src/EventSubscriber/AuditSubscriber.php line 374

Open in your IDE?
  1. <?php
  2. namespace App\EventSubscriber;
  3. use App\Entity\LogsAction;
  4. use App\Entity\User;
  5. use App\Repository\LogsActionRepository;
  6. use DateTime;
  7. use DateTimeInterface;
  8. use Doctrine\Common\Collections\Collection;
  9. use Doctrine\ORM\Event\LifecycleEventArgs;
  10. use Doctrine\Persistence\ManagerRegistry;
  11. use Doctrine\Persistence\ObjectManager;
  12. use Error;
  13. use Exception;
  14. use ReflectionMethod;
  15. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  16. use Symfony\Component\HttpFoundation\File\UploadedFile;
  17. use Symfony\Component\HttpFoundation\Request;
  18. use Symfony\Component\HttpKernel\Event\ControllerEvent;
  19. use Symfony\Component\HttpKernel\Event\ExceptionEvent;
  20. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  21. use Symfony\Component\HttpKernel\KernelEvents;
  22. use Symfony\Component\Security\Core\Security;
  24. class AuditSubscriber implements EventSubscriberInterface
  25. {
  26.     private array $httpRequestContext = [];
  27.     private array $entityChanges = [];
  28.     private bool $shouldSkipAudit false;
  29.     private ?array $errorData null;
  30.     private ?array $preDeleteEntityData null;
  31.     private ?string $currentRoute null;
  32.     private ?string $currentMethod null;
  34.     // Routes to ignore from audit logging
  35.     private const IGNORED_ROUTES = [
  36.         // Clean route patterns
  37.         '/api/discussion/list',
  38.         '/api/login_check',
  39.         // Original Symfony route patterns  
  40.         '_api_/discussion/list',
  41.         'api/login_check',
  42.         '_api_/discussion/list.{_format}_get',
  43.         'api/login_check_post',
  44.     ];
  46.     public function __construct(
  47.         private readonly \Doctrine\ORM\EntityManagerInterface $entityManager,
  48.         private readonly ManagerRegistry $doctrine,
  49.         private Security $security,
  50.         private readonly LogsActionRepository $logsActionRepository
  51.     ) {
  52.     }
  54.     public static function getSubscribedEvents() :array
  55.     {
  56.         return [
  57.             // HTTP Kernel Events
  58.             KernelEvents::CONTROLLER => 'onKernelController',
  59.             KernelEvents::RESPONSE => 'onKernelResponse',
  60.             KernelEvents::EXCEPTION => 'onKernelException',
  61.         ];
  62.     }
  64.     public function getSubscribedDoctrineEvents(): array
  65.     {
  66.         return [
  67.             'prePersist',
  68.             'preUpdate',
  69.             'preRemove',
  70.         ];
  71.     }
  73.     // Spammed routes like /api/login_check or /api/discussion/list
  74.     private function shouldIgnoreRoute(string $originalRoute nullstring $cleanRoute null): bool
  75.     {
  76.         if (!$originalRoute && !$cleanRoute) {
  77.             return false;
  78.         }
  79.         if ($originalRoute && in_array($originalRouteself::IGNORED_ROUTEStrue)) {
  80.             return true;
  81.         }
  82.         if ($cleanRoute && in_array($cleanRouteself::IGNORED_ROUTEStrue)) {
  83.             return true;
  84.         }
  85.         foreach (self::IGNORED_ROUTES as $ignoredRoute) {
  86.             if ($originalRoute && str_starts_with($originalRoute$ignoredRoute)) {
  87.                 return true;
  88.             }
  89.             if ($originalRoute && $this->matchesRoutePattern($originalRoute$ignoredRoute)) {
  90.                 return true;
  91.             }
  92.         }
  93.         return false;
  94.     }
  95.     private function matchesRoutePattern(string $routestring $pattern): bool
  96.     {
  97.         // Remove format and method suffixes for comparison
  98.         $cleanedRoute preg_replace('/\.\{_format\}(_\w+)?$/'''$route);
  99.         $cleanedRoute preg_replace('/_(?:get|post|put|patch|delete)$/'''$cleanedRoute);
  100.         
