vendor/sonata-project/admin-bundle/src/Controller/CRUDController.php line 281

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. /*
  6.  * This file is part of the Sonata Project package.
  7.  *
  8.  * (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
  9.  *
  10.  * For the full copyright and license information, please view the LICENSE
  11.  * file that was distributed with this source code.
  12.  */
  14. namespace Sonata\AdminBundle\Controller;
  16. use Psr\Log\LoggerInterface;
  17. use Psr\Log\NullLogger;
  18. use Sonata\AdminBundle\Admin\AdminInterface;
  19. use Sonata\AdminBundle\Admin\Pool;
  20. use Sonata\AdminBundle\Bridge\Exporter\AdminExporter;
  21. use Sonata\AdminBundle\Datagrid\ProxyQueryInterface;
  22. use Sonata\AdminBundle\Exception\BadRequestParamHttpException;
  23. use Sonata\AdminBundle\Exception\LockException;
  24. use Sonata\AdminBundle\Exception\ModelManagerException;
  25. use Sonata\AdminBundle\Exception\ModelManagerThrowable;
  26. use Sonata\AdminBundle\Form\FormErrorIteratorToConstraintViolationList;
  27. use Sonata\AdminBundle\Model\AuditManagerInterface;
  28. use Sonata\AdminBundle\Request\AdminFetcherInterface;
  29. use Sonata\AdminBundle\Templating\TemplateRegistryInterface;
  30. use Sonata\AdminBundle\Util\AdminAclUserManagerInterface;
  31. use Sonata\AdminBundle\Util\AdminObjectAclData;
  32. use Sonata\AdminBundle\Util\AdminObjectAclManipulator;
  33. use Sonata\Exporter\ExporterInterface;
  34. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  35. use Symfony\Component\Form\FormInterface;
  36. use Symfony\Component\Form\FormRenderer;
  37. use Symfony\Component\Form\FormView;
  38. use Symfony\Component\HttpFoundation\JsonResponse;
  39. use Symfony\Component\HttpFoundation\RedirectResponse;
  40. use Symfony\Component\HttpFoundation\Request;
  41. use Symfony\Component\HttpFoundation\RequestStack;
  42. use Symfony\Component\HttpFoundation\Response;
  43. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  44. use Symfony\Component\HttpKernel\Exception\HttpException;
  45. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  46. use Symfony\Component\HttpKernel\HttpKernelInterface;
  47. use Symfony\Component\PropertyAccess\PropertyAccess;
  48. use Symfony\Component\PropertyAccess\PropertyPath;
  49. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  50. use Symfony\Component\Security\Core\User\UserInterface;
  51. use Symfony\Component\Security\Csrf\CsrfToken;
  52. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  53. use Symfony\Component\String\UnicodeString;
  54. use Symfony\Contracts\Translation\TranslatorInterface;
  55. use Twig\Environment;
  57. /**
  58.  * @author Thomas Rabaix <thomas.rabaix@sonata-project.org>
  59.  *
  60.  * @phpstan-template T of object
  61.  *
  62.  * @psalm-suppress MissingConstructor
  63.  *
  64.  * @see ConfigureCRUDControllerListener
  65.  */
  66. class CRUDController extends AbstractController
  67. {
  68.     /**
  69.      * The related Admin class.
  70.      *
  71.      * @var AdminInterface<object>
  72.      *
  73.      * @phpstan-var AdminInterface<T>
  74.      *
  75.      * @psalm-suppress PropertyNotSetInConstructor
  76.      */
  77.     protected $admin;
  79.     /**
  80.      * The template registry of the related Admin class.
  81.      *
  82.      * @psalm-suppress PropertyNotSetInConstructor
  83.      * @phpstan-ignore-next-line
  84.      */
  85.     private TemplateRegistryInterface $templateRegistry;
  87.     public static function getSubscribedServices(): array
  88.     {
  89.         return [
  90.             'sonata.admin.pool' => Pool::class,
  91.             'sonata.admin.audit.manager' => AuditManagerInterface::class,
  92.             'sonata.admin.object.manipulator.acl.admin' => AdminObjectAclManipulator::class,
  93.             'sonata.admin.request.fetcher' => AdminFetcherInterface::class,
  94.             'sonata.exporter.exporter' => '?'.ExporterInterface::class,
  95.             'sonata.admin.admin_exporter' => '?'.AdminExporter::class,
  96.             'sonata.admin.security.acl_user_manager' => '?'.AdminAclUserManagerInterface::class,
  98.             'controller_resolver' => 'controller_resolver',
  99.             'http_kernel' => HttpKernelInterface::class,
  100.             'logger' => '?'.LoggerInterface::class,
  101.             'translator' => TranslatorInterface::class,
  102.         ] + parent::getSubscribedServices();
  103.     }
  105.     /**
  106.      * @throws AccessDeniedException If access is not granted
  107.      */
  108.     public function listAction(Request $request): Response
  109.     {
  110.         $this->assertObjectExists($request);
  112.         $this->admin->checkAccess('list');
  114.         $preResponse $this->preList($request);
  115.         if (null !== $preResponse) {
  116.             return $preResponse;
  117.         }
  119.         $listMode $request->get('_list_mode');
  120.         if (\is_string($listMode)) {
  121.             $this->admin->setListMode($listMode);
  122.         }
  124.         $datagrid $this->admin->getDatagrid();
  125.         $formView $datagrid->getForm()->createView();
  127.         // set the theme for the current Admin Form
  128.         $this->setFormTheme($formView$this->admin->getFilterTheme());
  130.         $template $this->templateRegistry->getTemplate('list');
  132.         if ($this->container->has('sonata.admin.admin_exporter')) {
  133.             $exporter $this->container->get('sonata.admin.admin_exporter');
  134.             \assert($exporter instanceof AdminExporter);
  135.             $exportFormats $exporter->getAvailableFormats($this->admin);
  136.         }
  138.         /**
  139.          * @psalm-suppress DeprecatedMethod
  140.          */
  141.         return $this->renderWithExtraParams($template, [
  142.             'action' => 'list',
  143.             'form' => $formView,
  144.             'datagrid' => $datagrid,
  145.             'csrf_token' => $this->getCsrfToken('sonata.batch'),
  146.             'export_formats' => $exportFormats ?? $this->admin->getExportFormats(),
  147.         ]);
  148.     }
  150.     /**
  151.      * NEXT_MAJOR: Change signature to `(ProxyQueryInterface $query, Request $request).
  152.      *
  153.      * Execute a batch delete.
  154.      *
  155.      * @throws AccessDeniedException If access is not granted
  156.      *
  157.      * @phpstan-param ProxyQueryInterface<T> $query
  158.      */
  159.     public function batchActionDelete(ProxyQueryInterface $query): Response
  160.     {
  161.         $this->admin->checkAccess('batchDelete');
  163.         $modelManager $this->admin->getModelManager();
  165.         try {
  166.             $modelManager->batchDelete($this->admin->getClass(), $query);
  167.             $this->addFlash(
  168.                 'sonata_flash_success',
  169.                 $this->trans('flash_batch_delete_success', [], 'SonataAdminBundle')
  170.             );
  171.         } catch (ModelManagerException $e) {
  172.             // NEXT_MAJOR: Remove this catch.
