src/Security/ExportVoter.php line 196

Open in your IDE?
  1. <?php
  2. //------------------------------------------------------------------------------
  3. // src/Security/ExportVoter.php
  4. //------------------------------------------------------------------------------
  5. namespace App\Security;
  7. use Doctrine\Persistence\ManagerRegistry;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. use App\Entity\Access;
  12. use App\Entity\Config\Config;
  13. use App\Entity\Config\Module;
  14. use App\Entity\HR\AccessFunction;
  15. use App\Entity\Security\Acl;
  16. use App\Entity\Security\AclPermission;
  17. use App\Services\Config\ModuleTools;
  19. class ExportVoter extends Voter
  20. {
  21.     //--------------------------------------------------------------------------------
  22.     // is_granted constants
  23.     const IS_ACTIVE "export_is_active";
  25.     const EXPORT_ANY "export_data";
  27.     const EXPORT_INVOICE "export_invoices";
  28.     const EXPORT_INVOICE_SOCIETY "export_invoices_society";
  29.     const EXPORT_INVOICE_ANY "export_invoices_any";
  31.     const EXPORT_DEVIS "export_devis";
  32.     const EXPORT_DEVIS_SOCIETY "export_devis_society";
  33.     const EXPORT_DEVIS_ANY "export_devis_any";
  35.     const EXPORT_COMMAND "export_commands";
  36.     const EXPORT_COMMAND_SOCIETY "export_commands_society";
  37.     const EXPORT_COMMAND_ANY "export_commands_any";
  39.     const EXPORT_TASK "export_tasks";
  40.     const EXPORT_TASK_SOCIETY "export_tasks_society";
  41.     const EXPORT_TASK_ANY "export_tasks_any";
  43.     const EXPORT_MISSION "export_missions";
  44.     const EXPORT_MISSION_SOCIETY "export_missions_society";
  45.     const EXPORT_MISSION_ANY "export_missions_any";
  47.     const EXPORT_IND "export_individuals";
  48.     const EXPORT_IND_SOCIETY "export_individuals_society";
  49.     const EXPORT_IND_ANY "export_individuals_any";
  51.     const EXPORT_RFI "export_rfi";
  52.     const EXPORT_RFI_SOCIETY "export_rfi_society";
  53.     const EXPORT_RFI_ANY "export_rfi_any";
  55.     const EXPORT_ANOMALY "export_anomaly";
  56.     const EXPORT_ANOMALY_SOCIETY "export_anomaly_society";
  57.     const EXPORT_ANOMALY_ANY "export_anomaly_any";
  59.     const EXPORT_INSTALLMENT "export_installment";
  60.     const EXPORT_INSTALLMENT_SOCIETY "export_installment_society";
  61.     const EXPORT_INSTALLMENT_ANY "export_installment_any";
  63.     const EXPORT_EQUIPMENT "export_equipment";
  64.     const EXPORT_EQUIPMENT_SOCIETY "export_equipment_society";
  65.     const EXPORT_EQUIPMENT_ANY "export_equipment_any";
  67.     // Plan.io Tasks #3621 #3653
  68.     const EXPORT_IKEA_SERVICE_ORDER "export_ikea_service_orders";
  69.     const EXPORT_IKEA_SERVICE_ORDER_SOCIETY "export_ikea_service_orders_society";
  70.     const EXPORT_IKEA_SERVICE_ORDER_ANY "export_ikea_service_orders_any";
  72.     const EXPORT_SALARY "export_salary";
  73.     const EXPORT_SALARY_SOCIETY "export_salary_society";
  74.     const EXPORT_SALARY_ANY "export_salary_any";
  76.     const EXPORT_DEMAND "export_demand";
  77.     const EXPORT_DEMAND_SOCIETY "export_demand_society";
  78.     const EXPORT_DEMAND_ANY "export_demand_any";
  80.     // Task plan.io #3889 : No right for society
  81.     const EXPORT_ITASK "export_itask";
  82.     const EXPORT_ITASK_ANY "export_itask_any";
  84.     // Task plan.io #4426
  85.     const EXPORT_COST "export_cost";
  86.     const EXPORT_COST_SOCIETY "export_cost_society";
  87.     const EXPORT_COST_ANY "export_cost_any";
  89.     const IS_GRANTED_CONSTANTS = array(
  90.         self::IS_ACTIVE,
  91.         self::EXPORT_ANY,
  92.         self::EXPORT_INVOICE,
  93.         self::EXPORT_INVOICE_SOCIETY,
  94.         self::EXPORT_INVOICE_ANY,
  95.         self::EXPORT_DEVIS,
  96.         self::EXPORT_DEVIS_SOCIETY,
  97.         self::EXPORT_DEVIS_ANY,
  98.         self::EXPORT_COMMAND,
  99.         self::EXPORT_COMMAND_SOCIETY,
  100.         self::EXPORT_COMMAND_ANY,
  101.         self::EXPORT_TASK,
  102.         self::EXPORT_TASK_SOCIETY,
  103.         self::EXPORT_TASK_ANY,
  104.         self::EXPORT_MISSION,
  105.         self::EXPORT_MISSION_SOCIETY,
  106.         self::EXPORT_MISSION_ANY,
  107.         self::EXPORT_IND,