  101.         $cleanedPattern preg_replace('/\.\{_format\}(_\w+)?$/'''$pattern);
  102.         $cleanedPattern preg_replace('/_(?:get|post|put|patch|delete)$/'''$cleanedPattern);
  103.         
  104.         return $cleanedRoute === $cleanedPattern;
  105.     }
  107.     private function extractEntityData($entity): array
  108.     {
  109.         try {
  110.             $data = [];
  111.             $reflection = new \ReflectionClass($entity);
  113.             // Always include entity class for clarity
  114.             $data['_entity_class'] = get_class($entity);
  116.             // Try to get entity ID
  117.             if (method_exists($entity'getId')) {
  118.                 try {
  119.                     $id $entity->getId();
  120.                     $data['_entity_id'] = $id ?? 'null';
  121.                 } catch (Error $e) {
  122.                     $data['_entity_id'] = 'uninitialized';
  123.                 }
  124.             }
  126.             foreach ($reflection->getProperties() as $property) {
  127.                 $propertyName $property->getName();
  129.                 try {
  130.                     $value $property->getValue($entity);
  131.                 } catch (Error $e) {
  132.                     // Skip uninitialized properties
  133.                     if (str_contains($e->getMessage(), 'must not be accessed before initialization')) {
  134.                         continue;
  135.                     }
  136.                     $data[$propertyName] = 'error:' $e->getMessage();
  137.                     continue;
  138.                 }
  140.                 // Handle different value types
  141.                 if (is_null($value)) {
  142.                     $data[$propertyName] = null;
  143.                 } elseif ($value instanceof DateTimeInterface) {
  144.                     $data[$propertyName] = $value->format('Y-m-d H:i:s');
  145.                 } elseif (is_scalar($value)) {
  146.                     // Truncate long strings for readability
  147.                     if (is_string($value) && strlen($value) > 500) {
  148.                         $data[$propertyName] = substr($value0500) . '... [truncated]';
  149.                     } else {
  150.                         $data[$propertyName] = $value;
  151.                     }
  152.                 } elseif (is_object($value)) {
  153.                     if (method_exists($value'getId')) {
  154.                         // Related entity - store only ID
  155.                         try {
  156.                             $relatedId $value->getId();
  157.                             $data[$propertyName] = [
  158.                                 '_type' => 'relation',
  159.                                 '_class' => get_class($value),
  160.                                 'id' => $relatedId
  161.                             ];
  162.                         } catch (Error $e) {
  163.                             $data[$propertyName] = [
  164.                                 '_type' => 'relation',
  165.                                 '_class' => get_class($value),
  166.                                 'id' => 'uninitialized'
  167.                             ];
  168.                         }
  169.                     } elseif ($value instanceof Collection || $value instanceof \Doctrine\ORM\PersistentCollection) {
  170.                         // Collection - check if initialized
  171.                         try {
  172.                             if (method_exists($value'isInitialized') && !$value->isInitialized()) {
  173.                                 $data[$propertyName] = ['_type' => 'collection''status' => 'uninitialized'];
  174.                             } else {
  175.                                 $data[$propertyName] = ['_type' => 'collection''count' => $value->count()];
  176.                             }
  177.                         } catch (Exception $e) {
  178.                             $data[$propertyName] = ['_type' => 'collection''status' => 'error'];
  179.                         }
  180.                     } elseif (method_exists($value'__toString')) {
  181.                         try {
  182.                             $data[$propertyName] = (string)$value;
  183.                         } catch (Exception $e) {
  184.                             $data[$propertyName] = 'object:' get_class($value);
  185.                         }
  186.                     } else {
  187.                         $data[$propertyName] = 'object:' get_class($value);
  188.                     }
  189.                 } elseif (is_array($value)) {
  190.                     $data[$propertyName] = ['_type' => 'array''count' => count($value)];
  191.                 }
  192.             }
  194.             return $data;
  196.         } catch (Exception $e) {
  197.             return [
  198.                 '_error' => 'extraction_failed',
  199.                 '_entity_class' => get_class($entity),
  200.                 '_message' => $e->getMessage()
  201.             ];
  202.         }
  203.     }
  205.     // This function is useless right now but in case we need to specify which HTTP actions to log later
  206.     private function shouldLogHttpAction(string $methodint $statusCode): bool
  207.     {
  208.         // Log all successful requests for certain methods
  209.         if ($statusCode >= 200 && $statusCode 300) {
  210.             return in_array($method, ['GET''DELETE''POST''PUT''PATCH']);
  211.         }
  212.         // Log all error responses
  213.         return $statusCode >= 400;
  214.     }
  217.     private function getHttpActionType(string $methodstring $route null): string
  218.     {
  219.         if ($route && $this->isDeleteRoute($route)) {
  220.             return 'delete';
  221.         }
  222.         
