;
  31. use Sonata\AdminBundle\Util\AdminObjectAclData;
  32. use Sonata\AdminBundle\Util\AdminObjectAclManipulator;
  33. use Sonata\Exporter\ExporterInterface;
  34. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  35. use Symfony\Component\Form\FormInterface;
  36. use Symfony\Component\Form\FormRenderer;
  37. use Symfony\Component\Form\FormView;
  38. use Symfony\Component\HttpFoundation\JsonResponse;
  39. use Symfony\Component\HttpFoundation\RedirectResponse;
  40. use Symfony\Component\HttpFoundation\Request;
  41. use Symfony\Component\HttpFoundation\RequestStack;
  42. use Symfony\Component\HttpFoundation\Response;
  43. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  44. use Symfony\Component\HttpKernel\Exception\HttpException;
  45. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  46. use Symfony\Component\HttpKernel\HttpKernelInterface;
  47. use Symfony\Component\PropertyAccess\PropertyAccess;
  48. use Symfony\Component\PropertyAccess\PropertyPath;
  49. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  50. use Symfony\Component\Security\Core\User\UserInterface;
  51. use Symfony\Component\Security\Csrf\CsrfToken;
  52. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  53. use Symfony\Component\String\UnicodeString;
  54. use Symfony\Contracts\Translation\TranslatorInterface;
  55. use Twig\Environment;
  57. /**
  58. * @author Thomas Rabaix <thomas.rabaix@sonata-project.org>
  59. *
  60. * @phpstan-template T of object
  61. *
  62. * @psalm-suppress MissingConstructor
  63. *
  64. * @see ConfigureCRUDControllerListener
  65. */
  66. class CRUDController extends AbstractController
  67. {
  68. /**
  69. * The related Admin class.
  70. *
  71. * @var AdminInterface<object>
  72. *
  73. * @phpstan-var AdminInterface<T>
  74. *
  75. * @psalm-suppress PropertyNotSetInConstructor
  76. */
  77. protected $admin;
  79. /**
  80. * The template registry of the related Admin class.
  81. *
  82. * @psalm-suppress PropertyNotSetInConstructor
  83. * @phpstan-ignore-next-line
  84. */
  85. private TemplateRegistryInterface $templateRegistry;
  87. public static function getSubscribedServices(): array
  88. {
  89. return [
  90. 'sonata.admin.pool' => Pool::class,
  91. 'sonata.admin.audit.manager' => AuditManagerInterface::class,
  92. 'sonata.admin.object.manipulator.acl.admin' => AdminObjectAclManipulator::class,
  93. 'sonata.admin.request.fetcher' => AdminFetcherInterface::class,
  94. 'sonata.exporter.exporter' => '?'.ExporterInterface::class,
  95. 'sonata.admin.admin_exporter' => '?'.AdminExporter::class,
  96. 'sonata.admin.security.acl_user_manager' => '?'.AdminAclUserManagerInterface::class,
  98. 'controller_resolver' => 'controller_resolver',
  99. 'http_kernel' => HttpKernelInterface::class,
  100. 'logger' => '?'.LoggerInterface::class,
  101. 'translator' => TranslatorInterface::class,
  102. ] + parent::getSubscribedServices();
  103. }
  105. /**
  106. * @throws AccessDeniedException If access is not granted
  107. */
  108. public function listAction(Request $request): Response
  109. {
  110. $this->assertObjectExists($request);
  112. $this->admin->checkAccess('list');
  114. $preResponse = $this->preList($request);
  115. if (null !== $preResponse) {
  116. return $preResponse;
  117. }
  119. $listMode = $request->get('_list_mode');
  120. if (\is_string($listMode)) {
  121. $this->admin->setListMode($listMode);
  122. }
  124. $datagrid = $this->admin->getDatagrid();
  125. $formView = $datagrid->getForm()->createView();
  127. // set the theme for the current Admin Form
  128. $this->setFormTheme($formView, $this->admin->getFilterTheme());
  130. $template = $this->templateRegistry->getTemplate('list');
  132. if ($this->container->has('sonata.admin.admin_exporter')) {
  133. $exporter = $this->container->get('sonata.admin.admin_exporter');
  134. \assert($exporter instanceof AdminExporter);
  135. $exportFormats = $exporter->getAvailableFormats($this->admin);
  136. }
  138. /**
  139. * @psalm-suppress DeprecatedMethod
  140. */
  141. return $this->renderWithExtraParams($template, [
  142. 'action' => 'list',
  143. 'form' => $formView,
  144. 'datagrid' => $datagrid,
  145. 'csrf_token' => $this->getCsrfToken('sonata.batch'),
  146. 'export_formats' => $exportFormats ?? $this->admin->getExportFormats(),
  147. ]);
  148. }
  150. /**
  151. * NEXT_MAJOR: Change signature to `(ProxyQueryInterface $query, Request $request).
  152. *
  153. * Execute a batch delete.
  154. *
  155. * @throws AccessDeniedException If access is not granted
  156. *
  157. * @phpstan-param ProxyQueryInterface<T> $query
  158. */
  159. public function batchActionDelete(ProxyQueryInterface $query): Response
  160. {
  161. $this->admin->checkAccess('batchDelete');
  163. $modelManager = $this->admin->getModelManager();
  165. try {
  166. $modelManager->batchDelete($this->admin->getClass(), $query);
  167. $this->addFlash(
  168. 'sonata_flash_success',
  169. $this->trans('flash_batch_delete_success', [], 'SonataAdminBundle')
  170. );
  171. } catch (ModelManagerException $e) {
  172. // NEXT_MAJOR: Remove this catch.
  173. $errorMessage = $this->handleModelManagerException($e);
  174. $this->addFlash(
  175. 'sonata_flash_error',
  176. $errorMessage ?? $this->trans('flash_batch_delete_error', [], 'SonataAdminBundle')
  177. );
  178. } catch (ModelManagerThrowable $e) {
  179. $errorMessage = $this->handleModelManagerThrowable($e);
  181. $this->addFlash(
  182. 'sonata_flash_error',
  183. $errorMessage ?? $this->trans('flash_batch_delete_error', [], 'SonataAdminBundle')
  184. );
  185. }
  187. return $this->redirectToList();
  188. }
  190. /**
  191. * @throws NotFoundHttpException If the object does not exist
  192. * @throws AccessDeniedException If access is not granted
  193. */
  194. public function deleteAction(Request $request): Response
  195. {
  196. $object = $this->assertObjectExists($request, true);
  197. \assert(null !== $object);
  199. $this->checkParentChildAssociation($request, $object);
  201. $this->admin->checkAccess('delete', $object);
  203. $preResponse = $this->preDelete($request, $object);
  204. if (null !== $preResponse) {
  205. return $preResponse;
  206. }
  208. if (\in_array($request->getMethod(), [Request::METHOD_POST, Request::METHOD_DELETE], true)) {
  209. // check the csrf token
  210. $this->validateCsrfToken($request, 'sonata.delete');
  212. $objectName = $this->admin->toString($object);
  214. try {
  215. $this->admin->delete($object);
  217. if ($this->isXmlHttpRequest($request)) {
  218. return $this->renderJson(['result' => 'ok']);
  219. }
  221. $this->addFlash(
  222. 'sonata_flash_success',
  223. $this->trans(
  224. 'flash_delete_success',
  225. ['%name%' => $this->escapeHtml($objectName)],
  226. 'SonataAdminBundle'
  227. )
  228. );
  229. } catch (ModelManagerException $e) {
  230. // NEXT_MAJOR: Remove this catch.