  108.         self::EXPORT_IND_SOCIETY,
  109.         self::EXPORT_IND_ANY,
  110.         self::EXPORT_RFI,
  111.         self::EXPORT_RFI_SOCIETY,
  112.         self::EXPORT_RFI_ANY,
  113.         self::EXPORT_ANOMALY,
  114.         self::EXPORT_ANOMALY_SOCIETY,
  115.         self::EXPORT_ANOMALY_ANY,
  116.         self::EXPORT_INSTALLMENT,
  117.         self::EXPORT_INSTALLMENT_SOCIETY,
  118.         self::EXPORT_INSTALLMENT_ANY,
  119.         self::EXPORT_EQUIPMENT,
  120.         self::EXPORT_EQUIPMENT_SOCIETY,
  121.         self::EXPORT_EQUIPMENT_ANY,
  122.         // Plan.io Tasks #3621 #3653
  123.         self::EXPORT_IKEA_SERVICE_ORDER,
  124.         self::EXPORT_IKEA_SERVICE_ORDER_SOCIETY,
  125.         self::EXPORT_IKEA_SERVICE_ORDER_ANY,
  127.         self::EXPORT_SALARY,
  128.         self::EXPORT_SALARY_SOCIETY,
  129.         self::EXPORT_SALARY_ANY,
  131.         self::EXPORT_DEMAND,
  132.         self::EXPORT_DEMAND_SOCIETY,
  133.         self::EXPORT_DEMAND_ANY,
  135.         self::EXPORT_ITASK,
  136.         self::EXPORT_ITASK_ANY,
  138.         self::EXPORT_COST,
  139.         self::EXPORT_COST_SOCIETY,
  140.         self::EXPORT_COST_ANY,
  141.     );
  143.     //--------------------------------------------------------------------------------
  144.     // acl constants
  145.     const ACL_PERM_EXPORT_INVOICE "invoice_export";
  146.     const ACL_PERM_EXPORT_INVOICE_SOCIETY "invoice_export_society";
  148.     const ACL_PERM_EXPORT_DEVIS "devis_export";
  149.     const ACL_PERM_EXPORT_DEVIS_SOCIETY "devis_export_society";
  151.     const ACL_PERM_EXPORT_COMMAND "command_export";
  152.     const ACL_PERM_EXPORT_COMMAND_SOCIETY "command_export_society";
  154.     const ACL_PERM_EXPORT_TASK "task_export";
  155.     const ACL_PERM_EXPORT_TASK_SOCIETY "task_export_society";
  157.     const ACL_PERM_EXPORT_MISSION "mission_export";
  158.     const ACL_PERM_EXPORT_MISSION_SOCIETY "mission_export_society";
  160.     const ACL_PERM_EXPORT_IND "ind_export";
  161.     const ACL_PERM_EXPORT_IND_SOCIETY "ind_export_society";
  163.     const ACL_PERM_EXPORT_RFI "webapp_doc_export_rfi";
  164.     const ACL_PERM_EXPORT_RFI_SOCIETY "webapp_doc_export_rfi_society";
  166.     const ACL_PERM_EXPORT_ANOMALY "webapp_doc_export_anomaly";
  167.     const ACL_PERM_EXPORT_ANOMALY_SOCIETY "webapp_doc_export_anomaly_society";
  169.     const ACL_PERM_EXPORT_INSTALLMENT "installment_export";
  170.     const ACL_PERM_EXPORT_INSTALLMENT_SOCIETY "installment_export_society";
  172.     const ACL_PERM_EXPORT_EQUIPMENT "equipment_export";
  173.     const ACL_PERM_EXPORT_EQUIPMENT_SOCIETY "equipment_export_society";
  175.     // Plan.io Tasks #3621 #3653
  176.     const ACL_PERM_EXPORT_IKEA_SERVICE_ORDER "ikea_service_order_export";
  177.     const ACL_PERM_EXPORT_IKEA_SERVICE_ORDER_SOCIETY "ikea_service_order_export_society";
  179.     // Plan.io Task #3884
  180.     const ACL_PERM_EXPORT_SALARY "salary_export";
  181.     const ACL_PERM_EXPORT_SALARY_SOCIETY "salary_export_society";
  183.     // Plan.io Task #3889
  184.     const ACL_PERM_EXPORT_DEMAND "demand_export";
  185.     const ACL_PERM_EXPORT_DEMAND_SOCIETY "demand_export_society";
  187.     // Plan.io Task #3889
  188.     const ACL_PERM_EXPORT_ITASK "itask_export";
  190.     // Plan.io Task #4426
  191.     const ACL_PERM_EXPORT_COST "cost_export";
  192.     const ACL_PERM_EXPORT_COST_SOCIETY "cost_export_society";
  194.     //--------------------------------------------------------------------------------
  196.     public function __construct(ManagerRegistry $doctrineModuleTools $moduleTools)
  197.     {
  198.         $this->em $doctrine->getManager();
  199.         $this->moduleTools $moduleTools;
  201.         $this->aclRepository $this->em->getRepository(Acl::class);
  202.         $this->aclPermissionRepository $this->em->getRepository(AclPermission::class);
  203.     }
  205.     // Plan.io Task #4453 [See AccessVoter for details]
  206.     public function supportsAttribute(string $attribute): bool
  207.     {
  208.         return in_array($attributeself::IS_GRANTED_CONSTANTStrue);
  209.     }
  210.     
  211.     protected function supports(string $attribute$subject null): bool
  212.     {