  223.         return match ($method) {
  224.             'GET' => 'read',
  225.             'POST' => 'create',
  226.             'PUT''PATCH' => 'update'
  227.             'DELETE' => 'delete',
  228.             default => 'request'
  229.         };
  230.     }
  232.     // Some Delete routes are using POST method so u need to handle them separately
  233.     private function isDeleteRoute(string $route): bool
  234.     {
  235.         $deletePatterns = [
  236.             '/delete',
  237.             'delete_',
  238.             '_delete',
  239.             '/remove',
  240.             'remove_',
  241.             '_remove',
  242.             '/destroy',
  243.             'destroy_',
  244.             '_destroy'
  245.         ];
  246.         
  247.         $lowerRoute strtolower($route);
  248.         
  249.         foreach ($deletePatterns as $pattern) {
  250.             if (str_contains($lowerRoute$pattern)) {
  251.                 return true;
  252.             }
  253.         }
  254.         
  255.         return false;
  256.     }
  258.     private function captureEntityBeforeDelete(Request $requeststring $route): void
  259.     {
  260.         try {
  261.             $entityId $this->extractEntityIdFromRequest($request);
  262.             if (!$entityId) {
  263.                 return;
  264.             }
  265.             $entityClass $this->getEntityFromRoute($route);
  266.             if (!$entityClass) {
  267.                 return;
  268.             }
  270.             $repository $this->entityManager->getRepository($entityClass);
  271.             $entity $repository->find($entityId);
  272.             
  273.             if ($entity) {
  274.                 $this->preDeleteEntityData $this->extractEntityData($entity);
  275.             }
  276.         } catch (Exception $e) {
  277.         }
  278.     }
  280.     private function extractEntityIdFromRequest(Request $request): ?int
  281.     {
  282.         $idParams = ['id''entityId''siteId''userId''customerId'];
  283.         
  284.         foreach ($idParams as $param) {
  285.             $value $request->get($param);
  286.             if ($value && is_numeric($value)) {
  287.                 return (int) $value;
  288.             }
  289.         }
  290.         $pathInfo $request->getPathInfo();
  291.         if (preg_match('/\/(\d+)(?:\/|$)/'$pathInfo$matches)) {
  292.             $id = (int) $matches[1];
  293.             return $id;
  294.         }
  295.         return null;
  296.     }
  298.     private function getEntityFromRoute(string $route): ?string
  299.     {
  300.         $routeToEntityMap = [
  301.             'sites' => 'App\Entity\Site',
  302.             'users' => 'App\Entity\User'
  303.             'customers' => 'App\Entity\Customer',
  304.             'evaluations' => 'App\Entity\Evaluation',
  305.             'documents' => 'App\Entity\Document',
  306.             'categories' => 'App\Entity\Category',
  307.             'sections' => 'App\Entity\Section',
  308.             'compliances' => 'App\Entity\Compliance',
  309.             //
  310.             'site' => 'App\Entity\Site',
  311.             'user' => 'App\Entity\User',
  312.             'customer' => 'App\Entity\Customer'
  313.             'evaluation' => 'App\Entity\Evaluation',
  314.             'document' => 'App\Entity\Document',
  315.             'category' => 'App\Entity\Category',
  316.             'section' => 'App\Entity\Section',
  317.             'compliance' => 'App\Entity\Compliance',
  318.         ];
  320.         $lowerRoute strtolower($route);
  321.         