  173.             $errorMessage $this->handleModelManagerException($e);
  174.             $this->addFlash(
  175.                 'sonata_flash_error',
  176.                 $errorMessage ?? $this->trans('flash_batch_delete_error', [], 'SonataAdminBundle')
  177.             );
  178.         } catch (ModelManagerThrowable $e) {
  179.             $errorMessage $this->handleModelManagerThrowable($e);
  181.             $this->addFlash(
  182.                 'sonata_flash_error',
  183.                 $errorMessage ?? $this->trans('flash_batch_delete_error', [], 'SonataAdminBundle')
  184.             );
  185.         }
  187.         return $this->redirectToList();
  188.     }
  190.     /**
  191.      * @throws NotFoundHttpException If the object does not exist
  192.      * @throws AccessDeniedException If access is not granted
  193.      */
  194.     public function deleteAction(Request $request): Response
  195.     {
  196.         $object $this->assertObjectExists($requesttrue);
  197.         \assert(null !== $object);
  199.         $this->checkParentChildAssociation($request$object);
  201.         $this->admin->checkAccess('delete'$object);
  203.         $preResponse $this->preDelete($request$object);
  204.         if (null !== $preResponse) {
  205.             return $preResponse;
  206.         }
  208.         if (\in_array($request->getMethod(), [Request::METHOD_POSTRequest::METHOD_DELETE], true)) {
  209.             // check the csrf token
  210.             $this->validateCsrfToken($request'sonata.delete');
  212.             $objectName $this->admin->toString($object);
  214.             try {
  215.                 $this->admin->delete($object);
  217.                 if ($this->isXmlHttpRequest($request)) {
  218.                     return $this->renderJson(['result' => 'ok']);
  219.                 }
  221.                 $this->addFlash(
  222.                     'sonata_flash_success',
  223.                     $this->trans(
  224.                         'flash_delete_success',
  225.                         ['%name%' => $this->escapeHtml($objectName)],
  226.                         'SonataAdminBundle'
  227.                     )
  228.                 );
  229.             } catch (ModelManagerException $e) {
  230.                 // NEXT_MAJOR: Remove this catch.
  231.                 $errorMessage $this->handleModelManagerException($e);
  233.                 if ($this->isXmlHttpRequest($request)) {
  234.                     return $this->renderJson(['result' => 'error']);
  235.                 }
  237.                 $this->addFlash(
  238.                     'sonata_flash_error',
  239.                     $errorMessage ?? $this->trans(
  240.                         'flash_delete_error',
  241.                         ['%name%' => $this->escapeHtml($objectName)],
  242.                         'SonataAdminBundle'
  243.                     )
  244.                 );
  245.             } catch (ModelManagerThrowable $e) {
  246.                 $errorMessage $this->handleModelManagerThrowable($e);
  248.                 if ($this->isXmlHttpRequest($request)) {
  249.                     return $this->renderJson(['result' => 'error'], Response::HTTP_OK, []);
  250.                 }
  252.                 $this->addFlash(
  253.                     'sonata_flash_error',
  254.                     $errorMessage ?? $this->trans(
  255.                         'flash_delete_error',
  256.                         ['%name%' => $this->escapeHtml($objectName)],
  257.                         'SonataAdminBundle'
  258.                     )
  259.                 );
  260.             }
  262.             return $this->redirectTo($request$object);
  263.         }
  265.         $template $this->templateRegistry->getTemplate('delete');
  267.         /**
  268.          * @psalm-suppress DeprecatedMethod
  269.          */
  270.         return $this->renderWithExtraParams($template, [
  271.             'object' => $object,
  272.             'action' => 'delete',
  273.             'csrf_token' => $this->getCsrfToken('sonata.delete'),
  274.         ]);
  275.     }
  277.     /**
  278.      * @throws NotFoundHttpException If the object does not exist
  279.      * @throws AccessDeniedException If access is not granted
  280.      */
  281.     public function editAction(Request $request): Response
  282.     {
  283.         // the key used to lookup the template
  284.         $templateKey 'edit';
  286.         $existingObject $this->assertObjectExists($requesttrue);
  287.         \assert(null !== $existingObject);
  289.         $this->checkParentChildAssociation($request$existingObject);
  291.         $this->admin->checkAccess('edit'$existingObject);
  293.         $preResponse $this->preEdit($request$existingObject);
  294.         if (null !== $preResponse) {
  295.             return $preResponse;
  296.         }
  297.         $this->admin->setSubject($existingObject);
  298.         $objectId $this->admin->getNormalizedIdentifier($existingObject);
  299.         \assert(null !== $objectId);
  301.         $form $this->admin->getForm();
  303.         $form->setData($existingObject);
  304.         $form->handleRequest($request);
  306.         if ($form->isSubmitted()) {
  307.             $isFormValid $form->isValid();
  309.             // persist if the form was valid and if in preview mode the preview was approved
  310.             if ($isFormValid && (!$this->isInPreviewMode($request) || $this->isPreviewApproved($request))) {
  311.                 /** @phpstan-var T $submittedObject */
  312.                 $submittedObject $form->getData();
  313.                 $this->admin->setSubject($submittedObject);
  315.                 try {
  316.                     $existingObject $this->admin->update($submittedObject);
  318.                     if ($this->isXmlHttpRequest($request)) {
  319.                         return $this->handleXmlHttpRequestSuccessResponse($request$existingObject);
  320.                     }
  322.                     $this->addFlash(
  323.                         'sonata_flash_success',
  324.                         $this->trans(
  325.                             'flash_edit_success',
  326.                             ['%name%' => $this->escapeHtml($this->admin->toString($existingObject))],
  327.                             'SonataAdminBundle'
  328.                         )
  329.                     );
  331.                     // redirect to edit mode
  332.                     return $this->redirectTo($request$existingObject);
  333.                 } catch (ModelManagerException $e) {
  334.                     // NEXT_MAJOR: Remove this catch.