  231. $errorMessage = $this->handleModelManagerException($e);
  233. if ($this->isXmlHttpRequest($request)) {
  234. return $this->renderJson(['result' => 'error']);
  235. }
  237. $this->addFlash(
  238. 'sonata_flash_error',
  239. $errorMessage ?? $this->trans(
  240. 'flash_delete_error',
  241. ['%name%' => $this->escapeHtml($objectName)],
  242. 'SonataAdminBundle'
  243. )
  244. );
  245. } catch (ModelManagerThrowable $e) {
  246. $errorMessage = $this->handleModelManagerThrowable($e);
  248. if ($this->isXmlHttpRequest($request)) {
  249. return $this->renderJson(['result' => 'error'], Response::HTTP_OK, []);
  250. }
  252. $this->addFlash(
  253. 'sonata_flash_error',
  254. $errorMessage ?? $this->trans(
  255. 'flash_delete_error',
  256. ['%name%' => $this->escapeHtml($objectName)],
  257. 'SonataAdminBundle'
  258. )
  259. );
  260. }
  262. return $this->redirectTo($request, $object);
  263. }
  265. $template = $this->templateRegistry->getTemplate('delete');
  267. /**
  268. * @psalm-suppress DeprecatedMethod
  269. */
  270. return $this->renderWithExtraParams($template, [
  271. 'object' => $object,
  272. 'action' => 'delete',
  273. 'csrf_token' => $this->getCsrfToken('sonata.delete'),
  274. ]);
  275. }
  277. /**
  278. * @throws NotFoundHttpException If the object does not exist
  279. * @throws AccessDeniedException If access is not granted
  280. */
  281. public function editAction(Request $request): Response
  282. {
  283. // the key used to lookup the template
  284. $templateKey = 'edit';
  286. $existingObject = $this->assertObjectExists($request, true);
  287. \assert(null !== $existingObject);
  289. $this->checkParentChildAssociation($request, $existingObject);
  291. $this->admin->checkAccess('edit', $existingObject);
  293. $preResponse = $this->preEdit($request, $existingObject);
  294. if (null !== $preResponse) {
  295. return $preResponse;
  296. }
  297. $this->admin->setSubject($existingObject);
  298. $objectId = $this->admin->getNormalizedIdentifier($existingObject);
  299. \assert(null !== $objectId);
  301. $form = $this->admin->getForm();
  303. $form->setData($existingObject);
  304. $form->handleRequest($request);
  306. if ($form->isSubmitted()) {
  307. $isFormValid = $form->isValid();
  309. // persist if the form was valid and if in preview mode the preview was approved
  310. if ($isFormValid && (!$this->isInPreviewMode($request) || $this->isPreviewApproved($request))) {
  311. /** @phpstan-var T $submittedObject */
  312. $submittedObject = $form->getData();
  313. $this->admin->setSubject($submittedObject);
  315. try {
  316. $existingObject = $this->admin->update($submittedObject);
  318. if ($this->isXmlHttpRequest($request)) {
  319. return $this->handleXmlHttpRequestSuccessResponse($request, $existingObject);
  320. }
  322. $this->addFlash(
  323. 'sonata_flash_success',
  324. $this->trans(
  325. 'flash_edit_success',
  326. ['%name%' => $this->escapeHtml($this->admin->toString($existingObject))],
  327. 'SonataAdminBundle'
  328. )
  329. );
  331. // redirect to edit mode
  332. return $this->redirectTo($request, $existingObject);
  333. } catch (ModelManagerException $e) {
  334. // NEXT_MAJOR: Remove this catch.
  335. $errorMessage = $this->handleModelManagerException($e);
  337. $isFormValid = false;
  338. } catch (ModelManagerThrowable $e) {
  339. $errorMessage = $this->handleModelManagerThrowable($e);
  341. $isFormValid = false;
  342. } catch (LockException) {
  343. $this->addFlash('sonata_flash_error', $this->trans('flash_lock_error', [
  344. '%name%' => $this->escapeHtml($this->admin->toString($existingObject)),
  345. '%link_start%' => \sprintf('<a href="%s">', $this->admin->generateObjectUrl('edit', $existingObject)),
  346. '%link_end%' => '</a>',
  347. ], 'SonataAdminBundle'));
  348. }
  349. }
  351. // show an error message if the form failed validation
  352. if (!$isFormValid) {
  353. if ($this->isXmlHttpRequest($request) && null !== ($response = $this->handleXmlHttpRequestErrorResponse($request, $form))) {
  354. return $response;
  355. }
  357. $this->addFlash(
  358. 'sonata_flash_error',
  359. $errorMessage ?? $this->trans(
  360. 'flash_edit_error',
  361. ['%name%' => $this->escapeHtml($this->admin->toString($existingObject))],
  362. 'SonataAdminBundle'
  363. )
  364. );
  365. } elseif ($this->isPreviewRequested($request)) {
  366. // enable the preview template if the form was valid and preview was requested
  367. $templateKey = 'preview';
  368. $this->admin->getShow();
  369. }
  370. }
  372. $formView = $form->createView();
  373. // set the theme for the current Admin Form
  374. $this->setFormTheme($formView, $this->admin->getFormTheme());
  376. $template = $this->templateRegistry->getTemplate($templateKey);
  378. /**
  379. * @psalm-suppress DeprecatedMethod
  380. */
  381. return $this->renderWithExtraParams($template, [
  382. 'action' => 'edit',
  383. 'form' => $formView,
  384. 'object' => $existingObject,
  385. 'objectId' => $objectId,
  386. ]);
  387. }
  389. /**
  390. * @throws NotFoundHttpException If the HTTP method is not POST
  391. * @throws \RuntimeException If the batch action is not defined
  392. */
  393. public function batchAction(Request $request): Response
  394. {
  395. $restMethod = $request->getMethod();
  397. if (Request::METHOD_POST !== $restMethod) {
  398. throw $this->createNotFoundException(\sprintf(
  399. 'Invalid request method given "%s", %s expected',
  400. $restMethod,
  401. Request::METHOD_POST
  402. ));
  403. }
  405. // check the csrf token
  406. $this->validateCsrfToken($request, 'sonata.batch');
  408. $confirmation = $request->get('confirmation', false);
  410. $forwardedRequest = $request->duplicate();
  412. $encodedData = $request->get('data');
  414. if (null === $encodedData) {
  415. $action = $forwardedRequest->request->get('action');
  416. $bag = $request->request;
  417. $idx = $bag->all('idx');
  418. $allElements = $forwardedRequest->request->getBoolean('all_elements');
  420. $forwardedRequest->request->set('idx', $idx);
  421. $forwardedRequest->request->set('all_elements', (string) $allElements);
  423. $data = $forwardedRequest->request->all();
  424. $data['all_elements'] = $allElements;
  426. unset($data['_sonata_csrf_token']);
  427. } else {
  428. if (!\is_string($encodedData)) {