  322.         foreach ($routeToEntityMap as $routePattern => $entityClass) {
  323.             if (str_contains($lowerRoute$routePattern)) {
  324.                 return $entityClass;
  325.             }
  326.         }
  328.         return null;
  329.     }
  332.     private function getAuditEntityManager(): ObjectManager
  333.     {
  334.         try {
  335.             $em $this->doctrine->resetManager();
  336.             return $this->doctrine->getManager();
  337.         } catch (Exception $e) {
  338.             return $this->entityManager;
  339.         }
  340.     }
  342.     private function getCleanRoute($request): string
  343.     {
  344.         // Try to get the actual path first
  345.         $pathInfo $request->getPathInfo();
  346.         if ($pathInfo && $pathInfo !== '/') {
  347.             return $pathInfo;
  348.         }
  349.         
  350.         // Fallback to route name, but clean it up
  351.         $route $request->attributes->get('_route');
  352.         if (!$route) {
  353.             return 'unknown_route';
  354.         }
  355.         
  356.         // Clean up common Symfony route patterns
  357.         $cleanRoute $route;
  358.         
  359.         // Remove format placeholders
  360.         $cleanRoute preg_replace('/\.\{_format\}/'''$cleanRoute);
  361.         
  362.         // Remove method suffixes (like _post, _get, etc.)
  363.         $cleanRoute preg_replace('/_(?:get|post|put|patch|delete)$/'''$cleanRoute);
  364.         
  365.         // Convert underscores to forward slashes for API routes
  366.         if (str_starts_with($cleanRoute'_api_')) {
  367.             $cleanRoute str_replace('_api_''/api/'$cleanRoute);
  368.             $cleanRoute str_replace('_''/'$cleanRoute);
  369.         }
  370.         
  371.         return $cleanRoute;
  372.     }
  374.     public function onKernelController(ControllerEvent $event)
  375.     {
  376.         $request $event->getRequest();
  377.         $originalRoute $request->attributes->get('_route');
  378.         $cleanRoute $this->getCleanRoute($request);
  380.         if ($this->shouldIgnoreRoute($originalRoute$cleanRoute)) {
  381.             $this->shouldSkipAudit true;
  382.             return;
  383.         }
  385.         $this->shouldSkipAudit false;
  386.         $this->currentRoute $cleanRoute;
  387.         $this->currentMethod $request->getMethod();
  389.         // Build structured request data
  390.         $requestPayload = [];
  392.         // Query parameters
  393.         if ($request->query->count() > 0) {
  394.             $requestPayload['query_params'] = $request->query->all();
  395.         }
  397.         // POST/Form data
  398.         if ($request->request->count() > 0) {
  399.             $requestPayload['form_data'] = $request->request->all();
  400.         }
  402.         // JSON body
  403.         if ($request->getContentType() === 'json' || str_contains($request->headers->get('Content-Type'''), 'application/json')) {
  404.             $content $request->getContent();
  405.             if ($content) {
  406.                 $decodedContent json_decode($contenttrue);
  407.                 if (json_last_error() === JSON_ERROR_NONE) {
  408.                     $requestPayload['json_body'] = $decodedContent;
  409.                 } else {
  410.                     $requestPayload['raw_body'] = substr($content01000); // Limit size
  411.                 }
  412.             }
  413.         }
  415.         // Files
  416.         if ($request->files->count() > 0) {
  417.             $requestPayload['files'] = array_map(function($file) {
  418.                 return $file instanceof UploadedFile
  419.                     ? [
  420.                         'name' => $file->getClientOriginalName(),
  421.                         'size' => $file->getSize(),
  422.                         'type' => $file->getMimeType()
  423.                     ]
  424.                     : (string)$file;
  425.             }, $request->files->all());
  426.         }
  428.         // Store context for later use
  429.         $this->httpRequestContext = [
  430.             'route' => $cleanRoute,
  431.             'original_route' => $originalRoute,
  432.             'method' => $request->getMethod(),
  433.             'ip_address' => $this->logsActionRepository->getRealIpAddress($request),
