custom/plugins/econsorsetup/src/Subscriber/EconsorSetupConfigSubscriber.php line 70

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace EconsorSetup\Subscriber;
  7. use Exception;
  8. use Shopware\Core\Content\Cms\SalesChannel\Struct\TextStruct;
  9. use Shopware\Core\Framework\DataAbstractionLayer\EntityRepository;
  10. use Shopware\Core\Framework\DataAbstractionLayer\Search\Criteria;
  11. use Shopware\Core\Framework\DataAbstractionLayer\Search\Filter\EqualsFilter;
  12. use Shopware\Core\System\Language\LanguageEntity;
  13. use Shopware\Core\System\SystemConfig\SystemConfigService;
  14. use Shopware\Storefront\Page\GenericPageLoadedEvent;
  15. use Shopware\Storefront\Page\PageLoadedEvent;
  16. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  17. use Symfony\Component\HttpFoundation\ResponseHeaderBag;
  18. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  19. use Symfony\Component\HttpKernel\KernelEvents;
  21. /**
  22.  * @psalm-type TEconsorSetupConfig = array{
  23.  *    strictTransportSecurityEnabled: bool,
  24.  *    strictTransportSecurity: string,
  25.  *    xFrameOptionsEnabled: bool,
  26.  *    xFrameOptions: string,
  27.  *    xXssProtectionEnabled: bool,
  28.  *    xXssProtection: string,
  29.  *    xContentTypeOptionsEnabled: bool,
  30.  *    xContentTypeOptions: string,
  31.  *    referrerPolicyEnabled: bool,
  32.  *    referrerPolicy: string,
  33.  *    permissionsPolicyEnabled: bool,
  34.  *    permissionsPolicy: string,
  35.  *    contentSecurityPolicyEnabled: bool,
  36.  *    contentSecurityPolicy: string,
  37.  * }
  38.  */
  39. class EconsorSetupConfigSubscriber implements EventSubscriberInterface
  40. {
  41.     private const FOOTER_LINK 'Umsetzung: ' .
  42.         '<a href="https://www.econsor.de/shopware/" title="Shopware-Agentur" target="_blank">' .
  43.             'Shopware-Agentur ECONSOR' .
  44.         '</a>';
  46.     /**
  47.      * @var SystemConfigService
  48.      */
  49.     private $systemConfigService;
  51.     /**
  52.      * @var EntityRepository
  53.      */
  54.     private $languageRepo;
  56.     public function __construct(SystemConfigService $systemConfigServiceEntityRepository $languageRepo)
  57.     {
  58.         $this->systemConfigService $systemConfigService;
  59.         $this->languageRepo $languageRepo;
  60.     }
  62.     public static function getSubscribedEvents(): array
  63.     {
  64.         return [
  65.             GenericPageLoadedEvent::class => 'onPageLoaded',
  66.             KernelEvents::RESPONSE => 'handleRequest'
  67.         ];
  68.     }
  70.     public function onPageLoaded(PageLoadedEvent $event): void
  71.     {
  72.         $page $event->getPage();
  73.         $route = (string)$event->getRequest()->attributes->get('_route');
  74.         if ('frontend.home.page' === $route) {
  75.             $page->assign(['footerConfig' => self::FOOTER_LINK]);
  76.         }
  77.         $page->assign([
  78.             'headTag' => $this->systemConfigService->get('EconsorSetup.config.headTag')
  79.         ]);
  81.         $page->assign([
  82.             'bodyTag' => $this->systemConfigService->get('EconsorSetup.config.bodyTag')
  83.         ]);
  85.         $page->assign([
  86.             'cookieFirst' => $this->systemConfigService->get('EconsorSetup.config.cookieFirst')
  87.         ]);
  89.         $page->assign([
  90.             'cookiePreferencesLinkEnabled' => $this->systemConfigService->get(
  91.                 'EconsorSetup.config.cookiePreferencesLinkEnabled'
  92.             )
  93.         ]);
  95.         $criteria = (new Criteria())->addFilter(
  96.             new EqualsFilter('id'$event->getSalesChannelContext()->getSalesChannel()->getLanguageId())
  97.         )->addAssociation('locale');
  99.         try {
  100.             $result $this->languageRepo->search($criteria$event->getContext());
  101.             if ($result->getTotal()) {
  102.                 $entityCollection $result->getEntities();
  103.                 /** @var LanguageEntity $language */
  104.                 $language $entityCollection->first();
  105.                 $struct = new TextStruct();
  106.                 $locale $language->getLocale();
  107.                 if (null !== $locale) {
  108.                     $struct->setContent($locale->getCode());
  109.                     $event->getContext()->addExtension('localeLanguage'$struct);
  110.                 }
  111.             }
  112.         } catch (Exception $e) {
  113.             /** TODO: log error */
  114.         }
  115.     }
  117.     public function handleRequest(ResponseEvent $event): void
  118.     {
  119.         $this->setSecurityHeaders($event->getResponse()->headers);
  120.     }
  122.     private function setSecurityHeaders(ResponseHeaderBag $headers): void
  123.     {
  124.         $config $this->systemConfigService->get('EconsorSetup.config');
  125.         assert(is_array($config));
  127.         /** @var TEconsorSetupConfig $config */
  128.         if ($config['strictTransportSecurityEnabled']) {
  129.             $headers->set('Strict-Transport-Security'$config['strictTransportSecurity'], true);
  130.         }
  132.         if ($config['xFrameOptionsEnabled']) {
  133.             $headers->set('X-Frame-Options'$config['xFrameOptions'], true);
  134.         }
  136.         if ($config['xXssProtectionEnabled']) {
  137.             $headers->set('X-XSS-Protection'$config['xXssProtection'], true);
  138.         }
  140.         if ($config['xContentTypeOptionsEnabled']) {
  141.             $headers->set('X-Content-Type-Options'$config['xContentTypeOptions'], true);
  142.         }
  144.         if ($config['referrerPolicyEnabled']) {
  145.             $headers->set('Referrer-Policy'$config['referrerPolicy'], true);
  146.         }
  148.         if ($config['permissionsPolicyEnabled']) {
  149.             $headers->set('Permissions-Policy'$config['permissionsPolicy'], true);
  150.         }
  152.         if ($config['contentSecurityPolicyEnabled']) {
  153.             $headers->set('Content-Security-Policy'$config['contentSecurityPolicy'], true);
  154.         }
  155.     }
  156. }