  429. throw new BadRequestParamHttpException('data', 'string', $encodedData);
  430. }
  432. try {
  433. $data = json_decode($encodedData, true, 512, \JSON_THROW_ON_ERROR);
  434. } catch (\JsonException) {
  435. throw new BadRequestHttpException('Unable to decode batch data');
  436. }
  438. $action = $data['action'];
  439. $idx = (array) ($data['idx'] ?? []);
  440. $allElements = (bool) ($data['all_elements'] ?? false);
  441. $forwardedRequest->request->replace(array_merge($forwardedRequest->request->all(), $data));
  442. }
  444. if (!\is_string($action)) {
  445. throw new \RuntimeException('The action is not defined');
  446. }
  448. $camelizedAction = (new UnicodeString($action))->camel()->title(true)->toString();
  450. try {
  451. $batchActionExecutable = $this->getBatchActionExecutable($action);
  452. } catch (\Throwable $error) {
  453. $finalAction = \sprintf('batchAction%s', $camelizedAction);
  454. throw new \RuntimeException(\sprintf('A `%s::%s` method must be callable or create a `controller` configuration for your batch action.', $this->admin->getBaseControllerName(), $finalAction), 0, $error);
  455. }
  457. $batchAction = $this->admin->getBatchActions()[$action];
  459. $isRelevantAction = \sprintf('batchAction%sIsRelevant', $camelizedAction);
  461. if (method_exists($this, $isRelevantAction)) {
  462. // NEXT_MAJOR: Remove if above in sonata-project/admin-bundle 5.0
  463. @trigger_error(\sprintf(
  464. 'The is relevant hook via "%s()" is deprecated since sonata-project/admin-bundle 4.12'
  465. .' and will not be call in 5.0. Move the logic to your controller.',
  466. $isRelevantAction,
  467. ), \E_USER_DEPRECATED);
  468. $nonRelevantMessage = $this->$isRelevantAction($idx, $allElements, $forwardedRequest);
  469. } else {
  470. $nonRelevantMessage = 0 !== \count($idx) || $allElements; // at least one item is selected
  471. }
  473. if (!\is_string($nonRelevantMessage) && true !== $nonRelevantMessage) { // default non relevant message
  474. $nonRelevantMessage = 'flash_batch_empty';
  475. }
  477. $datagrid = $this->admin->getDatagrid();
  478. $datagrid->buildPager();
  480. if (\is_string($nonRelevantMessage)) {
  481. $this->addFlash(
  482. 'sonata_flash_info',
  483. $this->trans($nonRelevantMessage, [], 'SonataAdminBundle')
  484. );
  486. return $this->redirectToList();
  487. }
  489. $askConfirmation = $batchAction['ask_confirmation'] ?? true;
  491. if (true === $askConfirmation && 'ok' !== $confirmation) {
  492. $actionLabel = $batchAction['label'];
  493. $batchTranslationDomain = $batchAction['translation_domain'] ??
  494. $this->admin->getTranslationDomain();
  496. $formView = $datagrid->getForm()->createView();
  497. $this->setFormTheme($formView, $this->admin->getFilterTheme());
  499. $template = $batchAction['template'] ?? $this->templateRegistry->getTemplate('batch_confirmation');
  501. /**
  502. * @psalm-suppress DeprecatedMethod
  503. */
  504. return $this->renderWithExtraParams($template, [
  505. 'action' => 'list',
  506. 'action_label' => $actionLabel,
  507. 'batch_translation_domain' => $batchTranslationDomain,
  508. 'datagrid' => $datagrid,
  509. 'form' => $formView,
  510. 'data' => $data,
  511. 'csrf_token' => $this->getCsrfToken('sonata.batch'),
  512. ]);
  513. }
  515. $query = $datagrid->getQuery();
  517. $query->setFirstResult(null);
  518. $query->setMaxResults(null);
  520. $this->admin->preBatchAction($action, $query, $idx, $allElements);
  521. foreach ($this->admin->getExtensions() as $extension) {
  522. // NEXT_MAJOR: Remove the if-statement around the call to `$extension->preBatchAction()`
  523. if (method_exists($extension, 'preBatchAction')) {
  524. $extension->preBatchAction($this->admin, $action, $query, $idx, $allElements);
  525. }
  526. }
  528. if (!$allElements) {
  529. if (\count($idx) > 0) {
  530. $this->admin->getModelManager()->addIdentifiersToQuery($this->admin->getClass(), $query, $idx);
  531. } else {
  532. $this->addFlash(
  533. 'sonata_flash_info',
  534. $this->trans('flash_batch_no_elements_processed', [], 'SonataAdminBundle')
  535. );
  537. return $this->redirectToList();
  538. }
  539. }
  541. return \call_user_func($batchActionExecutable, $query, $forwardedRequest);
  542. }
  544. /**
  545. * @throws AccessDeniedException If access is not granted
  546. */
  547. public function createAction(Request $request): Response
  548. {
  549. $this->assertObjectExists($request);
  551. $this->admin->checkAccess('create');
  553. // the key used to lookup the template
  554. $templateKey = 'edit';
  556. $class = new \ReflectionClass($this->admin->hasActiveSubClass() ? $this->admin->getActiveSubClass() : $this->admin->getClass());
  558. if ($class->isAbstract()) {
  559. /**
  560. * @psalm-suppress DeprecatedMethod
  561. */
  562. return $this->renderWithExtraParams(
  563. '@SonataAdmin/CRUD/select_subclass.html.twig',
  564. [
  565. 'action' => 'create',
  566. ],
  567. );
  568. }
  570. $newObject = $this->admin->getNewInstance();
  572. $preResponse = $this->preCreate($request, $newObject);
  573. if (null !== $preResponse) {
  574. return $preResponse;
  575. }
  577. $this->admin->setSubject($newObject);
  579. $form = $this->admin->getForm();
  581. $form->setData($newObject);
  582. $form->handleRequest($request);
  584. if ($form->isSubmitted()) {
  585. $isFormValid = $form->isValid();
  587. // persist if the form was valid and if in preview mode the preview was approved
  588. if ($isFormValid && (!$this->isInPreviewMode($request) || $this->isPreviewApproved($request))) {
  589. /** @phpstan-var T $submittedObject */
  590. $submittedObject = $form->getData();
  591. $this->admin->setSubject($submittedObject);
  593. try {
  594. $newObject = $this->admin->create($submittedObject);
  596. if ($this->isXmlHttpRequest($request)) {
  597. return $this->handleXmlHttpRequestSuccessResponse($request, $newObject);
  598. }
  600. $this->addFlash(
  601. 'sonata_flash_success',
  602. $this->trans(
  603. 'flash_create_success',
  604. ['%name%' => $this->escapeHtml($this->admin->toString($newObject))],
  605. 'SonataAdminBundle'
  606. )
  607. );
  609. // redirect to edit mode
  610. return $this->redirectTo($request, $newObject);
  611. } catch (ModelManagerException $e) {
  612. // NEXT_MAJOR: Remove this catch.