  213.         // if the attribute isn't one we support, return false
  214.         if (!in_array($attributeself::IS_GRANTED_CONSTANTS))
  215.         {
  216.             return false;
  217.         }
  219.         return true;
  220.     }
  222.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  223.     {
  224.         $user $token->getUser();
  226.         if (!$user instanceof Access)
  227.         {
  228.             // the user must be logged in; if not, deny access
  229.             return false;
  230.         }
  232.         // The user must have a function; if not deny access
  233.         $function $user->getFunction();
  234.         if ($function === null)        return false;
  236.         // Plan.io Task #3710 : Get current group
  237.         $currentGroup $user->getSocietyGroup();
  238.         if ($currentGroup === null)
  239.             return false;
  241.         // Module activated ?
  242.         if ($this->moduleTools->isInactiveByCode($currentGroupModule::MODULE_EXPORT))
  243.         {
  244.             return false;
  245.         }
  247.         // No subject for this voter
  248.         switch ($attribute)
  249.         {
  250.             case self::IS_ACTIVE:
  251.                 return true;
  253.             case self::EXPORT_ANY:
  254.                 return $this->canExportAnyGeneric($user$function);
  256.             case self::EXPORT_INVOICE:
  257.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_INVOICE);
  258.             case self::EXPORT_INVOICE_SOCIETY:
  259.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_INVOICE_SOCIETY);
  260.             case self::EXPORT_INVOICE_ANY:
  261.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_INVOICEself::ACL_PERM_EXPORT_INVOICE_SOCIETY);
  263.             case self::EXPORT_DEVIS:
  264.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_DEVIS);
  265.             case self::EXPORT_DEVIS_SOCIETY:
  266.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_DEVIS_SOCIETY);
  267.             case self::EXPORT_DEVIS_ANY:
  268.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_DEVISself::ACL_PERM_EXPORT_DEVIS_SOCIETY);
  270.             case self::EXPORT_COMMAND:
  271.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_COMMAND);
  272.             case self::EXPORT_COMMAND_SOCIETY:
  273.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_COMMAND_SOCIETY);
  274.             case self::EXPORT_COMMAND_ANY:
  275.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_COMMANDself::ACL_PERM_EXPORT_COMMAND_SOCIETY);
  277.             case self::EXPORT_TASK:
  278.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_TASK);
  279.             case self::EXPORT_TASK_SOCIETY:
  280.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_TASK_SOCIETY);
  281.             case self::EXPORT_TASK_ANY:
  282.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_TASKself::ACL_PERM_EXPORT_TASK_SOCIETY);
  284.             case self::EXPORT_MISSION:
  285.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_MISSION);
  286.             case self::EXPORT_MISSION_SOCIETY:
  287.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_MISSION_SOCIETY);
  288.             case self::EXPORT_MISSION_ANY:
  289.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_MISSIONself::ACL_PERM_EXPORT_MISSION_SOCIETY);
  291.             case self::EXPORT_IND:
  292.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_IND);
  293.             case self::EXPORT_IND_SOCIETY:
  294.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_IND_SOCIETY);
  295.             case self::EXPORT_IND_ANY:
  296.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_INDself::ACL_PERM_EXPORT_IND_SOCIETY);
  298.             case self::EXPORT_RFI:
  299.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_RFI);
  300.             case self::EXPORT_RFI_SOCIETY:
  301.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_RFI_SOCIETY);
  302.             case self::EXPORT_RFI_ANY:
  303.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_RFIself::ACL_PERM_EXPORT_RFI_SOCIETY);
  305.             case self::EXPORT_ANOMALY:
  306.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_ANOMALY);
  307.             case self::EXPORT_ANOMALY_SOCIETY:
  308.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_ANOMALY_SOCIETY);
  309.             case self::EXPORT_ANOMALY_ANY:
  310.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_ANOMALYself::ACL_PERM_EXPORT_ANOMALY_SOCIETY);
  312.             case self::EXPORT_INSTALLMENT:
  313.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_INSTALLMENT);
  314.             case self::EXPORT_INSTALLMENT_SOCIETY:
  315.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_INSTALLMENT_SOCIETY);
  316.             case self::EXPORT_INSTALLMENT_ANY:
  317.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_INSTALLMENTself::ACL_PERM_EXPORT_INSTALLMENT_SOCIETY);
  319.             case self::EXPORT_EQUIPMENT:
  320.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_EQUIPMENT);
  321.             case self::EXPORT_EQUIPMENT_SOCIETY:
  322.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_EQUIPMENT_SOCIETY);
  323.             case self::EXPORT_EQUIPMENT_ANY:
  324.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_EQUIPMENTself::ACL_PERM_EXPORT_EQUIPMENT_SOCIETY);
  326.             // Plan.io Tasks #3621 #3653 : Begin
  327.             case self::EXPORT_IKEA_SERVICE_ORDER:
  328.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_IKEA_SERVICE_ORDER);
  329.             case self::EXPORT_IKEA_SERVICE_ORDER_SOCIETY:
  330.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_IKEA_SERVICE_ORDER_SOCIETY);
  331.             case self::EXPORT_IKEA_SERVICE_ORDER_ANY:
  332.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_IKEA_SERVICE_ORDERself::ACL_PERM_EXPORT_IKEA_SERVICE_ORDER_SOCIETY);
  333.             // Plan.io Tasks #3621 #3653 : End
  335.             case self::EXPORT_SALARY:
  336.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_SALARY);
  337.             case self::EXPORT_SALARY_SOCIETY:
  338.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_SALARY_SOCIETY);
  339.             case self::EXPORT_SALARY_ANY:
  340.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_SALARYself::ACL_PERM_EXPORT_SALARY_SOCIETY);
  342.             case self::EXPORT_DEMAND:
  343.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_DEMAND);
  344.             case self::EXPORT_DEMAND_SOCIETY:
  345.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_DEMAND_SOCIETY);
  346.             case self::EXPORT_DEMAND_ANY:
  347.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_DEMANDself::ACL_PERM_EXPORT_DEMAND_SOCIETY);
  349.             case self::EXPORT_ITASK:
  350.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_ITASK);
  351.             case self::EXPORT_ITASK_ANY:
  352.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_ITASKnull);
  354.             case self::EXPORT_COST:
  355.                 return $this->canExport($user$functionself::ACL_PERM_EXPORT_COST);
  356.             case self::EXPORT_COST_SOCIETY:
  357.                 return $this->canExportSociety($user$functionself::ACL_PERM_EXPORT_COST_SOCIETY);
  358.             case self::EXPORT_COST_ANY:
  359.                 return $this->canExportAny($user$functionself::ACL_PERM_EXPORT_COSTself::ACL_PERM_EXPORT_COST_SOCIETY);
  360.         }
  362.         throw new \LogicException('This code should not be reached!');
  363.     }
  365.     private function canExportAnyGeneric(Access $userAccessFunction $function)
  366.     {
  367.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_INVOICEself::ACL_PERM_EXPORT_INVOICE_SOCIETY))
  368.             return true;
  370.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_DEVISself::ACL_PERM_EXPORT_DEVIS_SOCIETY))
  371.             return true;
  373.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_COMMANDself::ACL_PERM_EXPORT_COMMAND_SOCIETY))
  374.             return true;
  376.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_TASKself::ACL_PERM_EXPORT_TASK_SOCIETY))
  377.             return true;
  379.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_MISSIONself::ACL_PERM_EXPORT_MISSION_SOCIETY))
  380.             return true;
  382.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_INDself::ACL_PERM_EXPORT_IND_SOCIETY))
  383.             return true;
  385.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_RFIself::ACL_PERM_EXPORT_RFI_SOCIETY))
  386.             return true;