  335.                     $errorMessage $this->handleModelManagerException($e);
  337.                     $isFormValid false;
  338.                 } catch (ModelManagerThrowable $e) {
  339.                     $errorMessage $this->handleModelManagerThrowable($e);
  341.                     $isFormValid false;
  342.                 } catch (LockException) {
  343.                     $this->addFlash('sonata_flash_error'$this->trans('flash_lock_error', [
  344.                         '%name%' => $this->escapeHtml($this->admin->toString($existingObject)),
  345.                         '%link_start%' => \sprintf('<a href="%s">'$this->admin->generateObjectUrl('edit'$existingObject)),
  346.                         '%link_end%' => '</a>',
  347.                     ], 'SonataAdminBundle'));
  348.                 }
  349.             }
  351.             // show an error message if the form failed validation
  352.             if (!$isFormValid) {
  353.                 if ($this->isXmlHttpRequest($request) && null !== ($response $this->handleXmlHttpRequestErrorResponse($request$form))) {
  354.                     return $response;
  355.                 }
  357.                 $this->addFlash(
  358.                     'sonata_flash_error',
  359.                     $errorMessage ?? $this->trans(
  360.                         'flash_edit_error',
  361.                         ['%name%' => $this->escapeHtml($this->admin->toString($existingObject))],
  362.                         'SonataAdminBundle'
  363.                     )
  364.                 );
  365.             } elseif ($this->isPreviewRequested($request)) {
  366.                 // enable the preview template if the form was valid and preview was requested
  367.                 $templateKey 'preview';
  368.                 $this->admin->getShow();
  369.             }
  370.         }
  372.         $formView $form->createView();
  373.         // set the theme for the current Admin Form
  374.         $this->setFormTheme($formView$this->admin->getFormTheme());
  376.         $template $this->templateRegistry->getTemplate($templateKey);
  378.         /**
  379.          * @psalm-suppress DeprecatedMethod
  380.          */
  381.         return $this->renderWithExtraParams($template, [
  382.             'action' => 'edit',
  383.             'form' => $formView,
  384.             'object' => $existingObject,
  385.             'objectId' => $objectId,
  386.         ]);
  387.     }
  389.     /**
  390.      * @throws NotFoundHttpException If the HTTP method is not POST
  391.      * @throws \RuntimeException     If the batch action is not defined
  392.      */
  393.     public function batchAction(Request $request): Response
  394.     {
  395.         $restMethod $request->getMethod();
  397.         if (Request::METHOD_POST !== $restMethod) {
  398.             throw $this->createNotFoundException(\sprintf(
  399.                 'Invalid request method given "%s", %s expected',
  400.                 $restMethod,
  401.                 Request::METHOD_POST
  402.             ));
  403.         }
  405.         // check the csrf token
  406.         $this->validateCsrfToken($request'sonata.batch');
  408.         $confirmation $request->get('confirmation'false);
  410.         $forwardedRequest $request->duplicate();
  412.         $encodedData $request->get('data');
  414.         if (null === $encodedData) {
  415.             $action $forwardedRequest->request->get('action');
  416.             $bag $request->request;
  417.             $idx $bag->all('idx');
  418.             $allElements $forwardedRequest->request->getBoolean('all_elements');
  420.             $forwardedRequest->request->set('idx'$idx);
  421.             $forwardedRequest->request->set('all_elements', (string) $allElements);
  423.             $data $forwardedRequest->request->all();
  424.             $data['all_elements'] = $allElements;
  426.             unset($data['_sonata_csrf_token']);
  427.         } else {
  428.             if (!\is_string($encodedData)) {
  429.                 throw new BadRequestParamHttpException('data''string'$encodedData);
  430.             }
  432.             try {
  433.                 $data json_decode($encodedDatatrue512\JSON_THROW_ON_ERROR);
  434.             } catch (\JsonException) {
  435.                 throw new BadRequestHttpException('Unable to decode batch data');
  436.             }
  438.             $action $data['action'];
  439.             $idx = (array) ($data['idx'] ?? []);
  440.             $allElements = (bool) ($data['all_elements'] ?? false);
  441.             $forwardedRequest->request->replace(array_merge($forwardedRequest->request->all(), $data));
  442.         }
  444.         if (!\is_string($action)) {
  445.             throw new \RuntimeException('The action is not defined');
  446.         }
  448.         $camelizedAction = (new UnicodeString($action))->camel()->title(true)->toString();
  450.         try {
  451.             $batchActionExecutable $this->getBatchActionExecutable($action);
  452.         } catch (\Throwable $error) {
  453.             $finalAction \sprintf('batchAction%s'$camelizedAction);
  454.             throw new \RuntimeException(\sprintf('A `%s::%s` method must be callable or create a `controller` configuration for your batch action.'$this->admin->getBaseControllerName(), $finalAction), 0$error);
  455.         }
  457.         $batchAction $this->admin->getBatchActions()[$action];
  459.         $isRelevantAction \sprintf('batchAction%sIsRelevant'$camelizedAction);
  461.         if (method_exists($this$isRelevantAction)) {
  462.             // NEXT_MAJOR: Remove if above in sonata-project/admin-bundle 5.0
  463.             @trigger_error(\sprintf(
  464.                 'The is relevant hook via "%s()" is deprecated since sonata-project/admin-bundle 4.12'
  465.                 .' and will not be call in 5.0. Move the logic to your controller.',
  466.                 $isRelevantAction,
  467.             ), \E_USER_DEPRECATED);
  468.             $nonRelevantMessage $this->$isRelevantAction($idx$allElements$forwardedRequest);
  469.         } else {
  470.             $nonRelevantMessage !== \count($idx) || $allElements// at least one item is selected
  471.         }
  473.         if (!\is_string($nonRelevantMessage) && true !== $nonRelevantMessage) { // default non relevant message
  474.             $nonRelevantMessage 'flash_batch_empty';
  475.         }
  477.         $datagrid $this->admin->getDatagrid();
  478.         $datagrid->buildPager();
  480.         if (\is_string($nonRelevantMessage)) {
  481.             $this->addFlash(
  482.                 'sonata_flash_info',
  483.                 $this->trans($nonRelevantMessage, [], 'SonataAdminBundle')
  484.             );
  486.             return $this->redirectToList();
  487.         }
  489.         $askConfirmation $batchAction['ask_confirmation'] ?? true;
  491.         if (true === $askConfirmation && 'ok' !== $confirmation) {
  492.             $actionLabel $batchAction['label'];
  493.             $batchTranslationDomain $batchAction['translation_domain'] ??
  494.                 $this->admin->getTranslationDomain();
  496.             $formView $datagrid->getForm()->createView();
  497.             $this->setFormTheme($formView$this->admin->getFilterTheme());
  499.             $template $batchAction['template'] ?? $this->templateRegistry->getTemplate('batch_confirmation');
  501.             /**
  502.              * @psalm-suppress DeprecatedMethod
  503.              */
  504.             return $this->renderWithExtraParams($template, [
  505.                 'action' => 'list',
  506.                 'action_label' => $actionLabel,
  507.                 'batch_translation_domain' => $batchTranslationDomain,
  508.                 'datagrid' => $datagrid,
  509.                 'form' => $formView,
  510.                 'data' => $data,
  511.                 'csrf_token' => $this->getCsrfToken('sonata.batch'),
  512.             ]);
  513.         }
  515.         $query $datagrid->getQuery();
  517.         $query->setFirstResult(null);
  518.         $query->setMaxResults(null);
  520.         $this->admin->preBatchAction($action$query$idx$allElements);
  521.         foreach ($this->admin->getExtensions() as $extension) {
  522.             // NEXT_MAJOR: Remove the if-statement around the call to `$extension->preBatchAction()`
  523.             if (method_exists($extension'preBatchAction')) {
  524.                 $extension->preBatchAction($this->admin$action$query$idx$allElements);
  525.             }
  526.         }
  528.         if (!$allElements) {
  529.             if (\count($idx) > 0) {
  530.                 $this->admin->getModelManager()->addIdentifiersToQuery($this->admin->getClass(), $query$idx);
  531.             } else {
  532.                 $this->addFlash(
  533.                     'sonata_flash_info',
  534.                     $this->trans('flash_batch_no_elements_processed', [], 'SonataAdminBundle')
  535.                 );
  537.                 return $this->redirectToList();
  538.             }
  539.         }
  541.         return \call_user_func($batchActionExecutable$query$forwardedRequest);
  542.     }
  544.     /**
  545.      * @throws AccessDeniedException If access is not granted
  546.      */
  547.     public function createAction(Request $request): Response
  548.     {
  549.         $this->assertObjectExists($request);
  551.         $this->admin->checkAccess('create');
  553.         // the key used to lookup the template
  554.         $templateKey 'edit';
  556.         $class = new \ReflectionClass($this->admin->hasActiveSubClass() ? $this->admin->getActiveSubClass() : $this->admin->getClass());
  558.         if ($class->isAbstract()) {
  559.             /**
  560.              * @psalm-suppress DeprecatedMethod
  561.              */
  562.             return $this->renderWithExtraParams(
  563.                 '@SonataAdmin/CRUD/select_subclass.html.twig',
  564.                 [
  565.                     'action' => 'create',
  566.                 ],
  567.             );
  568.         }
  570.         $newObject $this->admin->getNewInstance();
  572.         $preResponse $this->preCreate($request$newObject);
  573.         if (null !== $preResponse) {
  574.             return $preResponse;
  575.         }
  577.         $this->admin->setSubject($newObject);
  579.         $form $this->admin->getForm();
  581.         $form->setData($newObject);
  582.         $form->handleRequest($request);
  584.         if ($form->isSubmitted()) {
  585.             $isFormValid $form->isValid();
  587.             // persist if the form was valid and if in preview mode the preview was approved
  588.             if ($isFormValid && (!$this->isInPreviewMode($request) || $this->isPreviewApproved($request))) {
  589.                 /** @phpstan-var T $submittedObject */
  590.                 $submittedObject $form->getData();
  591.                 $this->admin->setSubject($submittedObject);
  593.                 try {
  594.                     $newObject $this->admin->create($submittedObject);
  596.                     if ($this->isXmlHttpRequest($request)) {
  597.                         return $this->handleXmlHttpRequestSuccessResponse($request$newObject);
  598.                     }
  600.                     $this->addFlash(
  601.                         'sonata_flash_success',
  602.                         $this->trans(
  603.                             'flash_create_success',
  604.                             ['%name%' => $this->escapeHtml($this->admin->toString($newObject))],
  605.                             'SonataAdminBundle'
  606.                         )
  607.                     );
  609.                     // redirect to edit mode
  610.                     return $this->redirectTo($request$newObject);
  611.                 } catch (ModelManagerException $e) {
  612.                     // NEXT_MAJOR: Remove this catch.
