Get User inside a SQLFilter in Symfony 3

Question

I’m starting with Symfony and I want to make a multi tenant application.

I want to automatically filter in my SQL queries the content according to the company of belonging of the connected user, every time a table has a link with my company table.

I found the way to create filters but I can not find a way to retrieve in this filter the information about the company of the connected user.

I use FOSuser I override it with my own User class.

my config.yml

#app\config\config.yml

    doctrine:
        dbal:
           ...
        orm:
            auto_generate_proxy_classes: '%kernel.debug%'
            naming_strategy: doctrine.orm.naming_strategy.underscore
            auto_mapping: true
            filters:
                company:
                    class: 'Acme\CompanyBundle\Repository\Filters\CompanyFilter'
                    enabled: true

my Filter

<?php
#src\Acme\CompanyBundle\Repository\Filters\CompanyFilter.php

namespace Acme\CompanyBundle\Repository\Filters;

use Doctrine\ORM\Mapping\ClassMetaData;
use Doctrine\ORM\Query\Filter\SQLFilter;
use Acme\UserBundle\Entity\UserEntity;
use Acme\CompanyBundle\Entity\CompanyEntity;

class CompanyFilter extends SQLFilter
{
    public function addFilterConstraint(ClassMetadata $targetEntity, $targetTableAlias)
    {
        if ($targetEntity->hasAssociation("company")) {

            // here how to get the connected user ???

            $company = $user->getCompany();
            $idCompany = $company->getId();
            return $targetTableAlias . ".company_id = '".$idCompany."'";


        }
        return "";
    }
}

in advance thank you for your help

Answer 1

Set an onKernelRequest listener, pass it the token storage service, so it defines your user as parameter of your SQLFilter.

So in your services.yml add :

services:
    on_request_listener:
        class: Acme\CompanyBundle\EventListener\OnRequestListener
        arguments: ["@doctrine.orm.entity_manager", "@security.token_storage"]
        tags:
            -
                name: kernel.event_listener
                event: kernel.request
                method: onKernelRequest

Create the listener :

class OnRequestListener
{
    protected $em;
    protected $tokenStorage;

    public function __construct($em, $tokenStorage)
    {
        $this->em = $em;
        $this->tokenStorage = $tokenStorage;
    }
    public function onKernelRequest(GetResponseEvent $event)
    {
        if($this->tokenStorage->getToken()) {
            $user = $this->tokenStorage->getToken()->getUser();
            $filter = $this->em->getFilters()->enable('company');
            $filter->setParameter('user', $user);
        }
    }
}

Then at last your SQLFilter :

<?php
#src\Acme\CompanyBundle\Repository\Filters\CompanyFilter.php

namespace Acme\CompanyBundle\Repository\Filters;

use Doctrine\ORM\Mapping\ClassMetaData;
use Doctrine\ORM\Query\Filter\SQLFilter;
use Acme\UserBundle\Entity\UserEntity;
use Acme\CompanyBundle\Entity\CompanyEntity;

class CompanyFilter extends SQLFilter
{
    public function addFilterConstraint(ClassMetadata $targetEntity, $targetTableAlias)
    {
        if ($targetEntity->hasAssociation("company") && $this->hasParameter('user')) {

            $user = $this->getParameter('user');

            $company = $user->getCompany();
            $idCompany = $company->getId();
            return $targetTableAlias . ".company_id = '".$idCompany."'";


        }
        return "";
    }
}