vendor/sonata-project/admin-bundle/src/Controller/CRUDController.php line 108

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. /*
  6.  * This file is part of the Sonata Project package.
  7.  *
  8.  * (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
  9.  *
  10.  * For the full copyright and license information, please view the LICENSE
  11.  * file that was distributed with this source code.
  12.  */
  14. namespace Sonata\AdminBundle\Controller;
  16. use Doctrine\Inflector\InflectorFactory;
  17. use Psr\Log\LoggerInterface;
  18. use Psr\Log\NullLogger;
  19. use Sonata\AdminBundle\Admin\AdminInterface;
  20. use Sonata\AdminBundle\Admin\Pool;
  21. use Sonata\AdminBundle\Bridge\Exporter\AdminExporter;
  22. use Sonata\AdminBundle\Datagrid\ProxyQueryInterface;
  23. use Sonata\AdminBundle\Exception\BadRequestParamHttpException;
  24. use Sonata\AdminBundle\Exception\LockException;
  25. use Sonata\AdminBundle\Exception\ModelManagerException;
  26. use Sonata\AdminBundle\Exception\ModelManagerThrowable;
  27. use Sonata\AdminBundle\Model\AuditManagerInterface;
  28. use Sonata\AdminBundle\Request\AdminFetcherInterface;
  29. use Sonata\AdminBundle\Templating\TemplateRegistryInterface;
  30. use Sonata\AdminBundle\Util\AdminAclUserManagerInterface;
  31. use Sonata\AdminBundle\Util\AdminObjectAclData;
  32. use Sonata\AdminBundle\Util\AdminObjectAclManipulator;
  33. use Sonata\Exporter\Exporter;
  34. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  35. use Symfony\Component\Form\FormInterface;
  36. use Symfony\Component\Form\FormRenderer;
  37. use Symfony\Component\Form\FormView;
  38. use Symfony\Component\HttpFoundation\InputBag;
  39. use Symfony\Component\HttpFoundation\JsonResponse;
  40. use Symfony\Component\HttpFoundation\ParameterBag;
  41. use Symfony\Component\HttpFoundation\RedirectResponse;
  42. use Symfony\Component\HttpFoundation\Request;
  43. use Symfony\Component\HttpFoundation\RequestStack;
  44. use Symfony\Component\HttpFoundation\Response;
  45. use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
  46. use Symfony\Component\HttpKernel\Exception\HttpException;
  47. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  48. use Symfony\Component\HttpKernel\HttpKernelInterface;
  49. use Symfony\Component\PropertyAccess\PropertyAccess;
  50. use Symfony\Component\PropertyAccess\PropertyPath;
  51. use Symfony\Component\Security\Core\Exception\AccessDeniedException;
  52. use Symfony\Component\Security\Core\User\UserInterface;
  53. use Symfony\Component\Security\Csrf\CsrfToken;
  54. use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
  55. use Symfony\Contracts\Translation\TranslatorInterface;
  56. use Twig\Environment;
  58. /**
  59.  * @author Thomas Rabaix <thomas.rabaix@sonata-project.org>
  60.  *
  61.  * @phpstan-template T of object
  62.  *
  63.  * @psalm-suppress MissingConstructor
  64.  *
  65.  * @see ConfigureCRUDControllerListener
  66.  */
  67. class CRUDController extends AbstractController
  68. {
  69.     /**
  70.      * The related Admin class.
  71.      *
  72.      * @var AdminInterface<object>
  73.      * @phpstan-var AdminInterface<T>
  74.      *
  75.      * @psalm-suppress PropertyNotSetInConstructor
  76.      */
  77.     protected $admin;
  79.     /**
  80.      * The template registry of the related Admin class.
  81.      *
  82.      * @psalm-suppress PropertyNotSetInConstructor
  83.      * @phpstan-ignore-next-line
  84.      */
  85.     private TemplateRegistryInterface $templateRegistry;
  87.     public static function getSubscribedServices(): array
  88.     {
  89.         return [
  90.             'sonata.admin.pool' => Pool::class,
  91.             'sonata.admin.audit.manager' => AuditManagerInterface::class,
  92.             'sonata.admin.object.manipulator.acl.admin' => AdminObjectAclManipulator::class,
  93.             'sonata.admin.request.fetcher' => AdminFetcherInterface::class,
  94.             'sonata.exporter.exporter' => '?'.Exporter::class,
  95.             'sonata.admin.admin_exporter' => '?'.AdminExporter::class,
  96.             'sonata.admin.security.acl_user_manager' => '?'.AdminAclUserManagerInterface::class,
  98.             'controller_resolver' => 'controller_resolver',
  99.             'http_kernel' => HttpKernelInterface::class,
  100.             'logger' => '?'.LoggerInterface::class,
  101.             'translator' => TranslatorInterface::class,
  102.         ] + parent::getSubscribedServices();
  103.     }
  105.     /**
  106.      * @throws AccessDeniedException If access is not granted
  107.      */
  108.     public function listAction(Request $request): Response
  109.     {
  110.         $this->assertObjectExists($request);
  112.         $this->admin->checkAccess('list');
  114.         $preResponse $this->preList($request);
  115.         if (null !== $preResponse) {
  116.             return $preResponse;
  117.         }
  119.         $listMode $request->get('_list_mode');
  120.         if (\is_string($listMode)) {
  121.             $this->admin->setListMode($listMode);
  122.         }
  124.         $datagrid $this->admin->getDatagrid();
  125.         $formView $datagrid->getForm()->createView();
  127.         // set the theme for the current Admin Form
  128.         $this->setFormTheme($formView$this->admin->getFilterTheme());
  130.         $template $this->templateRegistry->getTemplate('list');
  132.         if ($this->container->has('sonata.admin.admin_exporter')) {
  133.             $exporter $this->container->get('sonata.admin.admin_exporter');
  134.             \assert($exporter instanceof AdminExporter);
  135.             $exportFormats $exporter->getAvailableFormats($this->admin);
  136.         }
  138.         return $this->renderWithExtraParams($template, [
  139.             'action' => 'list',
  140.             'form' => $formView,
  141.             'datagrid' => $datagrid,
  142.             'csrf_token' => $this->getCsrfToken('sonata.batch'),
  143.             'export_formats' => $exportFormats ?? $this->admin->getExportFormats(),
  144.         ]);
  145.     }
  147.     /**
  148.      * NEXT_MAJOR: Change signature to `(ProxyQueryInterface $query, Request $request).
  149.      *
  150.      * Execute a batch delete.
  151.      *
  152.      * @throws AccessDeniedException If access is not granted
  153.      */
  154.     public function batchActionDelete(ProxyQueryInterface $query): Response
  155.     {
  156.         $this->admin->checkAccess('batchDelete');
  158.         $modelManager $this->admin->getModelManager();
  160.         try {
  161.             $modelManager->batchDelete($this->admin->getClass(), $query);
  162.             $this->addFlash(
  163.                 'sonata_flash_success',
  164.                 $this->trans('flash_batch_delete_success', [], 'SonataAdminBundle')
  165.             );
  166.         } catch (ModelManagerException $e) {
  167.             // NEXT_MAJOR: Remove this catch.