  388.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_ANOMALYself::ACL_PERM_EXPORT_ANOMALY_SOCIETY))
  389.             return true;
  391.         // Plan.io Tasks #3621 #3653
  392.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_IKEA_SERVICE_ORDERself::ACL_PERM_EXPORT_IKEA_SERVICE_ORDER_SOCIETY))
  393.             return true;
  395.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_SALARYself::ACL_PERM_EXPORT_SALARY_SOCIETY))
  396.             return true;
  398.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_DEMANDself::ACL_PERM_EXPORT_DEMAND_SOCIETY))
  399.             return true;
  401.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_ITASKnull))
  402.             return true;
  404.         if ($this->canExportAny($user$functionself::ACL_PERM_EXPORT_COSTself::ACL_PERM_EXPORT_COST_SOCIETY))
  405.             return true;
  407.         return false;
  408.     }
  410.     private function canExport(Access $userAccessFunction $function$aclPermConstant)
  411.     {
  412.         // Get Acl_Permission
  413.         $aclPerm $this->aclPermissionRepository->findOneByName($aclPermConstant);
  414.         if ($aclPerm === null)        return false;
  416.         // Get Acl
  417.         $acl $this->aclRepository->findOneBy(array(
  418.             'function'        =>    $function,
  419.             'permission'    =>    $aclPerm
  420.         ));
  421.         if ($acl === null)        return false;
  423.         // Since only one acl type can exist
  424.         // we can return the result of the acl_permission
  425.         return $acl->getValue();
  426.     }
  428.     private function canExportSociety(Access $userAccessFunction $function$aclPermConstant)
  429.     {
  430.         // Get Acl_Permission
  431.         $aclPerm $this->aclPermissionRepository->findOneByName($aclPermConstant);
  432.         if ($aclPerm === null)        return false;
  434.         // Get Acl
  435.         $acl $this->aclRepository->findOneBy(array(
  436.             'function'        =>    $function,
  437.             'permission'    =>    $aclPerm
  438.         ));
  439.         if ($acl === null)        return false;
  441.         // Since only one acl type can exist
  442.         // we can return the result of the acl_permission
  443.         // Further filtering is done in the Controller
  444.         return $acl->getValue();
  445.     }
  447.     private function canExportAny(Access $userAccessFunction $function$aclPermConstant$aclPermConstantSociety)
  448.     {
  449.         // Three Acl_Permission may exist
  450.         $aclPerm $this->aclPermissionRepository->findOneByName($aclPermConstant);
  451.         $aclPermSociety $this->aclPermissionRepository->findOneByName($aclPermConstantSociety);
  453.         // If all are null, exit
  454.         if ($aclPerm === null && $aclPermSociety === null)
  455.             return false;
  457.         // Get First one
  458.         if ($aclPerm !== null)
  459.         {
  460.             $acl $this->aclRepository->findOneBy(array(
  461.                 'function'        =>    $function,
  462.                 'permission'    =>    $aclPerm
  463.             ));
  464.             if ($acl !== null)
  465.             {
  466.                 if ($acl->getValue())
  467.                 {
  468.                     // A single positive answer is enough
  469.                     return true;
  470.                 }
  471.             }
  472.         }
  473.         // If we are here it means that nothing good has been found
  474.         // Load second permission
  475.         if ($aclPermSociety !== null)
  476.         {
  477.             $acl $this->aclRepository->findOneBy(array(
  478.                 'function'        =>    $function,
  479.                 'permission'    =>    $aclPermSociety
  480.             ));
  481.             if ($acl !== null)
  482.             {
  483.                 if ($acl->getValue())
  484.                 {
  485.                     // A single positive answer is enough
  486.                     return true;
  487.                 }
  488.             }
  489.         }
  491.         // If we are here, all hope is lost
  492.         return false;
  493.     }
  494. }