<?phpdeclare(strict_types=1);namespace SpringerNature\CPS\AMEDReviewTracker\Web\Security;use FOS\UserBundle\Controller\SecurityController;use SpringerNature\CPS\AMEDReviewTracker\Web\Controller\Admin\MyAccountChangePassword;use SpringerNature\CPS\AMEDReviewTracker\Web\Controller\Admin\MyAccountRedirectToPasswordChange;use SpringerNature\CPS\AMEDReviewTracker\Web\Entity\WebUser;use Symfony\Bundle\TwigBundle\Controller\ExceptionController;use Symfony\Component\DependencyInjection\ContainerAwareInterface;use Symfony\Component\DependencyInjection\ContainerAwareTrait;use Symfony\Component\HttpKernel\Event\ControllerEvent;use Symfony\Component\Security\Core\Security;/** * Override any action to the password change page if it is required. */class PasswordChangeRequiredHandler implements ContainerAwareInterface{ use ContainerAwareTrait; /** * @var Security */ private $security; /** * PasswordChangeRequiredHandler constructor. * * @param Security $security */ public function __construct(Security $security) { $this->security = $security; } /** * @param ControllerEvent $event */ public function onKernelController(ControllerEvent $event): void { $eventControler = $event->getController(); if ( $eventControler instanceof MyAccountChangePassword || is_array($eventControler) && ( 'Symfony\Bundle\WebProfilerBundle\Controller\ProfilerController' == get_class($eventControler[0]) || $eventControler[0] instanceof SecurityController || $eventControler[0] instanceof ExceptionController ) ) { return; } if ( ! null === $this->security->getToken() && ! $this->security->isGranted('ROLE_USER')) { return; } $user = $this->security->getUser(); if ( ! $user instanceof WebUser) { return; } if ($user->isPasswordChangeRequired()) { $event->setController($this->container->get(MyAccountRedirectToPasswordChange::class)); } }}