  613.                     $errorMessage $this->handleModelManagerException($e);
  615.                     $isFormValid false;
  616.                 } catch (ModelManagerThrowable $e) {
  617.                     $errorMessage $this->handleModelManagerThrowable($e);
  619.                     $isFormValid false;
  620.                 }
  621.             }
  623.             // show an error message if the form failed validation
  624.             if (!$isFormValid) {
  625.                 if ($this->isXmlHttpRequest($request) && null !== ($response $this->handleXmlHttpRequestErrorResponse($request$form))) {
  626.                     return $response;
  627.                 }
  629.                 $this->addFlash(
  630.                     'sonata_flash_error',
  631.                     $errorMessage ?? $this->trans(
  632.                         'flash_create_error',
  633.                         ['%name%' => $this->escapeHtml($this->admin->toString($newObject))],
  634.                         'SonataAdminBundle'
  635.                     )
  636.                 );
  637.             } elseif ($this->isPreviewRequested($request)) {
  638.                 // pick the preview template if the form was valid and preview was requested
  639.                 $templateKey 'preview';
  640.                 $this->admin->getShow();
  641.             }
  642.         }
  644.         $formView $form->createView();
  645.         // set the theme for the current Admin Form
  646.         $this->setFormTheme($formView$this->admin->getFormTheme());
  648.         $template $this->templateRegistry->getTemplate($templateKey);
  650.         /**
  651.          * @psalm-suppress DeprecatedMethod
  652.          */
  653.         return $this->renderWithExtraParams($template, [
  654.             'action' => 'create',
  655.             'form' => $formView,
  656.             'object' => $newObject,
  657.             'objectId' => null,
  658.         ]);
  659.     }
  661.     /**
  662.      * @throws NotFoundHttpException If the object does not exist
  663.      * @throws AccessDeniedException If access is not granted
  664.      */
  665.     public function showAction(Request $request): Response
  666.     {
  667.         $object $this->assertObjectExists($requesttrue);
  668.         \assert(null !== $object);
  670.         $this->checkParentChildAssociation($request$object);
  672.         $this->admin->checkAccess('show'$object);
  674.         $preResponse $this->preShow($request$object);
  675.         if (null !== $preResponse) {
  676.             return $preResponse;
  677.         }
  679.         $this->admin->setSubject($object);
  681.         $fields $this->admin->getShow();
  683.         $template $this->templateRegistry->getTemplate('show');
  685.         /**
  686.          * @psalm-suppress DeprecatedMethod
  687.          */
  688.         return $this->renderWithExtraParams($template, [
  689.             'action' => 'show',
  690.             'object' => $object,
  691.             'elements' => $fields,
  692.         ]);
  693.     }
  695.     /**
  696.      * Show history revisions for object.
  697.      *
  698.      * @throws AccessDeniedException If access is not granted
  699.      * @throws NotFoundHttpException If the object does not exist or the audit reader is not available
  700.      */
  701.     public function historyAction(Request $request): Response
  702.     {
  703.         $object $this->assertObjectExists($requesttrue);
  704.         \assert(null !== $object);
  705.         $this->admin->checkAccess('history'$object);
  707.         $objectId $this->admin->getNormalizedIdentifier($object);
  708.         \assert(null !== $objectId);
  710.         $manager $this->container->get('sonata.admin.audit.manager');
  711.         \assert($manager instanceof AuditManagerInterface);
  713.         if (!$manager->hasReader($this->admin->getClass())) {
  714.             throw $this->createNotFoundException(\sprintf(
  715.                 'unable to find the audit reader for class : %s',
  716.                 $this->admin->getClass()
  717.             ));
  718.         }
  720.         $reader $manager->getReader($this->admin->getClass());
  722.         $revisions $reader->findRevisions($this->admin->getClass(), $objectId);
  724.         $template $this->templateRegistry->getTemplate('history');
  726.         /**
  727.          * @psalm-suppress DeprecatedMethod
  728.          */
  729.         return $this->renderWithExtraParams($template, [
  730.             'action' => 'history',
  731.             'object' => $object,
  732.             'revisions' => $revisions,
  733.             'currentRevision' => current($revisions),
  734.         ]);
  735.     }
  737.     /**
  738.      * View history revision of object.
  739.      *
  740.      * @throws AccessDeniedException If access is not granted
  741.      * @throws NotFoundHttpException If the object or revision does not exist or the audit reader is not available
  742.      */
  743.     public function historyViewRevisionAction(Request $requeststring $revision): Response
  744.     {
  745.         $object $this->assertObjectExists($requesttrue);
  746.         \assert(null !== $object);
  747.         $this->admin->checkAccess('historyViewRevision'$object);
  749.         $objectId $this->admin->getNormalizedIdentifier($object);
  750.         \assert(null !== $objectId);
  752.         $manager $this->container->get('sonata.admin.audit.manager');
  753.         \assert($manager instanceof AuditManagerInterface);
  755.         if (!$manager->hasReader($this->admin->getClass())) {
  756.             throw $this->createNotFoundException(\sprintf(
  757.                 'unable to find the audit reader for class : %s',
  758.                 $this->admin->getClass()
  759.             ));
  760.         }
  762.         $reader $manager->getReader($this->admin->getClass());
  764.         // retrieve the revisioned object
  765.         $object $reader->find($this->admin->getClass(), $objectId$revision);
  767.         if (null === $object) {
  768.             throw $this->createNotFoundException(\sprintf(
  769.                 'unable to find the targeted object `%s` from the revision `%s` with classname : `%s`',
  770.                 $objectId,
  771.                 $revision,
  772.                 $this->admin->getClass()
  773.             ));
  774.         }
  776.         $this->admin->setSubject($object);
  778.         $template $this->templateRegistry->getTemplate('show');
  780.         /**
  781.          * @psalm-suppress DeprecatedMethod
  782.          */
  783.         return $this->renderWithExtraParams($template, [
  784.             'action' => 'show',
  785.             'object' => $object,
  786.             'elements' => $this->admin->getShow(),
  787.         ]);
  788.     }
  790.     /**
  791.      * Compare history revisions of object.