  434.             'user_agent' => $request->headers->get('User-Agent'),
  435.             'request_payload' => $requestPayload,
  436.         ];
  438.         // Capture entity data before potential deletion
  439.         if ($this->isDeleteRoute($cleanRoute)) {
  440.             $this->captureEntityBeforeDelete($request$cleanRoute);
  441.         }
  442.     }
  444.      public function preUpdate(LifecycleEventArgs $args)
  445.      {
  446.          if ($this->shouldSkipAudit) {
  447.              return;
  448.          }
  450.          try {
  451.              $entity $args->getObject();
  452.              $entityClass get_class($entity);
  453.              $entityId $this->getEntityId($entity);
  455.              // Get only the changed fields (before and after values)
  456.              $dataBefore $this->extractChangeSetData($entity);
  457.              $dataAfter $this->extractChangeSetDataAfter($entity);
  459.              $this->entityChanges[] = [
  460.                  'type' => 'entity_change',
  461.                  'action' => 'update',
  462.                  'entity_class' => $entityClass,
  463.                  'entity_id' => $entityId,
  464.                  'data_before' => $dataBefore// Only modified fields - old values
  465.                  'data_after' => $dataAfter,   // Only modified fields - new values
  466.              ];
  467.          } catch (Exception $e) {
  468.              // Silently handle errors to prevent disrupting the update
  469.          }
  470.      }
  472.     private function getEntityId($entity): string
  473.     {
  474.         if (!method_exists($entity'getId')) {
  475.             return 'unknown';
  476.         }
  478.         try {
  479.             $id $entity->getId();
  480.             return $id !== null ? (string)$id 'null';
  481.         } catch (Error $e) {
  482.             if (str_contains($e->getMessage(), 'must not be accessed before initialization')) {
  483.                 return 'uninitialized';
  484.             }
  485.             return 'error';
  486.         }
  487.     }
  489.     private function extractChangeSetData($entity): array
  490.     {
  491.         $dataBefore = [];
  493.         try {
  494.             $uow $this->entityManager->getUnitOfWork();
  495.             $changeSet $uow->getEntityChangeSet($entity);
  497.             // Only include fields that have actually changed
  498.             foreach ($changeSet as $field => $values) {
  499.                 $oldValue $values[0]; // Old value before change
  501.                 if ($oldValue instanceof DateTimeInterface) {
  502.                     $dataBefore[$field] = $oldValue->format('Y-m-d H:i:s');
  503.                 } elseif (is_object($oldValue) && method_exists($oldValue'getId')) {
  504.                     try {
  505.                         $dataBefore[$field] = [
  506.                             '_type' => 'relation',
  507.                             '_class' => get_class($oldValue),
  508.                             'id' => $oldValue->getId()
  509.                         ];
  510.                     } catch (Error $e) {
  511.                         $dataBefore[$field] = [
  512.                             '_type' => 'relation',
  513.                             '_class' => get_class($oldValue),
  514.                             'id' => 'uninitialized'
  515.                         ];
  516.                     }
  517.                 } elseif (is_scalar($oldValue) || is_null($oldValue)) {
  518.                     $dataBefore[$field] = $oldValue;
  519.                 } else {
  520.                     try {
  521.                         $dataBefore[$field] = (string)$oldValue;
  522.                     } catch (Exception $e) {
  523.                         $dataBefore[$field] = 'object_conversion_error';
  524.                     }
  525.                 }
  526.             }
  528.         } catch (Exception $e) {
  529.             $dataBefore['_error'] = 'Could not retrieve change set: ' $e->getMessage();
  530.         }
  532.         return $dataBefore;
  533.     }
  535.     private function extractChangeSetDataAfter($entity): array
  536.     {
  537.         $dataAfter = [];
  539.         try {
  540.             $uow $this->entityManager->getUnitOfWork();