  168.             $this->handleModelManagerException($e);
  170.             $this->addFlash(
  171.                 'sonata_flash_error',
  172.                 $this->trans('flash_batch_delete_error', [], 'SonataAdminBundle')
  173.             );
  174.         } catch (ModelManagerThrowable $e) {
  175.             $errorMessage $this->handleModelManagerThrowable($e);
  177.             $this->addFlash(
  178.                 'sonata_flash_error',
  179.                 $errorMessage ?? $this->trans('flash_batch_delete_error', [], 'SonataAdminBundle')
  180.             );
  181.         }
  183.         return $this->redirectToList();
  184.     }
  186.     /**
  187.      * @throws NotFoundHttpException If the object does not exist
  188.      * @throws AccessDeniedException If access is not granted
  189.      */
  190.     public function deleteAction(Request $request): Response
  191.     {
  192.         $object $this->assertObjectExists($requesttrue);
  193.         \assert(null !== $object);
  195.         $this->checkParentChildAssociation($request$object);
  197.         $this->admin->checkAccess('delete'$object);
  199.         $preResponse $this->preDelete($request$object);
  200.         if (null !== $preResponse) {
  201.             return $preResponse;
  202.         }
  204.         if (\in_array($request->getMethod(), [Request::METHOD_POSTRequest::METHOD_DELETE], true)) {
  205.             // check the csrf token
  206.             $this->validateCsrfToken($request'sonata.delete');
  208.             $objectName $this->admin->toString($object);
  210.             try {
  211.                 $this->admin->delete($object);
  213.                 if ($this->isXmlHttpRequest($request)) {
  214.                     return $this->renderJson(['result' => 'ok']);
  215.                 }
  217.                 $this->addFlash(
  218.                     'sonata_flash_success',
  219.                     $this->trans(
  220.                         'flash_delete_success',
  221.                         ['%name%' => $this->escapeHtml($objectName)],
  222.                         'SonataAdminBundle'
  223.                     )
  224.                 );
  225.             } catch (ModelManagerException $e) {
  226.                 // NEXT_MAJOR: Remove this catch.
  227.                 $this->handleModelManagerException($e);
  229.                 if ($this->isXmlHttpRequest($request)) {
  230.                     return $this->renderJson(['result' => 'error']);
  231.                 }
  233.                 $this->addFlash(
  234.                     'sonata_flash_error',
  235.                     $this->trans(
  236.                         'flash_delete_error',
  237.                         ['%name%' => $this->escapeHtml($objectName)],
  238.                         'SonataAdminBundle'
  239.                     )
  240.                 );
  241.             } catch (ModelManagerThrowable $e) {
  242.                 $errorMessage $this->handleModelManagerThrowable($e);
  244.                 if ($this->isXmlHttpRequest($request)) {
  245.                     return $this->renderJson(['result' => 'error'], Response::HTTP_OK, []);
  246.                 }
  248.                 $this->addFlash(
  249.                     'sonata_flash_error',
  250.                     $errorMessage ?? $this->trans(
  251.                         'flash_delete_error',
  252.                         ['%name%' => $this->escapeHtml($objectName)],
  253.                         'SonataAdminBundle'
  254.                     )
  255.                 );
  256.             }
  258.             return $this->redirectTo($request$object);
  259.         }
  261.         $template $this->templateRegistry->getTemplate('delete');
  263.         return $this->renderWithExtraParams($template, [
  264.             'object' => $object,
  265.             'action' => 'delete',
  266.             'csrf_token' => $this->getCsrfToken('sonata.delete'),
  267.         ]);
  268.     }
  270.     /**
  271.      * @throws NotFoundHttpException If the object does not exist
  272.      * @throws AccessDeniedException If access is not granted
  273.      */
  274.     public function editAction(Request $request): Response
  275.     {
  276.         // the key used to lookup the template
  277.         $templateKey 'edit';
  279.         $existingObject $this->assertObjectExists($requesttrue);
  280.         \assert(null !== $existingObject);
  282.         $this->checkParentChildAssociation($request$existingObject);
  284.         $this->admin->checkAccess('edit'$existingObject);
  286.         $preResponse $this->preEdit($request$existingObject);
  287.         if (null !== $preResponse) {
  288.             return $preResponse;
  289.         }
  291.         $this->admin->setSubject($existingObject);
  292.         $objectId $this->admin->getNormalizedIdentifier($existingObject);
  293.         \assert(null !== $objectId);
  295.         $form $this->admin->getForm();
  297.         $form->setData($existingObject);
  298.         $form->handleRequest($request);
  300.         if ($form->isSubmitted()) {
  301.             $isFormValid $form->isValid();
  303.             // persist if the form was valid and if in preview mode the preview was approved
  304.             if ($isFormValid && (!$this->isInPreviewMode($request) || $this->isPreviewApproved($request))) {
  305.                 /** @phpstan-var T $submittedObject */
  306.                 $submittedObject $form->getData();
  307.                 $this->admin->setSubject($submittedObject);
  309.                 try {
  310.                     $existingObject $this->admin->update($submittedObject);
  312.                     if ($this->isXmlHttpRequest($request)) {
  313.                         return $this->handleXmlHttpRequestSuccessResponse($request$existingObject);
  314.                     }
  316.                     $this->addFlash(
  317.                         'sonata_flash_success',
  318.                         $this->trans(
  319.                             'flash_edit_success',
  320.                             ['%name%' => $this->escapeHtml($this->admin->toString($existingObject))],
  321.                             'SonataAdminBundle'
  322.                         )
  323.                     );
  325.                     // redirect to edit mode
  326.                     return $this->redirectTo($request$existingObject);
  327.                 } catch (ModelManagerException $e) {
  328.                     // NEXT_MAJOR: Remove this catch.