  792.      *
  793.      * @throws AccessDeniedException If access is not granted
  794.      * @throws NotFoundHttpException If the object or revision does not exist or the audit reader is not available
  795.      */
  796.     public function historyCompareRevisionsAction(Request $requeststring $baseRevisionstring $compareRevision): Response
  797.     {
  798.         $this->admin->checkAccess('historyCompareRevisions');
  800.         $object $this->assertObjectExists($requesttrue);
  801.         \assert(null !== $object);
  802.         $objectId $this->admin->getNormalizedIdentifier($object);
  803.         \assert(null !== $objectId);
  805.         $manager $this->container->get('sonata.admin.audit.manager');
  806.         \assert($manager instanceof AuditManagerInterface);
  808.         if (!$manager->hasReader($this->admin->getClass())) {
  809.             throw $this->createNotFoundException(\sprintf(
  810.                 'unable to find the audit reader for class : %s',
  811.                 $this->admin->getClass()
  812.             ));
  813.         }
  815.         $reader $manager->getReader($this->admin->getClass());
  817.         // retrieve the base revision
  818.         $baseObject $reader->find($this->admin->getClass(), $objectId$baseRevision);
  819.         if (null === $baseObject) {
  820.             throw $this->createNotFoundException(\sprintf(
  821.                 'unable to find the targeted object `%s` from the revision `%s` with classname : `%s`',
  822.                 $objectId,
  823.                 $baseRevision,
  824.                 $this->admin->getClass()
  825.             ));
  826.         }
  828.         // retrieve the compare revision
  829.         $compareObject $reader->find($this->admin->getClass(), $objectId$compareRevision);
  830.         if (null === $compareObject) {
  831.             throw $this->createNotFoundException(\sprintf(
  832.                 'unable to find the targeted object `%s` from the revision `%s` with classname : `%s`',
  833.                 $objectId,
  834.                 $compareRevision,
  835.                 $this->admin->getClass()
  836.             ));
  837.         }
  839.         $this->admin->setSubject($baseObject);
  841.         $template $this->templateRegistry->getTemplate('show_compare');
  843.         /**
  844.          * @psalm-suppress DeprecatedMethod
  845.          */
  846.         return $this->renderWithExtraParams($template, [
  847.             'action' => 'show',
  848.             'object' => $baseObject,
  849.             'object_compare' => $compareObject,
  850.             'elements' => $this->admin->getShow(),
  851.         ]);
  852.     }
  854.     /**
  855.      * Export data to specified format.
  856.      *
  857.      * @throws AccessDeniedException If access is not granted
  858.      * @throws \RuntimeException     If the export format is invalid
  859.      */
  860.     public function exportAction(Request $request): Response
  861.     {
  862.         $this->admin->checkAccess('export');
  864.         $format $request->get('format');
  865.         if (!\is_string($format)) {
  866.             throw new BadRequestParamHttpException('format''string'$format);
  867.         }
  869.         $adminExporter $this->container->get('sonata.admin.admin_exporter');
  870.         \assert($adminExporter instanceof AdminExporter);
  871.         $allowedExportFormats $adminExporter->getAvailableFormats($this->admin);
  872.         $filename $adminExporter->getExportFilename($this->admin$format);
  874.         $exporter $this->container->get('sonata.exporter.exporter');
  875.         \assert($exporter instanceof ExporterInterface);
  877.         if (!\in_array($format$allowedExportFormatstrue)) {
  878.             throw new \RuntimeException(\sprintf(
  879.                 'Export in format `%s` is not allowed for class: `%s`. Allowed formats are: `%s`',
  880.                 $format,
  881.                 $this->admin->getClass(),
  882.                 implode(', '$allowedExportFormats)
  883.             ));
  884.         }
  886.         return $exporter->getResponse(
  887.             $format,
  888.             $filename,
  889.             $this->admin->getDataSourceIterator()
  890.         );
  891.     }
  893.     /**
  894.      * Returns the Response object associated to the acl action.
  895.      *
  896.      * @throws AccessDeniedException If access is not granted
  897.      * @throws NotFoundHttpException If the object does not exist or the ACL is not enabled
  898.      */
  899.     public function aclAction(Request $request): Response
  900.     {
  901.         if (!$this->admin->isAclEnabled()) {
  902.             throw $this->createNotFoundException('ACL are not enabled for this admin');
  903.         }
  905.         $object $this->assertObjectExists($requesttrue);
  906.         \assert(null !== $object);
  908.         $this->admin->checkAccess('acl'$object);
  910.         $this->admin->setSubject($object);
  911.         $aclUsers $this->getAclUsers();
  912.         $aclRoles $this->getAclRoles();
  914.         $adminObjectAclManipulator $this->container->get('sonata.admin.object.manipulator.acl.admin');
  915.         \assert($adminObjectAclManipulator instanceof AdminObjectAclManipulator);
  917.         $adminObjectAclData = new AdminObjectAclData(
  918.             $this->admin,
  919.             $object,
  920.             $aclUsers,
  921.             $adminObjectAclManipulator->getMaskBuilderClass(),
  922.             $aclRoles
  923.         );
  925.         $aclUsersForm $adminObjectAclManipulator->createAclUsersForm($adminObjectAclData);
  926.         $aclRolesForm $adminObjectAclManipulator->createAclRolesForm($adminObjectAclData);
  928.         if (Request::METHOD_POST === $request->getMethod()) {
  929.             if ($request->request->has(AdminObjectAclManipulator::ACL_USERS_FORM_NAME)) {
  930.                 $form $aclUsersForm;
  931.                 $updateMethod 'updateAclUsers';
  932.             } elseif ($request->request->has(AdminObjectAclManipulator::ACL_ROLES_FORM_NAME)) {
  933.                 $form $aclRolesForm;
  934.                 $updateMethod 'updateAclRoles';
  935.             }
  937.             if (isset($form$updateMethod)) {
  938.                 $form->handleRequest($request);
  940.                 if ($form->isValid()) {
  941.                     $adminObjectAclManipulator->$updateMethod($adminObjectAclData);
  942.                     $this->addFlash(
  943.                         'sonata_flash_success',
  944.                         $this->trans('flash_acl_edit_success', [], 'SonataAdminBundle')
  945.                     );
  947.                     return new RedirectResponse($this->admin->generateObjectUrl('acl'$object));
  948.                 }
  949.             }
  950.         }
  952.         $template $this->templateRegistry->getTemplate('acl');
  954.         /**
  955.          * @psalm-suppress DeprecatedMethod
  956.          */
  957.         return $this->renderWithExtraParams($template, [
  958.             'action' => 'acl',
  959.             'permissions' => $adminObjectAclData->getUserPermissions(),
  960.             'object' => $object,
  961.             'users' => $aclUsers,
  962.             'roles' => $aclRoles,
  963.             'aclUsersForm' => $aclUsersForm->createView(),
  964.             'aclRolesForm' => $aclRolesForm->createView(),
  965.         ]);
  966.     }
  968.     /**
  969.      * Contextualize the admin class depends on the current request.
  970.      *
  971.      * @throws \InvalidArgumentException
  972.      */
  973.     final public function configureAdmin(Request $request): void
  974.     {
  975.         $adminFetcher $this->container->get('sonata.admin.request.fetcher');
  976.         \assert($adminFetcher instanceof AdminFetcherInterface);
  978.         /** @var AdminInterface<T> $admin */
  979.         $admin $adminFetcher->get($request);
  980.         $this->admin $admin;
  982.         if (!$this->admin->hasTemplateRegistry()) {
  983.             throw new \RuntimeException(\sprintf(
  984.                 'Unable to find the template registry related to the current admin (%s).',
  985.                 $this->admin->getCode()
  986.             ));
  987.         }
  989.         $this->templateRegistry $this->admin->getTemplateRegistry();
  990.     }
  992.     /**
  993.      * Add twig globals which are used in every template.