  613. $errorMessage = $this->handleModelManagerException($e);
  615. $isFormValid = false;
  616. } catch (ModelManagerThrowable $e) {
  617. $errorMessage = $this->handleModelManagerThrowable($e);
  619. $isFormValid = false;
  620. }
  621. }
  623. // show an error message if the form failed validation
  624. if (!$isFormValid) {
  625. if ($this->isXmlHttpRequest($request) && null !== ($response = $this->handleXmlHttpRequestErrorResponse($request, $form))) {
  626. return $response;
  627. }
  629. $this->addFlash(
  630. 'sonata_flash_error',
  631. $errorMessage ?? $this->trans(
  632. 'flash_create_error',
  633. ['%name%' => $this->escapeHtml($this->admin->toString($newObject))],
  634. 'SonataAdminBundle'
  635. )
  636. );
  637. } elseif ($this->isPreviewRequested($request)) {
  638. // pick the preview template if the form was valid and preview was requested
  639. $templateKey = 'preview';
  640. $this->admin->getShow();
  641. }
  642. }
  644. $formView = $form->createView();
  645. // set the theme for the current Admin Form
  646. $this->setFormTheme($formView, $this->admin->getFormTheme());
  648. $template = $this->templateRegistry->getTemplate($templateKey);
  650. /**
  651. * @psalm-suppress DeprecatedMethod
  652. */
  653. return $this->renderWithExtraParams($template, [
  654. 'action' => 'create',
  655. 'form' => $formView,
  656. 'object' => $newObject,
  657. 'objectId' => null,
  658. ]);
  659. }
  661. /**
  662. * @throws NotFoundHttpException If the object does not exist
  663. * @throws AccessDeniedException If access is not granted
  664. */
  665. public function showAction(Request $request): Response
  666. {
  667. $object = $this->assertObjectExists($request, true);
  668. \assert(null !== $object);
  670. $this->checkParentChildAssociation($request, $object);
  672. $this->admin->checkAccess('show', $object);
  674. $preResponse = $this->preShow($request, $object);
  675. if (null !== $preResponse) {
  676. return $preResponse;
  677. }
  679. $this->admin->setSubject($object);
  681. $fields = $this->admin->getShow();
  683. $template = $this->templateRegistry->getTemplate('show');
  685. /**
  686. * @psalm-suppress DeprecatedMethod
  687. */
  688. return $this->renderWithExtraParams($template, [
  689. 'action' => 'show',
  690. 'object' => $object,
  691. 'elements' => $fields,
  692. ]);
  693. }
  695. /**
  696. * Show history revisions for object.
  697. *
  698. * @throws AccessDeniedException If access is not granted
  699. * @throws NotFoundHttpException If the object does not exist or the audit reader is not available
  700. */
  701. public function historyAction(Request $request): Response
  702. {
  703. $object = $this->assertObjectExists($request, true);
  704. \assert(null !== $object);
  705. $this->admin->checkAccess('history', $object);
  707. $objectId = $this->admin->getNormalizedIdentifier($object);
  708. \assert(null !== $objectId);
  710. $manager = $this->container->get('sonata.admin.audit.manager');
  711. \assert($manager instanceof AuditManagerInterface);
  713. if (!$manager->hasReader($this->admin->getClass())) {
  714. throw $this->createNotFoundException(\sprintf(
  715. 'unable to find the audit reader for class : %s',
  716. $this->admin->getClass()
  717. ));
  718. }
  720. $reader = $manager->getReader($this->admin->getClass());
  722. $revisions = $reader->findRevisions($this->admin->getClass(), $objectId);
  724. $template = $this->templateRegistry->getTemplate('history');
  726. /**
  727. * @psalm-suppress DeprecatedMethod
  728. */
  729. return $this->renderWithExtraParams($template, [
  730. 'action' => 'history',
  731. 'object' => $object,
  732. 'revisions' => $revisions,
  733. 'currentRevision' => current($revisions),
  734. ]);
  735. }
  737. /**
  738. * View history revision of object.
  739. *
  740. * @throws AccessDeniedException If access is not granted
  741. * @throws NotFoundHttpException If the object or revision does not exist or the audit reader is not available
  742. */
  743. public function historyViewRevisionAction(Request $request, string $revision): Response
  744. {
  745. $object = $this->assertObjectExists($request, true);
  746. \assert(null !== $object);
  747. $this->admin->checkAccess('historyViewRevision', $object);
  749. $objectId = $this->admin->getNormalizedIdentifier($object);
  750. \assert(null !== $objectId);
  752. $manager = $this->container->get('sonata.admin.audit.manager');
  753. \assert($manager instanceof AuditManagerInterface);
  755. if (!$manager->hasReader($this->admin->getClass())) {
  756. throw $this->createNotFoundException(\sprintf(
  757. 'unable to find the audit reader for class : %s',
  758. $this->admin->getClass()
  759. ));
  760. }
  762. $reader = $manager->getReader($this->admin->getClass());
  764. // retrieve the revisioned object
  765. $object = $reader->find($this->admin->getClass(), $objectId, $revision);
  767. if (null === $object) {
  768. throw $this->createNotFoundException(\sprintf(
  769. 'unable to find the targeted object `%s` from the revision `%s` with classname : `%s`',
  770. $objectId,
  771. $revision,
  772. $this->admin->getClass()
  773. ));
  774. }
  776. $this->admin->setSubject($object);
  778. $template = $this->templateRegistry->getTemplate('show');
  780. /**
  781. * @psalm-suppress DeprecatedMethod
  782. */
  783. return $this->renderWithExtraParams($template, [
  784. 'action' => 'show',
  785. 'object' => $object,
  786. 'elements' => $this->admin->getShow(),
  787. ]);
  788. }
  790. /**
  791. * Compare history revisions of object.