  329.                     $this->handleModelManagerException($e);
  331.                     $isFormValid false;
  332.                 } catch (ModelManagerThrowable $e) {
  333.                     $errorMessage $this->handleModelManagerThrowable($e);
  335.                     $isFormValid false;
  336.                 } catch (LockException $e) {
  337.                     $this->addFlash('sonata_flash_error'$this->trans('flash_lock_error', [
  338.                         '%name%' => $this->escapeHtml($this->admin->toString($existingObject)),
  339.                         '%link_start%' => sprintf('<a href="%s">'$this->admin->generateObjectUrl('edit'$existingObject)),
  340.                         '%link_end%' => '</a>',
  341.                     ], 'SonataAdminBundle'));
  342.                 }
  343.             }
  345.             // show an error message if the form failed validation
  346.             if (!$isFormValid) {
  347.                 if ($this->isXmlHttpRequest($request) && null !== ($response $this->handleXmlHttpRequestErrorResponse($request$form))) {
  348.                     return $response;
  349.                 }
  351.                 $this->addFlash(
  352.                     'sonata_flash_error',
  353.                     $errorMessage ?? $this->trans(
  354.                         'flash_edit_error',
  355.                         ['%name%' => $this->escapeHtml($this->admin->toString($existingObject))],
  356.                         'SonataAdminBundle'
  357.                     )
  358.                 );
  359.             } elseif ($this->isPreviewRequested($request)) {
  360.                 // enable the preview template if the form was valid and preview was requested
  361.                 $templateKey 'preview';
  362.                 $this->admin->getShow();
  363.             }
  364.         }
  366.         $formView $form->createView();
  367.         // set the theme for the current Admin Form
  368.         $this->setFormTheme($formView$this->admin->getFormTheme());
  370.         $template $this->templateRegistry->getTemplate($templateKey);
  372.         return $this->renderWithExtraParams($template, [
  373.             'action' => 'edit',
  374.             'form' => $formView,
  375.             'object' => $existingObject,
  376.             'objectId' => $objectId,
  377.         ]);
  378.     }
  380.     /**
  381.      * @throws NotFoundHttpException If the HTTP method is not POST
  382.      * @throws \RuntimeException     If the batch action is not defined
  383.      */
  384.     public function batchAction(Request $request): Response
  385.     {
  386.         $restMethod $request->getMethod();
  388.         if (Request::METHOD_POST !== $restMethod) {
  389.             throw $this->createNotFoundException(sprintf(
  390.                 'Invalid request method given "%s", %s expected',
  391.                 $restMethod,
  392.                 Request::METHOD_POST
  393.             ));
  394.         }
  396.         // check the csrf token
  397.         $this->validateCsrfToken($request'sonata.batch');
  399.         $confirmation $request->get('confirmation'false);
  401.         $forwardedRequest $request->duplicate();
  403.         $encodedData $request->get('data');
  405.         if (null === $encodedData) {
  406.             $action $forwardedRequest->request->get('action');
  407.             /** @var InputBag|ParameterBag $bag */
  408.             $bag $request->request;
  409.             if ($bag instanceof InputBag) {
  410.                 // symfony 5.1+
  411.                 $idx $bag->all('idx');
  412.             } else {
  413.                 $idx = (array) $bag->get('idx', []);
  414.             }
  415.             $allElements $forwardedRequest->request->getBoolean('all_elements');
  417.             $forwardedRequest->request->set('idx'$idx);
  418.             $forwardedRequest->request->set('all_elements', (string) $allElements);
  420.             $data $forwardedRequest->request->all();
  421.             $data['all_elements'] = $allElements;
  423.             unset($data['_sonata_csrf_token']);
  424.         } else {
  425.             if (!\is_string($encodedData)) {
  426.                 throw new BadRequestParamHttpException('data''string'$encodedData);
  427.             }
  429.             try {
  430.                 $data json_decode($encodedDatatrue512, \JSON_THROW_ON_ERROR);
  431.             } catch (\JsonException $exception) {
  432.                 throw new BadRequestHttpException('Unable to decode batch data');
  433.             }
  435.             $action $data['action'];
  436.             $idx = (array) ($data['idx'] ?? []);
  437.             $allElements = (bool) ($data['all_elements'] ?? false);
  438.             $forwardedRequest->request->replace(array_merge($forwardedRequest->request->all(), $data));
  439.         }
  441.         if (!\is_string($action)) {
  442.             throw new \RuntimeException('The action is not defined');
  443.         }
  445.         $camelizedAction InflectorFactory::create()->build()->classify($action);
  447.         try {
  448.             $batchActionExecutable $this->getBatchActionExecutable($action);
  449.         } catch (\Throwable $error) {
  450.             $finalAction sprintf('batchAction%s'$camelizedAction);
  451.             throw new \RuntimeException(sprintf('A `%s::%s` method must be callable or create a `controller` configuration for your batch action.'$this->admin->getBaseControllerName(), $finalAction), 0$error);
  452.         }
  454.         $batchAction $this->admin->getBatchActions()[$action];
  456.         $isRelevantAction sprintf('batchAction%sIsRelevant'$camelizedAction);
  458.         if (method_exists($this$isRelevantAction)) {
  459.             // NEXT_MAJOR: Remove if above in sonata-project/admin-bundle 5.0
  460.             @trigger_error(sprintf(
  461.                 'The is relevant hook via "%s()" is deprecated since sonata-project/admin-bundle 4.12'
  462.                 .' and will not be call in 5.0. Move the logic to your controller.',
  463.                 $isRelevantAction,
  464.             ), \E_USER_DEPRECATED);
  465.             $nonRelevantMessage $this->$isRelevantAction($idx$allElements$forwardedRequest);
  466.         } else {
  467.             $nonRelevantMessage !== \count($idx) || $allElements// at least one item is selected
  468.         }
  470.         if (!$nonRelevantMessage) { // default non relevant message (if false of null)
  471.             $nonRelevantMessage 'flash_batch_empty';
  472.         }
  474.         $datagrid $this->admin->getDatagrid();
  475.         $datagrid->buildPager();
  477.         if (true !== $nonRelevantMessage) {
  478.             $this->addFlash(
  479.                 'sonata_flash_info',
  480.                 $this->trans($nonRelevantMessage, [], 'SonataAdminBundle')
  481.             );
  483.             return $this->redirectToList();
  484.         }
  486.         $askConfirmation $batchAction['ask_confirmation'] ?? true;
  488.         if (true === $askConfirmation && 'ok' !== $confirmation) {
  489.             $actionLabel $batchAction['label'];
  490.             $batchTranslationDomain $batchAction['translation_domain'] ??
  491.                 $this->admin->getTranslationDomain();
  493.             $formView $datagrid->getForm()->createView();
  494.             $this->setFormTheme($formView$this->admin->getFilterTheme());
  496.             $template $batchAction['template'] ?? $this->templateRegistry->getTemplate('batch_confirmation');
  498.             return $this->renderWithExtraParams($template, [
  499.                 'action' => 'list',
  500.                 'action_label' => $actionLabel,
  501.                 'batch_translation_domain' => $batchTranslationDomain,
  502.                 'datagrid' => $datagrid,
  503.                 'form' => $formView,
  504.                 'data' => $data,
  505.                 'csrf_token' => $this->getCsrfToken('sonata.batch'),
  506.             ]);
  507.         }
  509.         $query $datagrid->getQuery();
  511.         $query->setFirstResult(null);
  512.         $query->setMaxResults(null);
  514.         $this->admin->preBatchAction($action$query$idx$allElements);
  515.         foreach ($this->admin->getExtensions() as $extension) {
  516.             // NEXT_MAJOR: Remove the if-statement around the call to `$extension->preBatchAction()`
  517.             // @phpstan-ignore-next-line
  518.             if (method_exists($extension'preBatchAction')) {
  519.                 $extension->preBatchAction($this->admin$action$query$idx$allElements);
  520.             }
  521.         }
  523.         if (\count($idx) > 0) {
  524.             $this->admin->getModelManager()->addIdentifiersToQuery($this->admin->getClass(), $query$idx);
  525.         } elseif (!$allElements) {
  526.             $this->addFlash(
  527.                 'sonata_flash_info',
  528.                 $this->trans('flash_batch_no_elements_processed', [], 'SonataAdminBundle')
  529.             );
  531.             return $this->redirectToList();
  532.         }
  534.         return \call_user_func($batchActionExecutable$query$forwardedRequest);
  535.     }
  537.     /**
  538.      * @throws AccessDeniedException If access is not granted
  539.      */
  540.     public function createAction(Request $request): Response
  541.     {
  542.         $this->assertObjectExists($request);
  544.         $this->admin->checkAccess('create');
  546.         // the key used to lookup the template
  547.         $templateKey 'edit';
  549.         $class = new \ReflectionClass($this->admin->hasActiveSubClass() ? $this->admin->getActiveSubClass() : $this->admin->getClass());
  551.         if ($class->isAbstract()) {
  552.             return $this->renderWithExtraParams(
  553.                 '@SonataAdmin/CRUD/select_subclass.html.twig',
  554.                 [
  555.                     'action' => 'create',
  556.                 ],
  557.             );
  558.         }
  560.         $newObject $this->admin->getNewInstance();
  562.         $preResponse $this->preCreate($request$newObject);
  563.         if (null !== $preResponse) {
  564.             return $preResponse;
  565.         }
  567.         $this->admin->setSubject($newObject);
  569.         $form $this->admin->getForm();
  571.         $form->setData($newObject);
  572.         $form->handleRequest($request);
  574.         if ($form->isSubmitted()) {
  575.             $isFormValid $form->isValid();
  577.             // persist if the form was valid and if in preview mode the preview was approved
  578.             if ($isFormValid && (!$this->isInPreviewMode($request) || $this->isPreviewApproved($request))) {
  579.                 /** @phpstan-var T $submittedObject */
  580.                 $submittedObject $form->getData();
  581.                 $this->admin->setSubject($submittedObject);
  583.                 try {
  584.                     $newObject $this->admin->create($submittedObject);
  586.                     if ($this->isXmlHttpRequest($request)) {
  587.                         return $this->handleXmlHttpRequestSuccessResponse($request$newObject);
  588.                     }
  590.                     $this->addFlash(
  591.                         'sonata_flash_success',
  592.                         $this->trans(
  593.                             'flash_create_success',
  594.                             ['%name%' => $this->escapeHtml($this->admin->toString($newObject))],
  595.                             'SonataAdminBundle'
  596.                         )
  597.                     );
  599.                     // redirect to edit mode
  600.                     return $this->redirectTo($request$newObject);
  601.                 } catch (ModelManagerException $e) {
  602.                     // NEXT_MAJOR: Remove this catch.
