src/Security/SmsVoter.php line 45

Open in your IDE?
  1. <?php
  2. //------------------------------------------------------------------------------
  3. // src/Security/SmsVoter.php
  4. //------------------------------------------------------------------------------
  5. namespace App\Security;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  9. use Doctrine\Persistence\ManagerRegistry;
  11. use App\Entity\Access;
  12. use App\Entity\Client\Client;
  13. use App\Entity\Config\Config;
  14. use App\Entity\Communication\Sms\SmsPhoneNumber;
  15. use App\Entity\Config\Module;
  16. use App\Entity\HR\AccessFunction;
  17. use App\Entity\HR\HumanResource;
  18. use App\Entity\Security\Acl;
  19. use App\Entity\Security\AclPermission;
  20. use App\Entity\SocietyGroup;
  21. use App\Services\Communication\SmsTools;
  22. use App\Services\Config\ModuleTools;
  24. class SmsVoter extends Voter
  25. {
  26.     //--------------------------------------------------------------------------------
  27.     // is_granted constants
  28.     const IS_ACTIVE "sms_is_active";
  29.     const NUMBER_ASSIGNED "sms_number_is_assigned";
  30.     const CAN_SEND "can_send_sms";
  32.     const IS_GRANTED_CONSTANTS = array(
  33.         self::IS_ACTIVE,
  34.         self::NUMBER_ASSIGNED,
  35.         self::CAN_SEND,
  36.     );
  38.     public function __construct(ManagerRegistry $doctrineModuleTools $moduleToolsSmsTools $smsTools)
  39.     {
  40.         $this->em $doctrine->getManager();
  41.         $this->moduleTools $moduleTools;
  42.         $this->smsTools $smsTools;
  44.         $this->aclRepository $this->em->getRepository(Acl::class);
  45.         $this->aclPermissionRepository $this->em->getRepository(AclPermission::class);
  46.     }
  48.     // Plan.io Task #4453 [See AccessVoter for details]
  49.     public function supportsAttribute(string $attribute): bool
  50.     {
  51.         return in_array($attributeself::IS_GRANTED_CONSTANTStrue);
  52.     }
  54.     protected function supports(string $attribute$subject null): bool
  55.     {
  56.         // if the attribute isn't one we support, return false
  57.         if (!in_array($attributeself::IS_GRANTED_CONSTANTS))
  58.         {
  59.             return false;
  60.         }
  62.         // only vote on Client objects inside this voter
  63.         if ($subject !== null && !$subject instanceof Client && !$subject instanceof HumanResource)
  64.         {
  65.             return false;
  66.         }
  68.         return true;
  69.     }
  71.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  72.     {
  73.         $user $token->getUser();
  75.         if (!$user instanceof Access)
  76.         {
  77.             // the user must be logged in; if not, deny access
  78.             return false;
  79.         }
  81.         // The user must have a function; if not deny access
  82.         $function $user->getFunction();
  83.         if ($function === null)        return false;
  85.         // Plan.io Task #3710 : Get current group
  86.         $currentGroup $user->getSocietyGroup();
  87.         if ($currentGroup === null)
  88.             return false;
  89.         $this->currentGroup $currentGroup;
  91.         // Module activated ?
  92.         if ($this->moduleTools->isInactiveByCode($currentGroupModule::MODULE_SMS))
  93.         {
  94.             return false;
  95.         }
  97.         // Check current group affectation
  98.         if ($subject !== null)
  99.         {
  100.             $subjectSociety $subject->getSociety();
  101.             if ($subjectSociety === null)
  102.             {
  103.                 return false;
  104.             }
  105.             $subjectGroup $subjectSociety->getGroup();
  106.             if ($subjectGroup === null)
  107.             {
  108.                 return false;
  109.             }
  110.             if (!$currentGroup->equals($subjectGroup))
  111.             {
  112.                 // Classic case
  113.                 if ($subject instanceof Client === false)
  114.                 {
  115.                     return false;
  116.                 }
  118.                 // Task plan.io #4313 - Allow send sms for "shared" Client
  119.                 if ($subject->hasMissionOwnedBySocietyGroup($this->currentGroup) === false)
  120.                 {
  121.                     return false;
  122.                 }
  123.             }
  124.         }
  126.         switch ($attribute)
  127.         {
  128.             // Check is done before, in the voteOnAttribute
  129.             case self::IS_ACTIVE:
  130.                 return true;
  132.             case self::NUMBER_ASSIGNED:
  133.                 return $this->numberAssigned($currentGroup$user$function);
  135.             case self::CAN_SEND:
  136.                 return $this->canSend($subject$user$function);
  137.         }
  139.         throw new \LogicException('This code should not be reached!');
  140.     }
  142.     private function numberAssigned(SocietyGroup $societyGroupAccess $userAccessFunction $function)
  143.     {
  144.         // Plan.io Task #3980
  145.         // This handles both cases : SmsMode and TwilioSms
  146.         $smsPhoneNumber $this->smsTools->getPhoneNumberForSocietyGroup($societyGroup);
  147.         if ($smsPhoneNumber === null)
  148.         {
  149.             return false;
  150.         }
  151.         return true;
  152.     }
  154.     // Updated by Plan.io Task #4515
  155.     private function canSend($recipientAccess $userAccessFunction $function)
  156.     {
  157.         // Check if recipient has a valid phone
  158.         if ($recipient instanceof Client)
  159.         {
  160.             $individual $recipient->getIndividual();
  161.             $validPhoneObjectList $this->smsTools->getIndividualPhonesForSms($individual);
  162.             if (count($validPhoneObjectList) < 1)
  163.             {
  164.                 return false;
  165.             }
  166.         }
  167.         else if ($recipient instanceof HumanResource)
  168.         {
  169.             $phoneFormatted $this->smsTools->phoneFormat($recipient->getPhone());
  170.             if ($phoneFormatted === null)
  171.             {
  172.                 return false;
  173.             }
  174.         }
  175.         else
  176.         {
  177.             // Default case
  178.             return false;
  179.         }        
  181.         // Does the society group have a phone number ?
  182.         // Plan.io Task #3980
  183.         // This handles both cases : SmsMode and TwilioSms
  184.         // Plan.io Task #4313 : <!> Don't use the client SocietyGroup
  185.         $smsPhoneNumber $this->smsTools->getPhoneNumberForSocietyGroup($this->currentGroup);
  186.         if ($smsPhoneNumber === null)
  187.         {
  188.             return false;
  189.         }
  191.         // All looks good
  192.         return true;
  193.     }
  194. }