  541.             $changeSet $uow->getEntityChangeSet($entity);
  543.             // Only include fields that have actually changed
  544.             foreach ($changeSet as $field => $values) {
  545.                 $newValue $values[1]; // New value after change
  547.                 if ($newValue instanceof DateTimeInterface) {
  548.                     $dataAfter[$field] = $newValue->format('Y-m-d H:i:s');
  549.                 } elseif (is_object($newValue) && method_exists($newValue'getId')) {
  550.                     try {
  551.                         $dataAfter[$field] = [
  552.                             '_type' => 'relation',
  553.                             '_class' => get_class($newValue),
  554.                             'id' => $newValue->getId()
  555.                         ];
  556.                     } catch (Error $e) {
  557.                         $dataAfter[$field] = [
  558.                             '_type' => 'relation',
  559.                             '_class' => get_class($newValue),
  560.                             'id' => 'uninitialized'
  561.                         ];
  562.                     }
  563.                 } elseif (is_scalar($newValue) || is_null($newValue)) {
  564.                     $dataAfter[$field] = $newValue;
  565.                 } else {
  566.                     try {
  567.                         $dataAfter[$field] = (string)$newValue;
  568.                     } catch (Exception $e) {
  569.                         $dataAfter[$field] = 'object_conversion_error';
  570.                     }
  571.                 }
  572.             }
  574.         } catch (Exception $e) {
  575.             $dataAfter['_error'] = 'Could not retrieve change set: ' $e->getMessage();
  576.         }
  578.         return $dataAfter;
  579.     }
  582.     public function prePersist(LifecycleEventArgs $args)
  583.     {
  584.         if ($this->shouldSkipAudit) {
  585.             return;
  586.         }
  588.         try {
  589.             $entity $args->getObject();
  590.             $entityClass get_class($entity);
  591.             $entityId $this->getEntityId($entity);
  593.             $this->entityChanges[] = [
  594.                 'type' => 'entity_change',
  595.                 'action' => 'create',
  596.                 'entity_class' => $entityClass,
  597.                 'entity_id' => $entityId,
  598.                 'data_before' => [],
  599.                 'data_after' => $this->extractEntityData($entity),
  600.             ];
  601.         } catch (Exception $e) {
  602.             // Silently handle errors
  603.         }
  604.     }
  606.     // Capture entity deletions
  607.     public function preRemove(LifecycleEventArgs $args)
  608.     {
  609.         if ($this->shouldSkipAudit) {
  610.             return;
  611.         }
  613.         try {
  614.             $entity $args->getObject();
  615.             $entityClass get_class($entity);
  616.             $entityId $this->getEntityId($entity);
  617.             $entityData $this->extractEntityData($entity);
  619.             $this->entityChanges[] = [
  620.                 'type' => 'entity_change',
  621.                 'action' => 'delete',
  622.                 'entity_class' => $entityClass,
  623.                 'entity_id' => $entityId,
  624.                 'data_before' => $entityData,
  625.                 'data_after' => [], // Empty after deletion
  626.             ];
  627.         } catch (Exception $e) {
  628.             // Silently handle errors
  629.         }
  630.     }
  631.     public function onKernelException(ExceptionEvent $event): void
  632.     {
  633.         if ($this->shouldSkipAudit) {
  634.             return;
  635.         }
  637.         $exception $event->getThrowable();
  638.         $this->errorData = [
  639.             'error_message' => $exception->getMessage(),
  640.             'error_code' => $exception->getCode(),
  641.             'error_file' => $exception->getFile(),
  642.             'error_line' => $exception->getLine(),
  643.             'error_trace' => $exception->getTraceAsString()
  644.         ];
  645.     }
  647.     public function onKernelResponse(ResponseEvent $event): void
  648.     {
  649.         if ($this->shouldSkipAudit) {
  650.             return;
  651.         }
  653.         $response $event->getResponse();