  603.                     $this->handleModelManagerException($e);
  605.                     $isFormValid false;
  606.                 } catch (ModelManagerThrowable $e) {
  607.                     $errorMessage $this->handleModelManagerThrowable($e);
  609.                     $isFormValid false;
  610.                 }
  611.             }
  613.             // show an error message if the form failed validation
  614.             if (!$isFormValid) {
  615.                 if ($this->isXmlHttpRequest($request) && null !== ($response $this->handleXmlHttpRequestErrorResponse($request$form))) {
  616.                     return $response;
  617.                 }
  619.                 $this->addFlash(
  620.                     'sonata_flash_error',
  621.                     $errorMessage ?? $this->trans(
  622.                         'flash_create_error',
  623.                         ['%name%' => $this->escapeHtml($this->admin->toString($newObject))],
  624.                         'SonataAdminBundle'
  625.                     )
  626.                 );
  627.             } elseif ($this->isPreviewRequested($request)) {
  628.                 // pick the preview template if the form was valid and preview was requested
  629.                 $templateKey 'preview';
  630.                 $this->admin->getShow();
  631.             }
  632.         }
  634.         $formView $form->createView();
  635.         // set the theme for the current Admin Form
  636.         $this->setFormTheme($formView$this->admin->getFormTheme());
  638.         $template $this->templateRegistry->getTemplate($templateKey);
  640.         return $this->renderWithExtraParams($template, [
  641.             'action' => 'create',
  642.             'form' => $formView,
  643.             'object' => $newObject,
  644.             'objectId' => null,
  645.         ]);
  646.     }
  648.     /**
  649.      * @throws NotFoundHttpException If the object does not exist
  650.      * @throws AccessDeniedException If access is not granted
  651.      */
  652.     public function showAction(Request $request): Response
  653.     {
  654.         $object $this->assertObjectExists($requesttrue);
  655.         \assert(null !== $object);
  657.         $this->checkParentChildAssociation($request$object);
  659.         $this->admin->checkAccess('show'$object);
  661.         $preResponse $this->preShow($request$object);
  662.         if (null !== $preResponse) {
  663.             return $preResponse;
  664.         }
  666.         $this->admin->setSubject($object);
  668.         $fields $this->admin->getShow();
  670.         $template $this->templateRegistry->getTemplate('show');
  672.         return $this->renderWithExtraParams($template, [
  673.             'action' => 'show',
  674.             'object' => $object,
  675.             'elements' => $fields,
  676.         ]);
  677.     }
  679.     /**
  680.      * Show history revisions for object.
  681.      *
  682.      * @throws AccessDeniedException If access is not granted
  683.      * @throws NotFoundHttpException If the object does not exist or the audit reader is not available
  684.      */
  685.     public function historyAction(Request $request): Response
  686.     {
  687.         $object $this->assertObjectExists($requesttrue);
  688.         \assert(null !== $object);
  689.         $this->admin->checkAccess('history'$object);
  691.         $objectId $this->admin->getNormalizedIdentifier($object);
  692.         \assert(null !== $objectId);
  694.         $manager $this->container->get('sonata.admin.audit.manager');
  695.         \assert($manager instanceof AuditManagerInterface);
  697.         if (!$manager->hasReader($this->admin->getClass())) {
  698.             throw $this->createNotFoundException(sprintf(
  699.                 'unable to find the audit reader for class : %s',
  700.                 $this->admin->getClass()
  701.             ));
  702.         }
  704.         $reader $manager->getReader($this->admin->getClass());
  706.         $revisions $reader->findRevisions($this->admin->getClass(), $objectId);
  708.         $template $this->templateRegistry->getTemplate('history');
  710.         return $this->renderWithExtraParams($template, [
  711.             'action' => 'history',
  712.             'object' => $object,
  713.             'revisions' => $revisions,
  714.             'currentRevision' => current($revisions),
  715.         ]);
  716.     }
  718.     /**
  719.      * View history revision of object.
  720.      *
  721.      * @throws AccessDeniedException If access is not granted
  722.      * @throws NotFoundHttpException If the object or revision does not exist or the audit reader is not available
  723.      */
  724.     public function historyViewRevisionAction(Request $requeststring $revision): Response
  725.     {
  726.         $object $this->assertObjectExists($requesttrue);
  727.         \assert(null !== $object);
  728.         $this->admin->checkAccess('historyViewRevision'$object);
  730.         $objectId $this->admin->getNormalizedIdentifier($object);
  731.         \assert(null !== $objectId);
  733.         $manager $this->container->get('sonata.admin.audit.manager');
  734.         \assert($manager instanceof AuditManagerInterface);
  736.         if (!$manager->hasReader($this->admin->getClass())) {
  737.             throw $this->createNotFoundException(sprintf(
  738.                 'unable to find the audit reader for class : %s',
  739.                 $this->admin->getClass()
  740.             ));
  741.         }
  743.         $reader $manager->getReader($this->admin->getClass());
  745.         // retrieve the revisioned object
  746.         $object $reader->find($this->admin->getClass(), $objectId$revision);
  748.         if (null === $object) {
  749.             throw $this->createNotFoundException(sprintf(
  750.                 'unable to find the targeted object `%s` from the revision `%s` with classname : `%s`',
  751.                 $objectId,
  752.                 $revision,
  753.                 $this->admin->getClass()
  754.             ));
  755.         }
  757.         $this->admin->setSubject($object);
  759.         $template $this->templateRegistry->getTemplate('show');
  761.         return $this->renderWithExtraParams($template, [
  762.             'action' => 'show',
  763.             'object' => $object,
  764.             'elements' => $this->admin->getShow(),
  765.         ]);
  766.     }
  768.     /**
  769.      * Compare history revisions of object.