  994.      */
  995.     final public function setTwigGlobals(Request $request): void
  996.     {
  997.         $this->setTwigGlobal('admin'$this->admin);
  999.         if ($this->isXmlHttpRequest($request)) {
  1000.             $baseTemplate $this->templateRegistry->getTemplate('ajax');
  1001.         } else {
  1002.             $baseTemplate $this->templateRegistry->getTemplate('layout');
  1003.         }
  1005.         $this->setTwigGlobal('base_template'$baseTemplate);
  1006.     }
  1008.     /**
  1009.      * Renders a view while passing mandatory parameters on to the template.
  1010.      *
  1011.      * @param string               $view       The view name
  1012.      * @param array<string, mixed> $parameters An array of parameters to pass to the view
  1013.      *
  1014.      * @deprecated since sonata-project/admin-bundle version 4.x
  1015.      *
  1016.      *  NEXT_MAJOR: Remove this method
  1017.      */
  1018.     final protected function renderWithExtraParams(string $view, array $parameters = [], ?Response $response null): Response
  1019.     {
  1020.         /**
  1021.          * @psalm-suppress DeprecatedMethod
  1022.          */
  1023.         return $this->render($view$this->addRenderExtraParams($parameters), $response);
  1024.     }
  1026.     /**
  1027.      * @param array<string, mixed> $parameters
  1028.      *
  1029.      * @return array<string, mixed>
  1030.      *
  1031.      * @deprecated since sonata-project/admin-bundle version 4.x
  1032.      *
  1033.      * NEXT_MAJOR: Remove this method
  1034.      */
  1035.     protected function addRenderExtraParams(array $parameters = []): array
  1036.     {
  1037.         $parameters['admin'] ??= $this->admin;
  1038.         /**
  1039.          * @psalm-suppress DeprecatedMethod
  1040.          */
  1041.         $parameters['base_template'] ??= $this->getBaseTemplate();
  1043.         return $parameters;
  1044.     }
  1046.     /**
  1047.      * @param mixed[] $headers
  1048.      */
  1049.     final protected function renderJson(mixed $dataint $status Response::HTTP_OK, array $headers = []): JsonResponse
  1050.     {
  1051.         return new JsonResponse($data$status$headers);
  1052.     }
  1054.     /**
  1055.      * Returns true if the request is a XMLHttpRequest.
  1056.      *
  1057.      * @return bool True if the request is an XMLHttpRequest, false otherwise
  1058.      */
  1059.     final protected function isXmlHttpRequest(Request $request): bool
  1060.     {
  1061.         return $request->isXmlHttpRequest()
  1062.             || $request->request->getBoolean('_xml_http_request')
  1063.             || $request->query->getBoolean('_xml_http_request');
  1064.     }
  1066.     /**
  1067.      * Proxy for the logger service of the container.
  1068.      * If no such service is found, a NullLogger is returned.
  1069.      */
  1070.     protected function getLogger(): LoggerInterface
  1071.     {
  1072.         if ($this->container->has('logger')) {
  1073.             $logger $this->container->get('logger');
  1074.             \assert($logger instanceof LoggerInterface);
  1076.             return $logger;
  1077.         }
  1079.         return new NullLogger();
  1080.     }
  1082.     /**
  1083.      * Returns the base template name.
  1084.      *
  1085.      * @return string The template name
  1086.      *
  1087.      * @deprecated since sonata-project/admin-bundle version 4.x
  1088.      *
  1089.      *  NEXT_MAJOR: Remove this method
  1090.      */
  1091.     protected function getBaseTemplate(): string
  1092.     {
  1093.         $requestStack $this->container->get('request_stack');
  1094.         \assert($requestStack instanceof RequestStack);
  1095.         $request $requestStack->getCurrentRequest();
  1096.         \assert(null !== $request);
  1098.         if ($this->isXmlHttpRequest($request)) {
  1099.             return $this->templateRegistry->getTemplate('ajax');
  1100.         }
  1102.         return $this->templateRegistry->getTemplate('layout');
  1103.     }
  1105.     /**
  1106.      * @throws \Exception
  1107.      *
  1108.      * @return string|null A custom error message to display in the flag bag instead of the generic one
  1109.      */
  1110.     protected function handleModelManagerException(\Exception $exception)
  1111.     {
  1112.         if ($exception instanceof ModelManagerThrowable) {
  1113.             return $this->handleModelManagerThrowable($exception);
  1114.         }
  1116.         @trigger_error(\sprintf(
  1117.             'The method "%s()" is deprecated since sonata-project/admin-bundle 3.107 and will be removed in 5.0.',
  1118.             __METHOD__
  1119.         ), \E_USER_DEPRECATED);
  1121.         $debug $this->getParameter('kernel.debug');
  1122.         \assert(\is_bool($debug));
  1123.         if ($debug) {
  1124.             throw $exception;
  1125.         }
  1127.         $context = ['exception' => $exception];
  1128.         if (null !== $exception->getPrevious()) {
  1129.             $context['previous_exception_message'] = $exception->getPrevious()->getMessage();
  1130.         }
  1131.         $this->getLogger()->error($exception->getMessage(), $context);
  1133.         return null;
  1134.     }
  1136.     /**
  1137.      * NEXT_MAJOR: Add typehint.
  1138.      *
  1139.      * @throws ModelManagerThrowable
  1140.      *
  1141.      * @return string|null A custom error message to display in the flag bag instead of the generic one
  1142.      */
  1143.     protected function handleModelManagerThrowable(ModelManagerThrowable $exception)
  1144.     {
  1145.         $debug $this->getParameter('kernel.debug');
  1146.         \assert(\is_bool($debug));
  1147.         if ($debug) {
  1148.             throw $exception;
  1149.         }
  1151.         $context = ['exception' => $exception];
  1152.         if (null !== $exception->getPrevious()) {
  1153.             $context['previous_exception_message'] = $exception->getPrevious()->getMessage();
  1154.         }
  1155.         $this->getLogger()->error($exception->getMessage(), $context);
  1157.         return null;
  1158.     }
  1160.     /**
  1161.      * Redirect the user depend on this choice.
  1162.      *
  1163.      * @phpstan-param T $object
  1164.      */
  1165.     protected function redirectTo(Request $requestobject $object): RedirectResponse
  1166.     {
  1167.         if (null !== $request->get('btn_update_and_list')) {
  1168.             return $this->redirectToList();
  1169.         }
  1170.         if (null !== $request->get('btn_create_and_list')) {
  1171.             return $this->redirectToList();
  1172.         }
  1174.         if (null !== $request->get('btn_create_and_create')) {
  1175.             $params = [];
  1176.             if ($this->admin->hasActiveSubClass()) {
  1177.                 $params['subclass'] = $request->get('subclass');
  1178.             }
  1180.             return new RedirectResponse($this->admin->generateUrl('create'$params));
  1181.         }
  1183.         if (null !== $request->get('btn_delete')) {
  1184.             return $this->redirectToList();
  1185.         }
  1187.         foreach (['edit''show'] as $route) {
  1188.             if ($this->admin->hasRoute($route) && $this->admin->hasAccess($route$object)) {
  1189.                 $url $this->admin->generateObjectUrl(
  1190.                     $route,
  1191.                     $object,
  1192.                     $this->getSelectedTab($request)
  1193.                 );
  1195.                 return new RedirectResponse($url);
  1196.             }
  1197.         }
  1199.         return $this->redirectToList();
  1200.     }
  1202.     /**
  1203.      * Redirects the user to the list view.
