src/Security/IkeaKitchenPlannerVoter.php line 35

Open in your IDE?
  1. <?php
  2. //------------------------------------------------------------------------------
  3. // src/Security/IkeaKitchenPlannerVoter.php
  4. //------------------------------------------------------------------------------
  5. namespace App\Security;
  7. use Doctrine\Persistence\ManagerRegistry;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. use App\Entity\Access;
  12. use App\Entity\APIRest\AccessAPI;
  13. use App\Entity\Config\Module;
  14. use App\Entity\HR\AccessFunction;
  15. use App\Entity\Ikea\KitchenPlannerProject;
  16. use App\Entity\Security\Acl;
  17. use App\Entity\Security\AclPermission;
  19. use App\Services\Config\ModuleTools;
  21. class IkeaKitchenPlannerVoter extends Voter
  22. {
  23.     const IS_ACTIVE "ikea_kitchen_planner_is_active";
  24.     const IS_GRANTED_CONSTANTS = array(
  25.         self::IS_ACTIVE,            
  26.     );
  28.     //--------------------------------------------------------------------------------
  29.     // acl constants (matrix_acl.yml lines 3354-3390) - Removed
  30.     //--------------------------------------------------------------------------------
  32.     public function __construct(ManagerRegistry $doctrineModuleTools $moduleTools)
  33.     {
  34.         $this->em $doctrine->getManager();
  35.         $this->moduleTools $moduleTools;
  36.         $this->aclRepository $this->em->getRepository(Acl::class);
  37.         $this->aclPermissionRepository $this->em->getRepository(AclPermission::class);
  38.     }
  40.     public function supportsAttribute(string $attribute): bool
  41.     {
  42.         return in_array($attributeself::IS_GRANTED_CONSTANTStrue);
  43.     }
  45.     protected function supports(string $attribute$subject): bool
  46.     {
  47.         if (!in_array($attributeself::IS_GRANTED_CONSTANTS))
  48.         {
  49.             return false;
  50.         }
  52.         if ($subject !== null && !$subject instanceof KitchenPlannerProject)
  53.         {
  54.             return false;
  55.         }
  57.         return true;
  58.     }
  60.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  61.     {
  62.         $user $token->getUser();
  64.         if ($user instanceof AccessAPI)
  65.         {
  66.             if ($user->getAccess() === null)
  67.             {
  68.                 return false;
  69.             }
  70.             $user $user->getAccess();
  71.         }
  73.         if (!$user instanceof Access)
  74.         {
  75.             return false;
  76.         }
  78.         $function $user->getFunction();
  79.         if ($function === null)
  80.         {
  81.             return false;
  82.         }
  84.         $currentGroup $user->getSocietyGroup();
  85.         if ($currentGroup === null)
  86.         {
  87.             return false;
  88.         }
  90.         if ($this->moduleTools->isInactiveByCode($currentGroupModule::MODULE_IKEA_KITCHEN_PLANNER))
  91.         {
  92.             return false;
  93.         }
  95.         if ($subject !== null)
  96.         {
  97.             /** @var KitchenPlannerProject $project */
  98.             $project $subject;
  99.             $projectGroupId $project->getSocietyGroupId();
  100.             if ($projectGroupId === null)
  101.             {
  102.                 return false;
  103.             }
  104.             if ($currentGroup->getId() !== $projectGroupId)
  105.             {
  106.                 return false;
  107.             }
  108.         }
  110.         switch ($attribute)
  111.         {
  112.             case self::IS_ACTIVE:
  113.                 return true;
  114.         }
  116.         throw new \LogicException('This code should not be reached!');
  117.     }
  118. }