  770.      *
  771.      * @throws AccessDeniedException If access is not granted
  772.      * @throws NotFoundHttpException If the object or revision does not exist or the audit reader is not available
  773.      */
  774.     public function historyCompareRevisionsAction(Request $requeststring $baseRevisionstring $compareRevision): Response
  775.     {
  776.         $this->admin->checkAccess('historyCompareRevisions');
  778.         $object $this->assertObjectExists($requesttrue);
  779.         \assert(null !== $object);
  780.         $objectId $this->admin->getNormalizedIdentifier($object);
  781.         \assert(null !== $objectId);
  783.         $manager $this->container->get('sonata.admin.audit.manager');
  784.         \assert($manager instanceof AuditManagerInterface);
  786.         if (!$manager->hasReader($this->admin->getClass())) {
  787.             throw $this->createNotFoundException(sprintf(
  788.                 'unable to find the audit reader for class : %s',
  789.                 $this->admin->getClass()
  790.             ));
  791.         }
  793.         $reader $manager->getReader($this->admin->getClass());
  795.         // retrieve the base revision
  796.         $baseObject $reader->find($this->admin->getClass(), $objectId$baseRevision);
  797.         if (null === $baseObject) {
  798.             throw $this->createNotFoundException(sprintf(
  799.                 'unable to find the targeted object `%s` from the revision `%s` with classname : `%s`',
  800.                 $objectId,
  801.                 $baseRevision,
  802.                 $this->admin->getClass()
  803.             ));
  804.         }
  806.         // retrieve the compare revision
  807.         $compareObject $reader->find($this->admin->getClass(), $objectId$compareRevision);
  808.         if (null === $compareObject) {
  809.             throw $this->createNotFoundException(sprintf(
  810.                 'unable to find the targeted object `%s` from the revision `%s` with classname : `%s`',
  811.                 $objectId,
  812.                 $compareRevision,
  813.                 $this->admin->getClass()
  814.             ));
  815.         }
  817.         $this->admin->setSubject($baseObject);
  819.         $template $this->templateRegistry->getTemplate('show_compare');
  821.         return $this->renderWithExtraParams($template, [
  822.             'action' => 'show',
  823.             'object' => $baseObject,
  824.             'object_compare' => $compareObject,
  825.             'elements' => $this->admin->getShow(),
  826.         ]);
  827.     }
  829.     /**
  830.      * Export data to specified format.
  831.      *
  832.      * @throws AccessDeniedException If access is not granted
  833.      * @throws \RuntimeException     If the export format is invalid
  834.      */
  835.     public function exportAction(Request $request): Response
  836.     {
  837.         $this->admin->checkAccess('export');
  839.         $format $request->get('format');
  840.         if (!\is_string($format)) {
  841.             throw new BadRequestParamHttpException('format''string'$format);
  842.         }
  844.         $adminExporter $this->container->get('sonata.admin.admin_exporter');
  845.         \assert($adminExporter instanceof AdminExporter);
  846.         $allowedExportFormats $adminExporter->getAvailableFormats($this->admin);
  847.         $filename $adminExporter->getExportFilename($this->admin$format);
  849.         $exporter $this->container->get('sonata.exporter.exporter');
  850.         \assert($exporter instanceof Exporter);
  852.         if (!\in_array($format$allowedExportFormatstrue)) {
  853.             throw new \RuntimeException(sprintf(
  854.                 'Export in format `%s` is not allowed for class: `%s`. Allowed formats are: `%s`',
  855.                 $format,
  856.                 $this->admin->getClass(),
  857.                 implode(', '$allowedExportFormats)
  858.             ));
  859.         }
  861.         return $exporter->getResponse(
  862.             $format,
  863.             $filename,
  864.             $this->admin->getDataSourceIterator()
  865.         );
  866.     }
  868.     /**
  869.      * Returns the Response object associated to the acl action.
  870.      *
  871.      * @throws AccessDeniedException If access is not granted
  872.      * @throws NotFoundHttpException If the object does not exist or the ACL is not enabled
  873.      */
  874.     public function aclAction(Request $request): Response
  875.     {
  876.         if (!$this->admin->isAclEnabled()) {
  877.             throw $this->createNotFoundException('ACL are not enabled for this admin');
  878.         }
  880.         $object $this->assertObjectExists($requesttrue);
  881.         \assert(null !== $object);
  883.         $this->admin->checkAccess('acl'$object);
  885.         $this->admin->setSubject($object);
  886.         $aclUsers $this->getAclUsers();
  887.         $aclRoles $this->getAclRoles();
  889.         $adminObjectAclManipulator $this->container->get('sonata.admin.object.manipulator.acl.admin');
  890.         \assert($adminObjectAclManipulator instanceof AdminObjectAclManipulator);
  892.         $adminObjectAclData = new AdminObjectAclData(
  893.             $this->admin,
  894.             $object,
  895.             $aclUsers,
  896.             $adminObjectAclManipulator->getMaskBuilderClass(),
  897.             $aclRoles
  898.         );
  900.         $aclUsersForm $adminObjectAclManipulator->createAclUsersForm($adminObjectAclData);
  901.         $aclRolesForm $adminObjectAclManipulator->createAclRolesForm($adminObjectAclData);
  903.         if (Request::METHOD_POST === $request->getMethod()) {
  904.             if ($request->request->has(AdminObjectAclManipulator::ACL_USERS_FORM_NAME)) {
  905.                 $form $aclUsersForm;
  906.                 $updateMethod 'updateAclUsers';
  907.             } elseif ($request->request->has(AdminObjectAclManipulator::ACL_ROLES_FORM_NAME)) {
  908.                 $form $aclRolesForm;
  909.                 $updateMethod 'updateAclRoles';
  910.             }
  912.             if (isset($form$updateMethod)) {
  913.                 $form->handleRequest($request);
  915.                 if ($form->isValid()) {
  916.                     $adminObjectAclManipulator->$updateMethod($adminObjectAclData);
  917.                     $this->addFlash(
  918.                         'sonata_flash_success',
  919.                         $this->trans('flash_acl_edit_success', [], 'SonataAdminBundle')
  920.                     );
  922.                     return new RedirectResponse($this->admin->generateObjectUrl('acl'$object));
  923.                 }
  924.             }
  925.         }
  927.         $template $this->templateRegistry->getTemplate('acl');
  929.         return $this->renderWithExtraParams($template, [
  930.             'action' => 'acl',
  931.             'permissions' => $adminObjectAclData->getUserPermissions(),
  932.             'object' => $object,
  933.             'users' => $aclUsers,
  934.             'roles' => $aclRoles,
  935.             'aclUsersForm' => $aclUsersForm->createView(),
  936.             'aclRolesForm' => $aclRolesForm->createView(),
  937.         ]);
  938.     }
  940.     /**
  941.      * Contextualize the admin class depends on the current request.