  792. *
  793. * @throws AccessDeniedException If access is not granted
  794. * @throws NotFoundHttpException If the object or revision does not exist or the audit reader is not available
  795. */
  796. public function historyCompareRevisionsAction(Request $request, string $baseRevision, string $compareRevision): Response
  797. {
  798. $this->admin->checkAccess('historyCompareRevisions');
  800. $object = $this->assertObjectExists($request, true);
  801. \assert(null !== $object);
  802. $objectId = $this->admin->getNormalizedIdentifier($object);
  803. \assert(null !== $objectId);
  805. $manager = $this->container->get('sonata.admin.audit.manager');
  806. \assert($manager instanceof AuditManagerInterface);
  808. if (!$manager->hasReader($this->admin->getClass())) {
  809. throw $this->createNotFoundException(\sprintf(
  810. 'unable to find the audit reader for class : %s',
  811. $this->admin->getClass()
  812. ));
  813. }
  815. $reader = $manager->getReader($this->admin->getClass());
  817. // retrieve the base revision
  818. $baseObject = $reader->find($this->admin->getClass(), $objectId, $baseRevision);
  819. if (null === $baseObject) {
  820. throw $this->createNotFoundException(\sprintf(
  821. 'unable to find the targeted object `%s` from the revision `%s` with classname : `%s`',
  822. $objectId,
  823. $baseRevision,
  824. $this->admin->getClass()
  825. ));
  826. }
  828. // retrieve the compare revision
  829. $compareObject = $reader->find($this->admin->getClass(), $objectId, $compareRevision);
  830. if (null === $compareObject) {
  831. throw $this->createNotFoundException(\sprintf(
  832. 'unable to find the targeted object `%s` from the revision `%s` with classname : `%s`',
  833. $objectId,
  834. $compareRevision,
  835. $this->admin->getClass()
  836. ));
  837. }
  839. $this->admin->setSubject($baseObject);
  841. $template = $this->templateRegistry->getTemplate('show_compare');
  843. /**
  844. * @psalm-suppress DeprecatedMethod
  845. */
  846. return $this->renderWithExtraParams($template, [
  847. 'action' => 'show',
  848. 'object' => $baseObject,
  849. 'object_compare' => $compareObject,
  850. 'elements' => $this->admin->getShow(),
  851. ]);
  852. }
  854. /**
  855. * Export data to specified format.
  856. *
  857. * @throws AccessDeniedException If access is not granted
  858. * @throws \RuntimeException If the export format is invalid
  859. */
  860. public function exportAction(Request $request): Response
  861. {
  862. $this->admin->checkAccess('export');
  864. $format = $request->get('format');
  865. if (!\is_string($format)) {
  866. throw new BadRequestParamHttpException('format', 'string', $format);
  867. }
  869. $adminExporter = $this->container->get('sonata.admin.admin_exporter');
  870. \assert($adminExporter instanceof AdminExporter);
  871. $allowedExportFormats = $adminExporter->getAvailableFormats($this->admin);
  872. $filename = $adminExporter->getExportFilename($this->admin, $format);
  874. $exporter = $this->container->get('sonata.exporter.exporter');
  875. \assert($exporter instanceof ExporterInterface);
  877. if (!\in_array($format, $allowedExportFormats, true)) {
  878. throw new \RuntimeException(\sprintf(
  879. 'Export in format `%s` is not allowed for class: `%s`. Allowed formats are: `%s`',
  880. $format,
  881. $this->admin->getClass(),
  882. implode(', ', $allowedExportFormats)
  883. ));
  884. }
  886. return $exporter->getResponse(
  887. $format,
  888. $filename,
  889. $this->admin->getDataSourceIterator()
  890. );
  891. }
  893. /**
  894. * Returns the Response object associated to the acl action.
  895. *
  896. * @throws AccessDeniedException If access is not granted
  897. * @throws NotFoundHttpException If the object does not exist or the ACL is not enabled
  898. */
  899. public function aclAction(Request $request): Response
  900. {
  901. if (!$this->admin->isAclEnabled()) {
  902. throw $this->createNotFoundException('ACL are not enabled for this admin');
  903. }
  905. $object = $this->assertObjectExists($request, true);
  906. \assert(null !== $object);
  908. $this->admin->checkAccess('acl', $object);
  910. $this->admin->setSubject($object);
  911. $aclUsers = $this->getAclUsers();
  912. $aclRoles = $this->getAclRoles();
  914. $adminObjectAclManipulator = $this->container->get('sonata.admin.object.manipulator.acl.admin');
  915. \assert($adminObjectAclManipulator instanceof AdminObjectAclManipulator);
  917. $adminObjectAclData = new AdminObjectAclData(
  918. $this->admin,
  919. $object,
  920. $aclUsers,
  921. $adminObjectAclManipulator->getMaskBuilderClass(),
  922. $aclRoles
  923. );
  925. $aclUsersForm = $adminObjectAclManipulator->createAclUsersForm($adminObjectAclData);
  926. $aclRolesForm = $adminObjectAclManipulator->createAclRolesForm($adminObjectAclData);
  928. if (Request::METHOD_POST === $request->getMethod()) {
  929. if ($request->request->has(AdminObjectAclManipulator::ACL_USERS_FORM_NAME)) {
  930. $form = $aclUsersForm;
  931. $updateMethod = 'updateAclUsers';
  932. } elseif ($request->request->has(AdminObjectAclManipulator::ACL_ROLES_FORM_NAME)) {
  933. $form = $aclRolesForm;
  934. $updateMethod = 'updateAclRoles';
  935. }
  937. if (isset($form, $updateMethod)) {
  938. $form->handleRequest($request);
  940. if ($form->isValid()) {
  941. $adminObjectAclManipulator->$updateMethod($adminObjectAclData);
  942. $this->addFlash(
  943. 'sonata_flash_success',
  944. $this->trans('flash_acl_edit_success', [], 'SonataAdminBundle')
  945. );
  947. return new RedirectResponse($this->admin->generateObjectUrl('acl', $object));
  948. }
  949. }
  950. }
  952. $template = $this->templateRegistry->getTemplate('acl');
  954. /**
  955. * @psalm-suppress DeprecatedMethod
  956. */
  957. return $this->renderWithExtraParams($template, [
  958. 'action' => 'acl',
  959. 'permissions' => $adminObjectAclData->getUserPermissions(),
  960. 'object' => $object,
  961. 'users' => $aclUsers,
  962. 'roles' => $aclRoles,
  963. 'aclUsersForm' => $aclUsersForm->createView(),
  964. 'aclRolesForm' => $aclRolesForm->createView(),
  965. ]);
  966. }
  968. /**
  969. * Contextualize the admin class depends on the current request.
  970. *
  971. * @throws \InvalidArgumentException
  972. */
  973. final public function configureAdmin(Request $request): void
  974. {
  975. $adminFetcher = $this->container->get('sonata.admin.request.fetcher');
  976. \assert($adminFetcher instanceof AdminFetcherInterface);
  978. /** @var AdminInterface<T> $admin */
  979. $admin = $adminFetcher->get($request);
  980. $this->admin = $admin;
  982. if (!$this->admin->hasTemplateRegistry()) {
  983. throw new \RuntimeException(\sprintf(
  984. 'Unable to find the template registry related to the current admin (%s).',
  985. $this->admin->getCode()
  986. ));
  987. }
  989. $this->templateRegistry = $this->admin->getTemplateRegistry();
  990. }
  992. /**
  993. * Add twig globals which are used in every template.
  994. */
  995. final public function setTwigGlobals(Request $request): void
  996. {
  997. $this->setTwigGlobal('admin', $this->admin);
  999. if ($this->isXmlHttpRequest($request)) {
  1000. $baseTemplate = $this->templateRegistry->getTemplate('ajax');
  1001. } else {
  1002. $baseTemplate = $this->templateRegistry->getTemplate('layout');
  1003. }
  1005. $this->setTwigGlobal('base_template', $baseTemplate);
  1006. }
  1008. /**
  1009. * Renders a view while passing mandatory parameters on to the template.