  654.         $user $this->security->getUser();
  655.         $statusCode $response $response->getStatusCode() : 500;
  656.         $method $this->currentMethod ?? 'UNKNOWN';
  657.         $route $this->currentRoute ?? 'unknown_route';
  659.         // Build clean response data
  660.         $responseData $this->buildResponseData($response$statusCode);
  662.         // Handle errors
  663.         if ($statusCode >= 400 && empty($this->entityChanges)) {
  664.             $this->logError($statusCode$responseData);
  665.         }
  667.         // Log HTTP request if no entity changes were captured
  668.         if (empty($this->entityChanges) && $this->shouldLogHttpAction($method$statusCode)) {
  669.             $this->logHttpRequest($method$route$statusCode$responseData);
  670.         }
  672.         // Nothing to log
  673.         if (empty($this->entityChanges)) {
  674.             $this->cleanup();
  675.             return;
  676.         }
  678.         // Persist all logs
  679.         $this->persistLogs($user$statusCode$responseData);
  681.         // Cleanup
  682.         $this->cleanup();
  683.     }
  685.     private function buildResponseData($responseint $statusCode): array
  686.     {
  687.         $responseData = ['status_code' => $statusCode];
  689.         if (!$response) {
  690.             return $responseData;
  691.         }
  693.         // Important headers
  694.         $responseData['headers'] = [];
  695.         $importantHeaders = ['content-type''location''cache-control'];
  696.         foreach ($importantHeaders as $header) {
  697.             if ($response->headers->has($header)) {
  698.                 $responseData['headers'][$header] = $response->headers->get($header);
  699.             }
  700.         }
  702.         // Response content (only for successful responses)
  703.         if ($statusCode >= 200 && $statusCode 300) {
  704.             try {
  705.                 $content $response->getContent();
  706.                 if (!empty($content)) {
  707.                     // Limit response content size
  708.                     if (strlen($content) > 5000) {
  709.                         $responseData['content'] = substr($content05000) . '... [truncated]';
  710.                         $responseData['content_truncated'] = true;
  711.                         $responseData['original_length'] = strlen($content);
  712.                     } else {
  713.                         $decodedContent json_decode($contenttrue);
  714.                         if (json_last_error() === JSON_ERROR_NONE) {
  715.                             $responseData['content'] = $decodedContent;
  716.                         } else {
  717.                             $responseData['content'] = $content;
  718.                         }
  719.                     }
  720.                 }
  721.             } catch (Exception $e) {
  722.                 $responseData['content_error'] = $e->getMessage();
  723.             }
  724.         }
  726.         return $responseData;
  727.     }
  729.     private function logError(int $statusCode, array $responseData): void
  730.     {
  731.         $errorData $this->errorData ?? [];
  733.         $this->entityChanges[] = [
  734.             'type' => 'error',
  735.             'action' => 'error',
  736.             'entity_class' => null,
  737.             'entity_id' => null,
  738.             'data_before' => [],
  739.             'data_after' => array_merge($errorData, ['status_code' => $statusCode]),
  740.             'response_data' => $responseData,
  741.         ];
  742.     }
  744.     private function logHttpRequest(string $methodstring $routeint $statusCode, array $responseData): void
  745.     {
  746.         $action $this->getHttpActionType($method$route);
  747.         $dataBefore = [];
  749.         // For DELETE operations, include pre-delete data
  750.         if ($action === 'delete' && $this->preDeleteEntityData !== null) {
  751.             $dataBefore $this->preDeleteEntityData;
  752.         }
  754.         $this->entityChanges[] = [
  755.             'type' => 'http_request',
  756.             'action' => $action,
  757.             'entity_class' => null,
  758.             'entity_id' => null,
  759.             'data_before' => $dataBefore,
  760.             'data_after' => [],