  942.      *
  943.      * @throws \InvalidArgumentException
  944.      */
  945.     final public function configureAdmin(Request $request): void
  946.     {
  947.         $adminFetcher $this->container->get('sonata.admin.request.fetcher');
  948.         \assert($adminFetcher instanceof AdminFetcherInterface);
  950.         /** @var AdminInterface<T> $admin */
  951.         $admin $adminFetcher->get($request);
  952.         $this->admin $admin;
  954.         if (!$this->admin->hasTemplateRegistry()) {
  955.             throw new \RuntimeException(sprintf(
  956.                 'Unable to find the template registry related to the current admin (%s).',
  957.                 $this->admin->getCode()
  958.             ));
  959.         }
  961.         $this->templateRegistry $this->admin->getTemplateRegistry();
  962.     }
  964.     /**
  965.      * Renders a view while passing mandatory parameters on to the template.
  966.      *
  967.      * @param string               $view       The view name
  968.      * @param array<string, mixed> $parameters An array of parameters to pass to the view
  969.      */
  970.     final protected function renderWithExtraParams(string $view, array $parameters = [], ?Response $response null): Response
  971.     {
  972.         return $this->render($view$this->addRenderExtraParams($parameters), $response);
  973.     }
  975.     /**
  976.      * @param array<string, mixed> $parameters
  977.      *
  978.      * @return array<string, mixed>
  979.      */
  980.     protected function addRenderExtraParams(array $parameters = []): array
  981.     {
  982.         $parameters['admin'] ??= $this->admin;
  983.         $parameters['base_template'] ??= $this->getBaseTemplate();
  985.         return $parameters;
  986.     }
  988.     /**
  989.      * @param mixed   $data
  990.      * @param mixed[] $headers
  991.      */
  992.     final protected function renderJson($dataint $status Response::HTTP_OK, array $headers = []): JsonResponse
  993.     {
  994.         return new JsonResponse($data$status$headers);
  995.     }
  997.     /**
  998.      * Returns true if the request is a XMLHttpRequest.
  999.      *
  1000.      * @return bool True if the request is an XMLHttpRequest, false otherwise
  1001.      */
  1002.     final protected function isXmlHttpRequest(Request $request): bool
  1003.     {
  1004.         return $request->isXmlHttpRequest()
  1005.             || $request->request->getBoolean('_xml_http_request')
  1006.             || $request->query->getBoolean('_xml_http_request');
  1007.     }
  1009.     /**
  1010.      * Proxy for the logger service of the container.
  1011.      * If no such service is found, a NullLogger is returned.
  1012.      */
  1013.     protected function getLogger(): LoggerInterface
  1014.     {
  1015.         if ($this->container->has('logger')) {
  1016.             $logger $this->container->get('logger');
  1017.             \assert($logger instanceof LoggerInterface);
  1019.             return $logger;
  1020.         }
  1022.         return new NullLogger();
  1023.     }
  1025.     /**
  1026.      * Returns the base template name.
  1027.      *
  1028.      * @return string The template name
  1029.      */
  1030.     protected function getBaseTemplate(): string
  1031.     {
  1032.         $requestStack $this->container->get('request_stack');
  1033.         \assert($requestStack instanceof RequestStack);
  1034.         $request $requestStack->getCurrentRequest();
  1035.         \assert(null !== $request);
  1037.         if ($this->isXmlHttpRequest($request)) {
  1038.             return $this->templateRegistry->getTemplate('ajax');
  1039.         }
  1041.         return $this->templateRegistry->getTemplate('layout');
  1042.     }
  1044.     /**
  1045.      * @throws \Exception
  1046.      */
  1047.     protected function handleModelManagerException(\Exception $exception): void
  1048.     {
  1049.         if ($exception instanceof ModelManagerThrowable) {
  1050.             $this->handleModelManagerThrowable($exception);
  1052.             return;
  1053.         }
  1055.         @trigger_error(sprintf(
  1056.             'The method "%s()" is deprecated since sonata-project/admin-bundle 3.107 and will be removed in 5.0.',
  1057.             __METHOD__
  1058.         ), \E_USER_DEPRECATED);
  1060.         $debug $this->getParameter('kernel.debug');
  1061.         \assert(\is_bool($debug));
  1062.         if ($debug) {
  1063.             throw $exception;
  1064.         }
  1066.         $context = ['exception' => $exception];
  1067.         if (null !== $exception->getPrevious()) {
  1068.             $context['previous_exception_message'] = $exception->getPrevious()->getMessage();
  1069.         }
  1070.         $this->getLogger()->error($exception->getMessage(), $context);
  1071.     }
  1073.     /**
  1074.      * NEXT_MAJOR: Add typehint.
  1075.      *
  1076.      * @throws ModelManagerThrowable
  1077.      *
  1078.      * @return string|null A custom error message to display in the flag bag instead of the generic one
  1079.      */
  1080.     protected function handleModelManagerThrowable(ModelManagerThrowable $exception)
  1081.     {
  1082.         $debug $this->getParameter('kernel.debug');
  1083.         \assert(\is_bool($debug));
  1084.         if ($debug) {
  1085.             throw $exception;
  1086.         }
  1088.         $context = ['exception' => $exception];
  1089.         if (null !== $exception->getPrevious()) {
  1090.             $context['previous_exception_message'] = $exception->getPrevious()->getMessage();
  1091.         }
  1092.         $this->getLogger()->error($exception->getMessage(), $context);
  1094.         return null;
  1095.     }
  1097.     /**
  1098.      * Redirect the user depend on this choice.
  1099.      *
  1100.      * @phpstan-param T $object
  1101.      */
  1102.     protected function redirectTo(Request $requestobject $object): RedirectResponse
  1103.     {
  1104.         if (null !== $request->get('btn_update_and_list')) {
  1105.             return $this->redirectToList();
  1106.         }
  1107.         if (null !== $request->get('btn_create_and_list')) {
  1108.             return $this->redirectToList();
  1109.         }
  1111.         if (null !== $request->get('btn_create_and_create')) {
  1112.             $params = [];
  1113.             if ($this->admin->hasActiveSubClass()) {
  1114.                 $params['subclass'] = $request->get('subclass');
  1115.             }
  1117.             return new RedirectResponse($this->admin->generateUrl('create'$params));
  1118.         }
  1120.         if (null !== $request->get('btn_delete')) {
  1121.             return $this->redirectToList();
  1122.         }
  1124.         foreach (['edit''show'] as $route) {
  1125.             if ($this->admin->hasRoute($route) && $this->admin->hasAccess($route$object)) {
  1126.                 $url $this->admin->generateObjectUrl(
  1127.                     $route,
  1128.                     $object,
  1129.                     $this->getSelectedTab($request)
  1130.                 );
  1132.                 return new RedirectResponse($url);
  1133.             }
  1134.         }
  1136.         return $this->redirectToList();
  1137.     }
  1139.     /**
  1140.      * Redirects the user to the list view.
  1141.      */
  1142.     final protected function redirectToList(): RedirectResponse
  1143.     {
  1144.         $parameters = [];
  1146.         $filter $this->admin->getFilterParameters();
  1147.         if ([] !== $filter) {
  1148.             $parameters['filter'] = $filter;
  1149.         }
  1151.         return $this->redirect($this->admin->generateUrl('list'$parameters));
  1152.     }
  1154.     /**
  1155.      * Returns true if the preview is requested to be shown.