  1010. *
  1011. * @param string $view The view name
  1012. * @param array<string, mixed> $parameters An array of parameters to pass to the view
  1013. *
  1014. * @deprecated since sonata-project/admin-bundle version 4.x
  1015. *
  1016. * NEXT_MAJOR: Remove this method
  1017. */
  1018. final protected function renderWithExtraParams(string $view, array $parameters = [], ?Response $response = null): Response
  1019. {
  1020. /**
  1021. * @psalm-suppress DeprecatedMethod
  1022. */
  1023. return $this->render($view, $this->addRenderExtraParams($parameters), $response);
  1024. }
  1026. /**
  1027. * @param array<string, mixed> $parameters
  1028. *
  1029. * @return array<string, mixed>
  1030. *
  1031. * @deprecated since sonata-project/admin-bundle version 4.x
  1032. *
  1033. * NEXT_MAJOR: Remove this method
  1034. */
  1035. protected function addRenderExtraParams(array $parameters = []): array
  1036. {
  1037. $parameters['admin'] ??= $this->admin;
  1038. /**
  1039. * @psalm-suppress DeprecatedMethod
  1040. */
  1041. $parameters['base_template'] ??= $this->getBaseTemplate();
  1043. return $parameters;
  1044. }
  1046. /**
  1047. * @param mixed[] $headers
  1048. */
  1049. final protected function renderJson(mixed $data, int $status = Response::HTTP_OK, array $headers = []): JsonResponse
  1050. {
  1051. return new JsonResponse($data, $status, $headers);
  1052. }
  1054. /**
  1055. * Returns true if the request is a XMLHttpRequest.
  1056. *
  1057. * @return bool True if the request is an XMLHttpRequest, false otherwise
  1058. */
  1059. final protected function isXmlHttpRequest(Request $request): bool
  1060. {
  1061. return $request->isXmlHttpRequest()
  1062. || $request->request->getBoolean('_xml_http_request')
  1063. || $request->query->getBoolean('_xml_http_request');
  1064. }
  1066. /**
  1067. * Proxy for the logger service of the container.
  1068. * If no such service is found, a NullLogger is returned.
  1069. */
  1070. protected function getLogger(): LoggerInterface
  1071. {
  1072. if ($this->container->has('logger')) {
  1073. $logger = $this->container->get('logger');
  1074. \assert($logger instanceof LoggerInterface);
  1076. return $logger;
  1077. }
  1079. return new NullLogger();
  1080. }
  1082. /**
  1083. * Returns the base template name.
  1084. *
  1085. * @return string The template name
  1086. *
  1087. * @deprecated since sonata-project/admin-bundle version 4.x
  1088. *
  1089. * NEXT_MAJOR: Remove this method
  1090. */
  1091. protected function getBaseTemplate(): string
  1092. {
  1093. $requestStack = $this->container->get('request_stack');
  1094. \assert($requestStack instanceof RequestStack);
  1095. $request = $requestStack->getCurrentRequest();
  1096. \assert(null !== $request);
  1098. if ($this->isXmlHttpRequest($request)) {
  1099. return $this->templateRegistry->getTemplate('ajax');
  1100. }
  1102. return $this->templateRegistry->getTemplate('layout');
  1103. }
  1105. /**
  1106. * @throws \Exception
  1107. *
  1108. * @return string|null A custom error message to display in the flag bag instead of the generic one
  1109. */
  1110. protected function handleModelManagerException(\Exception $exception)
  1111. {
  1112. if ($exception instanceof ModelManagerThrowable) {
  1113. return $this->handleModelManagerThrowable($exception);
  1114. }
  1116. @trigger_error(\sprintf(
  1117. 'The method "%s()" is deprecated since sonata-project/admin-bundle 3.107 and will be removed in 5.0.',
  1118. __METHOD__
  1119. ), \E_USER_DEPRECATED);
  1121. $debug = $this->getParameter('kernel.debug');
  1122. \assert(\is_bool($debug));
  1123. if ($debug) {
  1124. throw $exception;
  1125. }
  1127. $context = ['exception' => $exception];
  1128. if (null !== $exception->getPrevious()) {
  1129. $context['previous_exception_message'] = $exception->getPrevious()->getMessage();
  1130. }
  1131. $this->getLogger()->error($exception->getMessage(), $context);
  1133. return null;
  1134. }
  1136. /**
  1137. * NEXT_MAJOR: Add typehint.
  1138. *
  1139. * @throws ModelManagerThrowable
  1140. *
  1141. * @return string|null A custom error message to display in the flag bag instead of the generic one
  1142. */
  1143. protected function handleModelManagerThrowable(ModelManagerThrowable $exception)
  1144. {
  1145. $debug = $this->getParameter('kernel.debug');
  1146. \assert(\is_bool($debug));
  1147. if ($debug) {
  1148. throw $exception;
  1149. }
  1151. $context = ['exception' => $exception];
  1152. if (null !== $exception->getPrevious()) {
  1153. $context['previous_exception_message'] = $exception->getPrevious()->getMessage();
  1154. }
  1155. $this->getLogger()->error($exception->getMessage(), $context);
  1157. return null;
  1158. }
  1160. /**
  1161. * Redirect the user depend on this choice.
  1162. *
  1163. * @phpstan-param T $object
  1164. */
  1165. protected function redirectTo(Request $request, object $object): RedirectResponse
  1166. {
  1167. if (null !== $request->get('btn_update_and_list')) {
  1168. return $this->redirectToList();
  1169. }
  1170. if (null !== $request->get('btn_create_and_list')) {
  1171. return $this->redirectToList();
  1172. }
  1174. if (null !== $request->get('btn_create_and_create')) {
  1175. $params = [];
  1176. if ($this->admin->hasActiveSubClass()) {
  1177. $params['subclass'] = $request->get('subclass');
  1178. }
  1180. return new RedirectResponse($this->admin->generateUrl('create', $params));
  1181. }
  1183. if (null !== $request->get('btn_delete')) {
  1184. return $this->redirectToList();
  1185. }
  1187. foreach (['edit', 'show'] as $route) {
  1188. if ($this->admin->hasRoute($route) && $this->admin->hasAccess($route, $object)) {
  1189. $url = $this->admin->generateObjectUrl(
  1190. $route,
  1191. $object,
  1192. $this->getSelectedTab($request)
  1193. );
  1195. return new RedirectResponse($url);
  1196. }
  1197. }
  1199. return $this->redirectToList();
  1200. }
  1202. /**
  1203. * Redirects the user to the list view.
  1204. */
  1205. final protected function redirectToList(): RedirectResponse
  1206. {
  1207. $parameters = [];
  1209. $filter = $this->admin->getFilterParameters();
  1210. if ([] !== $filter) {
  1211. $parameters['filter'] = $filter;
  1212. }
  1214. return $this->redirect($this->admin->generateUrl('list', $parameters));
  1215. }
  1217. /**
  1218. * Returns true if the preview is requested to be shown.