  761.             'response_data' => $responseData,
  762.             'metadata' => [
  763.                 'detected_as_delete' => $action === 'delete' && $method !== 'DELETE',
  764.                 'has_pre_delete_data' => !empty($dataBefore),
  765.             ],
  766.         ];
  767.     }
  769.     private function persistLogs($userint $statusCode, array $responseData): void
  770.     {
  771.         $auditEM $this->getAuditEntityManager();
  772.         if (!$auditEM) {
  773.             return;
  774.         }
  776.         $auditUser $this->resolveAuditUser($user$auditEM);
  777.         if (!$auditUser) {
  778.             return; // Skip logging if no user can be resolved
  779.         }
  781.         foreach ($this->entityChanges as $change) {
  782.             try {
  783.                 $log = new LogsAction();
  784.                 $log->setUser($auditUser);
  785.                 $log->setAction($change['action']);
  786.                 $log->setRoute($this->currentRoute);
  787.                 $log->setMethod($this->currentMethod);
  788.                 $log->setIpAddress($this->httpRequestContext['ip_address'] ?? null);
  789.                 $log->setUserAgent($this->httpRequestContext['user_agent'] ?? null);
  790.                 $log->setStatusCode($statusCode);
  792.                 // Build clear request data structure - always include request payload
  793.                 $requestData = [
  794.                     'type' => $change['type'] ?? 'entity_change',
  795.                     'entity_class' => $change['entity_class'] ?? null,
  796.                     'entity_id' => $change['entity_id'] ?? null,
  797.                     'payload' => $this->httpRequestContext['request_payload'] ?? [],
  798.                     'metadata' => $change['metadata'] ?? [],
  799.                 ];
  801.                 // Set request data (always persisted, nullable)
  802.                 $log->setRequestData(!empty($requestData['payload']) || !empty($requestData['metadata'])
  803.                     ? json_encode($requestDataJSON_UNESCAPED_UNICODE)
  804.                     : null);
  806.                 // Set data before (only modified fields for updates, full snapshot for deletes)
  807.                 $dataBefore $change['data_before'] ?? [];
  808.                 $log->setDataBefore(!empty($dataBefore) ? json_encode($dataBeforeJSON_UNESCAPED_UNICODE) : null);
  810.                 // Set data after (only modified fields for updates, full snapshot for creates)
  811.                 $dataAfter $change['data_after'] ?? [];
  812.                 $log->setDataAfter(!empty($dataAfter) ? json_encode($dataAfterJSON_UNESCAPED_UNICODE) : null);
  814.                 // Set response data (always persisted if available, nullable)
  815.                 $responseDataToLog $change['response_data'] ?? $responseData;
  816.                 $log->setResponseData(!empty($responseDataToLog) ? json_encode($responseDataToLogJSON_UNESCAPED_UNICODE) : null);
  818.                 $log->setCreatedAt(new DateTime());
  819.                 $log->setUpdatedAt(new DateTime());
  821.                 $auditEM->persist($log);
  822.             } catch (Exception $e) {
  823.                 // Silently continue to next log
  824.                 continue;
  825.             }
  826.         }
  828.         try {
  829.             $auditEM->flush();
  830.         } catch (Exception $e) {
  831.             // Failed to persist logs - silent fail to avoid breaking the request
  832.         }
  833.     }
  835.     private function resolveAuditUser($userObjectManager $auditEM): ?User
  836.     {
  837.         if (!$user) {
  838.             $systemUser $auditEM->find(User::class, 0);
  839.             return $systemUser;
  840.         }
  842.         $auditUser null;
  844.         if ($user instanceof User) {
  845.             $userId $user->getId();
  846.             $auditUser $auditEM->find(User::class, $userId);
  847.         }
  849.         return $auditUser;
  850.     }
  852.     private function cleanup(): void
  853.     {
  854.         $this->entityChanges = [];
  855.         $this->errorData null;
  856.         $this->httpRequestContext = [];
  857.         $this->preDeleteEntityData null;
  858.         $this->currentRoute null;
  859.         $this->currentMethod null;
  860.     }
  861. }