  1156.      */
  1157.     final protected function isPreviewRequested(Request $request): bool
  1158.     {
  1159.         return null !== $request->get('btn_preview');
  1160.     }
  1162.     /**
  1163.      * Returns true if the preview has been approved.
  1164.      */
  1165.     final protected function isPreviewApproved(Request $request): bool
  1166.     {
  1167.         return null !== $request->get('btn_preview_approve');
  1168.     }
  1170.     /**
  1171.      * Returns true if the request is in the preview workflow.
  1172.      *
  1173.      * That means either a preview is requested or the preview has already been shown
  1174.      * and it got approved/declined.
  1175.      */
  1176.     final protected function isInPreviewMode(Request $request): bool
  1177.     {
  1178.         return $this->admin->supportsPreviewMode()
  1179.         && ($this->isPreviewRequested($request)
  1180.             || $this->isPreviewApproved($request)
  1181.             || $this->isPreviewDeclined($request));
  1182.     }
  1184.     /**
  1185.      * Returns true if the preview has been declined.
  1186.      */
  1187.     final protected function isPreviewDeclined(Request $request): bool
  1188.     {
  1189.         return null !== $request->get('btn_preview_decline');
  1190.     }
  1192.     /**
  1193.      * @return \Traversable<UserInterface|string>
  1194.      */
  1195.     protected function getAclUsers(): \Traversable
  1196.     {
  1197.         if (!$this->container->has('sonata.admin.security.acl_user_manager')) {
  1198.             return new \ArrayIterator([]);
  1199.         }
  1201.         $aclUserManager $this->container->get('sonata.admin.security.acl_user_manager');
  1202.         \assert($aclUserManager instanceof AdminAclUserManagerInterface);
  1203.         $aclUsers $aclUserManager->findUsers();
  1205.         return \is_array($aclUsers) ? new \ArrayIterator($aclUsers) : $aclUsers;
  1206.     }
  1208.     /**
  1209.      * @return \Traversable<string>
  1210.      */
  1211.     protected function getAclRoles(): \Traversable
  1212.     {
  1213.         $aclRoles = [];
  1214.         $roleHierarchy $this->getParameter('security.role_hierarchy.roles');
  1215.         \assert(\is_array($roleHierarchy));
  1216.         $pool $this->container->get('sonata.admin.pool');
  1217.         \assert($pool instanceof Pool);
  1219.         foreach ($pool->getAdminServiceIds() as $id) {
  1220.             try {
  1221.                 $admin $pool->getInstance($id);
  1222.             } catch (\Exception $e) {
  1223.                 continue;
  1224.             }
  1226.             $baseRole $admin->getSecurityHandler()->getBaseRole($admin);
  1227.             foreach ($admin->getSecurityInformation() as $role => $_permissions) {
  1228.                 $role sprintf($baseRole$role);
  1229.                 $aclRoles[] = $role;
  1230.             }
  1231.         }
  1233.         foreach ($roleHierarchy as $name => $roles) {
  1234.             $aclRoles[] = $name;
  1235.             $aclRoles array_merge($aclRoles$roles);
  1236.         }
  1238.         $aclRoles array_unique($aclRoles);
  1240.         return new \ArrayIterator($aclRoles);
  1241.     }
  1243.     /**
  1244.      * Validate CSRF token for action without form.
  1245.      *
  1246.      * @throws HttpException
  1247.      */
  1248.     final protected function validateCsrfToken(Request $requeststring $intention): void
  1249.     {
  1250.         if (!$this->container->has('security.csrf.token_manager')) {
  1251.             return;
  1252.         }
  1254.         $token $request->get('_sonata_csrf_token');
  1255.         $tokenManager $this->container->get('security.csrf.token_manager');
  1256.         \assert($tokenManager instanceof CsrfTokenManagerInterface);
  1258.         if (!$tokenManager->isTokenValid(new CsrfToken($intention$token))) {
  1259.             throw new HttpException(Response::HTTP_BAD_REQUEST'The csrf token is not valid, CSRF attack?');
  1260.         }
  1261.     }
  1263.     /**
  1264.      * Escape string for html output.
  1265.      */
  1266.     final protected function escapeHtml(string $s): string
  1267.     {
  1268.         return htmlspecialchars($s, \ENT_QUOTES | \ENT_SUBSTITUTE);
  1269.     }
  1271.     /**
  1272.      * Get CSRF token.
  1273.      */
  1274.     final protected function getCsrfToken(string $intention): ?string
  1275.     {
  1276.         if (!$this->container->has('security.csrf.token_manager')) {
  1277.             return null;
  1278.         }
  1280.         $tokenManager $this->container->get('security.csrf.token_manager');
  1281.         \assert($tokenManager instanceof CsrfTokenManagerInterface);
  1283.         return $tokenManager->getToken($intention)->getValue();
  1284.     }
  1286.     /**
  1287.      * This method can be overloaded in your custom CRUD controller.
  1288.      * It's called from createAction.
  1289.      *
  1290.      * @phpstan-param T $object
  1291.      */
  1292.     protected function preCreate(Request $requestobject $object): ?Response
  1293.     {
  1294.         return null;
  1295.     }
  1297.     /**
  1298.      * This method can be overloaded in your custom CRUD controller.
  1299.      * It's called from editAction.
  1300.      *
  1301.      * @phpstan-param T $object
  1302.      */
  1303.     protected function preEdit(Request $requestobject $object): ?Response
  1304.     {
  1305.         return null;
  1306.     }
  1308.     /**
  1309.      * This method can be overloaded in your custom CRUD controller.
  1310.      * It's called from deleteAction.
  1311.      *
  1312.      * @phpstan-param T $object
  1313.      */
  1314.     protected function preDelete(Request $requestobject $object): ?Response
  1315.     {
  1316.         return null;
  1317.     }
  1319.     /**
  1320.      * This method can be overloaded in your custom CRUD controller.
  1321.      * It's called from showAction.
  1322.      *
  1323.      * @phpstan-param T $object
  1324.      */
  1325.     protected function preShow(Request $requestobject $object): ?Response
  1326.     {
  1327.         return null;
  1328.     }
  1330.     /**
  1331.      * This method can be overloaded in your custom CRUD controller.
  1332.      * It's called from listAction.
  1333.      */
  1334.     protected function preList(Request $request): ?Response
  1335.     {
  1336.         return null;
  1337.     }
  1339.     /**
  1340.      * Translate a message id.