  1204.      */
  1205.     final protected function redirectToList(): RedirectResponse
  1206.     {
  1207.         $parameters = [];
  1209.         $filter $this->admin->getFilterParameters();
  1210.         if ([] !== $filter) {
  1211.             $parameters['filter'] = $filter;
  1212.         }
  1214.         return $this->redirect($this->admin->generateUrl('list'$parameters));
  1215.     }
  1217.     /**
  1218.      * Returns true if the preview is requested to be shown.
  1219.      */
  1220.     final protected function isPreviewRequested(Request $request): bool
  1221.     {
  1222.         return null !== $request->get('btn_preview');
  1223.     }
  1225.     /**
  1226.      * Returns true if the preview has been approved.
  1227.      */
  1228.     final protected function isPreviewApproved(Request $request): bool
  1229.     {
  1230.         return null !== $request->get('btn_preview_approve');
  1231.     }
  1233.     /**
  1234.      * Returns true if the request is in the preview workflow.
  1235.      *
  1236.      * That means either a preview is requested or the preview has already been shown
  1237.      * and it got approved/declined.
  1238.      */
  1239.     final protected function isInPreviewMode(Request $request): bool
  1240.     {
  1241.         return $this->admin->supportsPreviewMode()
  1242.         && ($this->isPreviewRequested($request)
  1243.             || $this->isPreviewApproved($request)
  1244.             || $this->isPreviewDeclined($request));
  1245.     }
  1247.     /**
  1248.      * Returns true if the preview has been declined.
  1249.      */
  1250.     final protected function isPreviewDeclined(Request $request): bool
  1251.     {
  1252.         return null !== $request->get('btn_preview_decline');
  1253.     }
  1255.     /**
  1256.      * @return \Traversable<UserInterface|string>
  1257.      */
  1258.     protected function getAclUsers(): \Traversable
  1259.     {
  1260.         if (!$this->container->has('sonata.admin.security.acl_user_manager')) {
  1261.             return new \ArrayIterator([]);
  1262.         }
  1264.         $aclUserManager $this->container->get('sonata.admin.security.acl_user_manager');
  1265.         \assert($aclUserManager instanceof AdminAclUserManagerInterface);
  1266.         $aclUsers $aclUserManager->findUsers();
  1268.         return \is_array($aclUsers) ? new \ArrayIterator($aclUsers) : $aclUsers;
  1269.     }
  1271.     /**
  1272.      * @return \Traversable<string>
  1273.      */
  1274.     protected function getAclRoles(): \Traversable
  1275.     {
  1276.         $aclRoles = [];
  1277.         $roleHierarchy $this->getParameter('security.role_hierarchy.roles');
  1278.         \assert(\is_array($roleHierarchy));
  1279.         $pool $this->container->get('sonata.admin.pool');
  1280.         \assert($pool instanceof Pool);
  1282.         foreach ($pool->getAdminServiceCodes() as $code) {
  1283.             try {
  1284.                 $admin $pool->getInstance($code);
  1285.             } catch (\Exception) {
  1286.                 continue;
  1287.             }
  1289.             $baseRole $admin->getSecurityHandler()->getBaseRole($admin);
  1290.             foreach ($admin->getSecurityInformation() as $role => $_permissions) {
  1291.                 $role \sprintf($baseRole$role);
  1292.                 $aclRoles[] = $role;
  1293.             }
  1294.         }
  1296.         foreach ($roleHierarchy as $name => $roles) {
  1297.             $aclRoles[] = $name;
  1298.             $aclRoles array_merge($aclRoles$roles);
  1299.         }
  1301.         $aclRoles array_unique($aclRoles);
  1303.         return new \ArrayIterator($aclRoles);
  1304.     }
  1306.     /**
  1307.      * Validate CSRF token for action without form.
  1308.      *
  1309.      * @throws HttpException
  1310.      */
  1311.     final protected function validateCsrfToken(Request $requeststring $intention): void
  1312.     {
  1313.         if (!$this->container->has('security.csrf.token_manager')) {
  1314.             return;
  1315.         }
  1317.         $token $request->get('_sonata_csrf_token');
  1318.         $tokenManager $this->container->get('security.csrf.token_manager');
  1319.         \assert($tokenManager instanceof CsrfTokenManagerInterface);
  1321.         if (!$tokenManager->isTokenValid(new CsrfToken($intention$token))) {
  1322.             throw new HttpException(Response::HTTP_BAD_REQUEST'The csrf token is not valid, CSRF attack?');
  1323.         }
  1324.     }
  1326.     /**
  1327.      * Escape string for html output.
  1328.      */
  1329.     final protected function escapeHtml(string $s): string
  1330.     {
  1331.         return htmlspecialchars($s\ENT_QUOTES \ENT_SUBSTITUTE);
  1332.     }
  1334.     /**
  1335.      * Get CSRF token.
  1336.      */
  1337.     final protected function getCsrfToken(string $intention): ?string
  1338.     {
  1339.         if (!$this->container->has('security.csrf.token_manager')) {
  1340.             return null;
  1341.         }
  1343.         $tokenManager $this->container->get('security.csrf.token_manager');
  1344.         \assert($tokenManager instanceof CsrfTokenManagerInterface);
  1346.         return $tokenManager->getToken($intention)->getValue();
  1347.     }
  1349.     /**
  1350.      * This method can be overloaded in your custom CRUD controller.
  1351.      * It's called from createAction.
  1352.      *
  1353.      * @phpstan-param T $object
  1354.      */
  1355.     protected function preCreate(Request $requestobject $object): ?Response
  1356.     {
  1357.         return null;
  1358.     }
  1360.     /**
  1361.      * This method can be overloaded in your custom CRUD controller.
  1362.      * It's called from editAction.
  1363.      *
  1364.      * @phpstan-param T $object
  1365.      */
  1366.     protected function preEdit(Request $requestobject $object): ?Response
  1367.     {
  1368.         return null;
  1369.     }
  1371.     /**
  1372.      * This method can be overloaded in your custom CRUD controller.
  1373.      * It's called from deleteAction.
  1374.      *
  1375.      * @phpstan-param T $object
  1376.      */
  1377.     protected function preDelete(Request $requestobject $object): ?Response
  1378.     {
  1379.         return null;
  1380.     }
  1382.     /**
  1383.      * This method can be overloaded in your custom CRUD controller.
  1384.      * It's called from showAction.
  1385.      *
  1386.      * @phpstan-param T $object
  1387.      */
  1388.     protected function preShow(Request $requestobject $object): ?Response
  1389.     {
  1390.         return null;
  1391.     }
  1393.     /**
  1394.      * This method can be overloaded in your custom CRUD controller.
  1395.      * It's called from listAction.
  1396.      */
  1397.     protected function preList(Request $request): ?Response
  1398.     {
  1399.         return null;
  1400.     }
  1402.     /**
  1403.      * Translate a message id.