  1219. */
  1220. final protected function isPreviewRequested(Request $request): bool
  1221. {
  1222. return null !== $request->get('btn_preview');
  1223. }
  1225. /**
  1226. * Returns true if the preview has been approved.
  1227. */
  1228. final protected function isPreviewApproved(Request $request): bool
  1229. {
  1230. return null !== $request->get('btn_preview_approve');
  1231. }
  1233. /**
  1234. * Returns true if the request is in the preview workflow.
  1235. *
  1236. * That means either a preview is requested or the preview has already been shown
  1237. * and it got approved/declined.
  1238. */
  1239. final protected function isInPreviewMode(Request $request): bool
  1240. {
  1241. return $this->admin->supportsPreviewMode()
  1242. && ($this->isPreviewRequested($request)
  1243. || $this->isPreviewApproved($request)
  1244. || $this->isPreviewDeclined($request));
  1245. }
  1247. /**
  1248. * Returns true if the preview has been declined.
  1249. */
  1250. final protected function isPreviewDeclined(Request $request): bool
  1251. {
  1252. return null !== $request->get('btn_preview_decline');
  1253. }
  1255. /**
  1256. * @return \Traversable<UserInterface|string>
  1257. */
  1258. protected function getAclUsers(): \Traversable
  1259. {
  1260. if (!$this->container->has('sonata.admin.security.acl_user_manager')) {
  1261. return new \ArrayIterator([]);
  1262. }
  1264. $aclUserManager = $this->container->get('sonata.admin.security.acl_user_manager');
  1265. \assert($aclUserManager instanceof AdminAclUserManagerInterface);
  1266. $aclUsers = $aclUserManager->findUsers();
  1268. return \is_array($aclUsers) ? new \ArrayIterator($aclUsers) : $aclUsers;
  1269. }
  1271. /**
  1272. * @return \Traversable<string>
  1273. */
  1274. protected function getAclRoles(): \Traversable
  1275. {
  1276. $aclRoles = [];
  1277. $roleHierarchy = $this->getParameter('security.role_hierarchy.roles');
  1278. \assert(\is_array($roleHierarchy));
  1279. $pool = $this->container->get('sonata.admin.pool');
  1280. \assert($pool instanceof Pool);
  1282. foreach ($pool->getAdminServiceCodes() as $code) {
  1283. try {
  1284. $admin = $pool->getInstance($code);
  1285. } catch (\Exception) {
  1286. continue;
  1287. }
  1289. $baseRole = $admin->getSecurityHandler()->getBaseRole($admin);
  1290. foreach ($admin->getSecurityInformation() as $role => $_permissions) {
  1291. $role = \sprintf($baseRole, $role);
  1292. $aclRoles[] = $role;
  1293. }
  1294. }
  1296. foreach ($roleHierarchy as $name => $roles) {
  1297. $aclRoles[] = $name;
  1298. $aclRoles = array_merge($aclRoles, $roles);
  1299. }
  1301. $aclRoles = array_unique($aclRoles);
  1303. return new \ArrayIterator($aclRoles);
  1304. }
  1306. /**
  1307. * Validate CSRF token for action without form.
  1308. *
  1309. * @throws HttpException
  1310. */
  1311. final protected function validateCsrfToken(Request $request, string $intention): void
  1312. {
  1313. if (!$this->container->has('security.csrf.token_manager')) {
  1314. return;
  1315. }
  1317. $token = $request->get('_sonata_csrf_token');
  1318. $tokenManager = $this->container->get('security.csrf.token_manager');
  1319. \assert($tokenManager instanceof CsrfTokenManagerInterface);
  1321. if (!$tokenManager->isTokenValid(new CsrfToken($intention, $token))) {
  1322. throw new HttpException(Response::HTTP_BAD_REQUEST, 'The csrf token is not valid, CSRF attack?');
  1323. }
  1324. }
  1326. /**
  1327. * Escape string for html output.
  1328. */
  1329. final protected function escapeHtml(string $s): string
  1330. {
  1331. return htmlspecialchars($s, \ENT_QUOTES | \ENT_SUBSTITUTE);
  1332. }
  1334. /**
  1335. * Get CSRF token.
  1336. */
  1337. final protected function getCsrfToken(string $intention): ?string
  1338. {
  1339. if (!$this->container->has('security.csrf.token_manager')) {
  1340. return null;
  1341. }
  1343. $tokenManager = $this->container->get('security.csrf.token_manager');
  1344. \assert($tokenManager instanceof CsrfTokenManagerInterface);
  1346. return $tokenManager->getToken($intention)->getValue();
  1347. }
  1349. /**
  1350. * This method can be overloaded in your custom CRUD controller.
  1351. * It's called from createAction.
  1352. *
  1353. * @phpstan-param T $object
  1354. */
  1355. protected function preCreate(Request $request, object $object): ?Response
  1356. {
  1357. return null;
  1358. }
  1360. /**
  1361. * This method can be overloaded in your custom CRUD controller.
  1362. * It's called from editAction.
  1363. *
  1364. * @phpstan-param T $object
  1365. */
  1366. protected function preEdit(Request $request, object $object): ?Response
  1367. {
  1368. return null;
  1369. }
  1371. /**
  1372. * This method can be overloaded in your custom CRUD controller.
  1373. * It's called from deleteAction.
  1374. *
  1375. * @phpstan-param T $object
  1376. */
  1377. protected function preDelete(Request $request, object $object): ?Response
  1378. {
  1379. return null;
  1380. }
  1382. /**
  1383. * This method can be overloaded in your custom CRUD controller.
  1384. * It's called from showAction.
  1385. *
  1386. * @phpstan-param T $object
  1387. */
  1388. protected function preShow(Request $request, object $object): ?Response
  1389. {
  1390. return null;
  1391. }
  1393. /**
  1394. * This method can be overloaded in your custom CRUD controller.
  1395. * It's called from listAction.
  1396. */
  1397. protected function preList(Request $request): ?Response
  1398. {
  1399. return null;
  1400. }
  1402. /**
  1403. * Translate a message id.