  1341.      *
  1342.      * @param mixed[] $parameters
  1343.      */
  1344.     final protected function trans(string $id, array $parameters = [], ?string $domain null, ?string $locale null): string
  1345.     {
  1346.         $domain ??= $this->admin->getTranslationDomain();
  1347.         $translator $this->container->get('translator');
  1348.         \assert($translator instanceof TranslatorInterface);
  1350.         return $translator->trans($id$parameters$domain$locale);
  1351.     }
  1353.     protected function handleXmlHttpRequestErrorResponse(Request $requestFormInterface $form): ?JsonResponse
  1354.     {
  1355.         if ([] === array_intersect(['application/json''*/*'], $request->getAcceptableContentTypes())) {
  1356.             return $this->renderJson([], Response::HTTP_NOT_ACCEPTABLE);
  1357.         }
  1359.         $errors = [];
  1360.         foreach ($form->getErrors(true) as $error) {
  1361.             $errors[] = $error->getMessage();
  1362.         }
  1364.         return $this->renderJson([
  1365.             'result' => 'error',
  1366.             'errors' => $errors,
  1367.         ], Response::HTTP_BAD_REQUEST);
  1368.     }
  1370.     /**
  1371.      * @phpstan-param T $object
  1372.      */
  1373.     protected function handleXmlHttpRequestSuccessResponse(Request $requestobject $object): JsonResponse
  1374.     {
  1375.         if ([] === array_intersect(['application/json''*/*'], $request->getAcceptableContentTypes())) {
  1376.             return $this->renderJson([], Response::HTTP_NOT_ACCEPTABLE);
  1377.         }
  1379.         return $this->renderJson([
  1380.             'result' => 'ok',
  1381.             'objectId' => $this->admin->getNormalizedIdentifier($object),
  1382.             'objectName' => $this->escapeHtml($this->admin->toString($object)),
  1383.         ]);
  1384.     }
  1386.     /**
  1387.      * @phpstan-return T|null
  1388.      */
  1389.     final protected function assertObjectExists(Request $requestbool $strict false): ?object
  1390.     {
  1391.         $admin $this->admin;
  1392.         $object null;
  1394.         while (null !== $admin) {
  1395.             $objectId $request->get($admin->getIdParameter());
  1396.             if (\is_string($objectId) || \is_int($objectId)) {
  1397.                 $adminObject $admin->getObject($objectId);
  1398.                 if (null === $adminObject) {
  1399.                     throw $this->createNotFoundException(sprintf(
  1400.                         'Unable to find %s object with id: %s.',
  1401.                         $admin->getClassnameLabel(),
  1402.                         $objectId
  1403.                     ));
  1404.                 } elseif (null === $object) {
  1405.                     /** @phpstan-var T $object */
  1406.                     $object $adminObject;
  1407.                 }
  1408.             } elseif ($strict || $admin !== $this->admin) {
  1409.                 throw $this->createNotFoundException(sprintf(
  1410.                     'Unable to find the %s object id of the admin "%s".',
  1411.                     $admin->getClassnameLabel(),
  1412.                     \get_class($admin)
  1413.                 ));
  1414.             }
  1416.             $admin $admin->isChild() ? $admin->getParent() : null;
  1417.         }
  1419.         return $object;
  1420.     }
  1422.     /**
  1423.      * @return array{_tab?: string}
  1424.      */
  1425.     final protected function getSelectedTab(Request $request): array
  1426.     {
  1427.         return array_filter(['_tab' => (string) $request->request->get('_tab')]);
  1428.     }
  1430.     /**
  1431.      * Sets the admin form theme to form view. Used for compatibility between Symfony versions.
  1432.      *
  1433.      * @param string[]|null $theme
  1434.      */
  1435.     final protected function setFormTheme(FormView $formView, ?array $theme null): void
  1436.     {
  1437.         $twig $this->container->get('twig');
  1438.         \assert($twig instanceof Environment);
  1440.         $formRenderer $twig->getRuntime(FormRenderer::class);
  1441.         $formRenderer->setTheme($formView$theme);
  1442.     }
  1444.     /**
  1445.      * @phpstan-param T $object
  1446.      */
  1447.     final protected function checkParentChildAssociation(Request $requestobject $object): void
  1448.     {
  1449.         if (!$this->admin->isChild()) {
  1450.             return;
  1451.         }
  1453.         $parentAdmin $this->admin->getParent();
  1454.         $parentId $request->get($parentAdmin->getIdParameter());
  1455.         \assert(\is_string($parentId) || \is_int($parentId));
  1457.         $parentAdminObject $parentAdmin->getObject($parentId);
  1458.         if (null === $parentAdminObject) {
  1459.             throw new \RuntimeException(sprintf(
  1460.                 'No object was found in the admin "%s" for the id "%s".',
  1461.                 \get_class($parentAdmin),
  1462.                 $parentId
  1463.             ));
  1464.         }
  1466.         $parentAssociationMapping $this->admin->getParentAssociationMapping();
  1467.         if (null === $parentAssociationMapping) {
  1468.             throw new \RuntimeException('The admin has no parent association mapping.');
  1469.         }
  1471.         $propertyAccessor PropertyAccess::createPropertyAccessor();
  1472.         $propertyPath = new PropertyPath($parentAssociationMapping);
  1473.         $objectParent $propertyAccessor->getValue($object$propertyPath);
  1475.         // $objectParent may be an array or a Collection when the parent association is many to many.
  1476.         $parentObjectMatches $this->equalsOrContains($objectParent$parentAdminObject);
  1478.         if (!$parentObjectMatches) {
  1479.             throw new \RuntimeException(sprintf(
  1480.                 'There is no association between "%s" and "%s"',
  1481.                 $parentAdmin->toString($parentAdminObject),
  1482.                 $this->admin->toString($object)
  1483.             ));
  1484.         }
  1485.     }
  1487.     private function getBatchActionExecutable(string $action): callable
  1488.     {
  1489.         $batchActions $this->admin->getBatchActions();
  1490.         if (!\array_key_exists($action$batchActions)) {
  1491.             throw new \RuntimeException(sprintf('The `%s` batch action is not defined'$action));
  1492.         }
  1494.         $controller $batchActions[$action]['controller'] ?? sprintf(
  1495.             '%s::%s',
  1496.             $this->admin->getBaseControllerName(),
  1497.             sprintf('batchAction%s'InflectorFactory::create()->build()->classify($action))
  1498.         );
  1500.         // This will throw an exception when called so we know if it's possible or not to call the controller.
  1501.         $exists false !== $this->container
  1502.             ->get('controller_resolver')
  1503.             ->getController(new Request([], [], ['_controller' => $controller]));
  1505.         if (!$exists) {
  1506.             throw new \RuntimeException(sprintf('Controller for action `%s` cannot be resolved'$action));
  1507.         }
  1509.         return function (ProxyQueryInterface $queryRequest $request) use ($controller) {
  1510.             $request->attributes->set('_controller'$controller);
  1511.             $request->attributes->set('query'$query);
  1513.             return $this->container->get('http_kernel')->handle($requestHttpKernelInterface::SUB_REQUEST);
  1514.         };
  1515.     }
  1517.     /**
  1518.      * Checks whether $needle is equal to $haystack or part of it.
  1519.      *
  1520.      * @param object|iterable<object> $haystack
  1521.      *
  1522.      * @return bool true when $haystack equals $needle or $haystack is iterable and contains $needle
  1523.      */
  1524.     private function equalsOrContains($haystackobject $needle): bool
  1525.     {
  1526.         if ($needle === $haystack) {
  1527.             return true;
  1528.         }
  1530.         if (is_iterable($haystack)) {
  1531.             foreach ($haystack as $haystackItem) {
  1532.                 if ($haystackItem === $needle) {
  1533.                     return true;
  1534.                 }
  1535.             }
  1536.         }
  1538.         return false;
  1539.     }
  1540. }