<?phpnamespace App\EventListener;use App\Controller\User\Me\RoleController;use Symfony\Component\HttpKernel\Event\RequestEvent;use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;class UserRoleListener{ private AuthorizationCheckerInterface $authorizationChecker; private TokenStorageInterface $tokenStorage; public function __construct( AuthorizationCheckerInterface $authorizationChecker, TokenStorageInterface $tokenStorage ) { $this->authorizationChecker = $authorizationChecker; $this->tokenStorage = $tokenStorage; } public function __invoke(RequestEvent $event) { $request = $event->getRequest(); if ('/api/app/supplier-requests' == $request->server->get('REQUEST_URI')) { return; } if ('/api/user/me/forgot-password' == $request->server->get('REQUEST_URI')) { return; } if ( null === $this->tokenStorage->getToken() || !$this->tokenStorage->getToken()->isAuthenticated() ) { return; } if (RoleController::class === $request->attributes->get('_controller')) { return; } if (!$request->headers->has('x-user-role')) { throw new AccessDeniedHttpException(); } $authorizationCheck = $this->authorizationChecker ->isGranted($request->headers->get('x-user-role')); if (!$authorizationCheck) { throw new AccessDeniedHttpException(); } $request->attributes->set('userRole', $request->headers->get('x-user-role')); }}