  1404. *
  1405. * @param mixed[] $parameters
  1406. */
  1407. final protected function trans(string $id, array $parameters = [], ?string $domain = null, ?string $locale = null): string
  1408. {
  1409. $domain ??= $this->admin->getTranslationDomain();
  1410. $translator = $this->container->get('translator');
  1411. \assert($translator instanceof TranslatorInterface);
  1413. return $translator->trans($id, $parameters, $domain, $locale);
  1414. }
  1416. protected function handleXmlHttpRequestErrorResponse(Request $request, FormInterface $form): ?JsonResponse
  1417. {
  1418. if ([] === array_intersect(['application/json', '*/*'], $request->getAcceptableContentTypes())) {
  1419. return $this->renderJson([], Response::HTTP_NOT_ACCEPTABLE);
  1420. }
  1422. return $this->json(
  1423. FormErrorIteratorToConstraintViolationList::transform($form->getErrors(true)),
  1424. Response::HTTP_BAD_REQUEST
  1425. );
  1426. }
  1428. /**
  1429. * @phpstan-param T $object
  1430. */
  1431. protected function handleXmlHttpRequestSuccessResponse(Request $request, object $object): JsonResponse
  1432. {
  1433. if ([] === array_intersect(['application/json', '*/*'], $request->getAcceptableContentTypes())) {
  1434. return $this->renderJson([], Response::HTTP_NOT_ACCEPTABLE);
  1435. }
  1437. return $this->renderJson([
  1438. 'result' => 'ok',
  1439. 'objectId' => $this->admin->getNormalizedIdentifier($object),
  1440. 'objectName' => $this->escapeHtml($this->admin->toString($object)),
  1441. ]);
  1442. }
  1444. /**
  1445. * @phpstan-return T|null
  1446. */
  1447. final protected function assertObjectExists(Request $request, bool $strict = false): ?object
  1448. {
  1449. $admin = $this->admin;
  1450. $object = null;
  1452. while (null !== $admin) {
  1453. $objectId = $request->get($admin->getIdParameter());
  1454. if (\is_string($objectId) || \is_int($objectId)) {
  1455. $adminObject = $admin->getObject($objectId);
  1456. if (null === $adminObject) {
  1457. throw $this->createNotFoundException(\sprintf(
  1458. 'Unable to find %s object with id: %s.',
  1459. $admin->getClassnameLabel(),
  1460. $objectId
  1461. ));
  1462. }
  1463. if (null === $object) {
  1464. /** @phpstan-var T $object */
  1465. $object = $adminObject;
  1466. }
  1467. } elseif ($strict || $admin !== $this->admin) {
  1468. throw $this->createNotFoundException(\sprintf(
  1469. 'Unable to find the %s object id of the admin "%s".',
  1470. $admin->getClassnameLabel(),
  1471. $admin::class
  1472. ));
  1473. }
  1475. $admin = $admin->isChild() ? $admin->getParent() : null;
  1476. }
  1478. return $object;
  1479. }
  1481. /**
  1482. * @return array{_tab?: string}
  1483. */
  1484. final protected function getSelectedTab(Request $request): array
  1485. {
  1486. $tab = (string) $request->request->get('_tab');
  1487. if ('' === $tab) {
  1488. return [];
  1489. }
  1491. return ['_tab' => $tab];
  1492. }
  1494. /**
  1495. * Sets the admin form theme to form view. Used for compatibility between Symfony versions.
  1496. *
  1497. * @param string[]|null $theme
  1498. */
  1499. final protected function setFormTheme(FormView $formView, ?array $theme = null): void
  1500. {
  1501. $twig = $this->container->get('twig');
  1502. \assert($twig instanceof Environment);
  1504. $formRenderer = $twig->getRuntime(FormRenderer::class);
  1505. $formRenderer->setTheme($formView, $theme);
  1506. }
  1508. /**
  1509. * @phpstan-param T $object
  1510. */
  1511. final protected function checkParentChildAssociation(Request $request, object $object): void
  1512. {
  1513. if (!$this->admin->isChild()) {
  1514. return;
  1515. }
  1517. $parentAdmin = $this->admin->getParent();
  1518. $parentId = $request->get($parentAdmin->getIdParameter());
  1519. \assert(\is_string($parentId) || \is_int($parentId));
  1521. $parentAdminObject = $parentAdmin->getObject($parentId);
  1522. if (null === $parentAdminObject) {
  1523. throw new \RuntimeException(\sprintf(
  1524. 'No object was found in the admin "%s" for the id "%s".',
  1525. $parentAdmin::class,
  1526. $parentId
  1527. ));
  1528. }
  1530. $parentAssociationMapping = $this->admin->getParentAssociationMapping();
  1531. if (null === $parentAssociationMapping) {
  1532. return;
  1533. }
  1535. $propertyAccessor = PropertyAccess::createPropertyAccessor();
  1536. $propertyPath = new PropertyPath($parentAssociationMapping);
  1537. $objectParent = $propertyAccessor->getValue($object, $propertyPath);
  1539. // $objectParent may be an array or a Collection when the parent association is many to many.
  1540. $parentObjectMatches = $this->equalsOrContains($objectParent, $parentAdminObject);
  1542. if (!$parentObjectMatches) {
  1543. throw new \RuntimeException(\sprintf(
  1544. 'There is no association between "%s" and "%s"',
  1545. $parentAdmin->toString($parentAdminObject),
  1546. $this->admin->toString($object)
  1547. ));
  1548. }
  1549. }
  1551. private function setTwigGlobal(string $name, mixed $value): void
  1552. {
  1553. $twig = $this->container->get('twig');
  1554. \assert($twig instanceof Environment);
  1556. try {
  1557. $twig->addGlobal($name, $value);
  1558. } catch (\LogicException) {
  1559. // Variable already set
  1560. }
  1561. }
  1563. private function getBatchActionExecutable(string $action): callable
  1564. {
  1565. $batchActions = $this->admin->getBatchActions();
  1566. if (!\array_key_exists($action, $batchActions)) {
  1567. throw new \RuntimeException(\sprintf('The `%s` batch action is not defined', $action));
  1568. }
  1570. $controller = $batchActions[$action]['controller'] ?? \sprintf(
  1571. '%s::%s',
  1572. $this->admin->getBaseControllerName(),
  1573. \sprintf('batchAction%s', (new UnicodeString($action))->camel()->title(true)->toString())
  1574. );
  1576. // This will throw an exception when called so we know if it's possible or not to call the controller.
  1577. $exists = false !== $this->container
  1578. ->get('controller_resolver')
  1579. ->getController(new Request([], [], ['_controller' => $controller]));
  1581. if (!$exists) {
  1582. throw new \RuntimeException(\sprintf('Controller for action `%s` cannot be resolved', $action));
  1583. }
  1585. return function (ProxyQueryInterface $query, Request $request) use ($controller): Response {
  1586. $request->attributes->set('_controller', $controller);
  1587. $request->attributes->set('query', $query);
  1589. return $this->container->get('http_kernel')->handle($request, HttpKernelInterface::SUB_REQUEST);
  1590. };
  1591. }
  1593. /**
  1594. * Checks whether $needle is equal to $haystack or part of it.
  1595. *
  1596. * @param object|iterable<object> $haystack
  1597. *
  1598. * @return bool true when $haystack equals $needle or $haystack is iterable and contains $needle
  1599. */
  1600. private function equalsOrContains($haystack, object $needle): bool
  1601. {
  1602. if ($needle === $haystack) {
  1603. return true;
  1604. }
  1606. if (is_iterable($haystack)) {
  1607. foreach ($haystack as $haystackItem) {
  1608. if ($haystackItem === $needle) {
  1609. return true;
  1610. }
  1611. }
  1612. }
  1614. return false;
  1615. }
  1616. }