  1404.      *
  1405.      * @param mixed[] $parameters
  1406.      */
  1407.     final protected function trans(string $id, array $parameters = [], ?string $domain null, ?string $locale null): string
  1408.     {
  1409.         $domain ??= $this->admin->getTranslationDomain();
  1410.         $translator $this->container->get('translator');
  1411.         \assert($translator instanceof TranslatorInterface);
  1413.         return $translator->trans($id$parameters$domain$locale);
  1414.     }
  1416.     protected function handleXmlHttpRequestErrorResponse(Request $requestFormInterface $form): ?JsonResponse
  1417.     {
  1418.         if ([] === array_intersect(['application/json''*/*'], $request->getAcceptableContentTypes())) {
  1419.             return $this->renderJson([], Response::HTTP_NOT_ACCEPTABLE);
  1420.         }
  1422.         return $this->json(
  1423.             FormErrorIteratorToConstraintViolationList::transform($form->getErrors(true)),
  1424.             Response::HTTP_BAD_REQUEST
  1425.         );
  1426.     }
  1428.     /**
  1429.      * @phpstan-param T $object
  1430.      */
  1431.     protected function handleXmlHttpRequestSuccessResponse(Request $requestobject $object): JsonResponse
  1432.     {
  1433.         if ([] === array_intersect(['application/json''*/*'], $request->getAcceptableContentTypes())) {
  1434.             return $this->renderJson([], Response::HTTP_NOT_ACCEPTABLE);
  1435.         }
  1437.         return $this->renderJson([
  1438.             'result' => 'ok',
  1439.             'objectId' => $this->admin->getNormalizedIdentifier($object),
  1440.             'objectName' => $this->escapeHtml($this->admin->toString($object)),
  1441.         ]);
  1442.     }
  1444.     /**
  1445.      * @phpstan-return T|null
  1446.      */
  1447.     final protected function assertObjectExists(Request $requestbool $strict false): ?object
  1448.     {
  1449.         $admin $this->admin;
  1450.         $object null;
  1452.         while (null !== $admin) {
  1453.             $objectId $request->get($admin->getIdParameter());
  1454.             if (\is_string($objectId) || \is_int($objectId)) {
  1455.                 $adminObject $admin->getObject($objectId);
  1456.                 if (null === $adminObject) {
  1457.                     throw $this->createNotFoundException(\sprintf(
  1458.                         'Unable to find %s object with id: %s.',
  1459.                         $admin->getClassnameLabel(),
  1460.                         $objectId
  1461.                     ));
  1462.                 }
  1463.                 if (null === $object) {
  1464.                     /** @phpstan-var T $object */
  1465.                     $object $adminObject;
  1466.                 }
  1467.             } elseif ($strict || $admin !== $this->admin) {
  1468.                 throw $this->createNotFoundException(\sprintf(
  1469.                     'Unable to find the %s object id of the admin "%s".',
  1470.                     $admin->getClassnameLabel(),
  1471.                     $admin::class
  1472.                 ));
  1473.             }
  1475.             $admin $admin->isChild() ? $admin->getParent() : null;
  1476.         }
  1478.         return $object;
  1479.     }
  1481.     /**
  1482.      * @return array{_tab?: string}
  1483.      */
  1484.     final protected function getSelectedTab(Request $request): array
  1485.     {
  1486.         $tab = (string) $request->request->get('_tab');
  1487.         if ('' === $tab) {
  1488.             return [];
  1489.         }
  1491.         return ['_tab' => $tab];
  1492.     }
  1494.     /**
  1495.      * Sets the admin form theme to form view. Used for compatibility between Symfony versions.
  1496.      *
  1497.      * @param string[]|null $theme
  1498.      */
  1499.     final protected function setFormTheme(FormView $formView, ?array $theme null): void
  1500.     {
  1501.         $twig $this->container->get('twig');
  1502.         \assert($twig instanceof Environment);
  1504.         $formRenderer $twig->getRuntime(FormRenderer::class);
  1505.         $formRenderer->setTheme($formView$theme);
  1506.     }
  1508.     /**
  1509.      * @phpstan-param T $object
  1510.      */
  1511.     final protected function checkParentChildAssociation(Request $requestobject $object): void
  1512.     {
  1513.         if (!$this->admin->isChild()) {
  1514.             return;
  1515.         }
  1517.         $parentAdmin $this->admin->getParent();
  1518.         $parentId $request->get($parentAdmin->getIdParameter());
  1519.         \assert(\is_string($parentId) || \is_int($parentId));
  1521.         $parentAdminObject $parentAdmin->getObject($parentId);
  1522.         if (null === $parentAdminObject) {
  1523.             throw new \RuntimeException(\sprintf(
  1524.                 'No object was found in the admin "%s" for the id "%s".',
  1525.                 $parentAdmin::class,
  1526.                 $parentId
  1527.             ));
  1528.         }
  1530.         $parentAssociationMapping $this->admin->getParentAssociationMapping();
  1531.         if (null === $parentAssociationMapping) {
  1532.             return;
  1533.         }
  1535.         $propertyAccessor PropertyAccess::createPropertyAccessor();
  1536.         $propertyPath = new PropertyPath($parentAssociationMapping);
  1537.         $objectParent $propertyAccessor->getValue($object$propertyPath);
  1539.         // $objectParent may be an array or a Collection when the parent association is many to many.
  1540.         $parentObjectMatches $this->equalsOrContains($objectParent$parentAdminObject);
  1542.         if (!$parentObjectMatches) {
  1543.             throw new \RuntimeException(\sprintf(
  1544.                 'There is no association between "%s" and "%s"',
  1545.                 $parentAdmin->toString($parentAdminObject),
  1546.                 $this->admin->toString($object)
  1547.             ));
  1548.         }
  1549.     }
  1551.     private function setTwigGlobal(string $namemixed $value): void
  1552.     {
  1553.         $twig $this->container->get('twig');
  1554.         \assert($twig instanceof Environment);
  1556.         try {
  1557.             $twig->addGlobal($name$value);
  1558.         } catch (\LogicException) {
  1559.             // Variable already set
  1560.         }
  1561.     }
  1563.     private function getBatchActionExecutable(string $action): callable
  1564.     {
  1565.         $batchActions $this->admin->getBatchActions();
  1566.         if (!\array_key_exists($action$batchActions)) {
  1567.             throw new \RuntimeException(\sprintf('The `%s` batch action is not defined'$action));
  1568.         }
  1570.         $controller $batchActions[$action]['controller'] ?? \sprintf(
  1571.             '%s::%s',
  1572.             $this->admin->getBaseControllerName(),
  1573.             \sprintf('batchAction%s', (new UnicodeString($action))->camel()->title(true)->toString())
  1574.         );
  1576.         // This will throw an exception when called so we know if it's possible or not to call the controller.
  1577.         $exists false !== $this->container
  1578.             ->get('controller_resolver')
  1579.             ->getController(new Request([], [], ['_controller' => $controller]));
  1581.         if (!$exists) {
  1582.             throw new \RuntimeException(\sprintf('Controller for action `%s` cannot be resolved'$action));
  1583.         }
  1585.         return function (ProxyQueryInterface $queryRequest $request) use ($controller): Response {
  1586.             $request->attributes->set('_controller'$controller);
  1587.             $request->attributes->set('query'$query);
  1589.             return $this->container->get('http_kernel')->handle($requestHttpKernelInterface::SUB_REQUEST);
  1590.         };
  1591.     }
  1593.     /**
  1594.      * Checks whether $needle is equal to $haystack or part of it.
  1595.      *
  1596.      * @param object|iterable<object> $haystack
  1597.      *
  1598.      * @return bool true when $haystack equals $needle or $haystack is iterable and contains $needle
  1599.      */
  1600.     private function equalsOrContains($haystackobject $needle): bool
  1601.     {
  1602.         if ($needle === $haystack) {
  1603.             return true;
  1604.         }
  1606.         if (is_iterable($haystack)) {
  1607.             foreach ($haystack as $haystackItem) {
  1608.                 if ($haystackItem === $needle) {
  1609.                     return true;
  1610.                 }
  1611.             }
  1612.         }
  1614.         return false;
  1615.     }
  1616. }