src/Security/Voter/OccurrenceVoter.php line 13

Open in your IDE?
  1. <?php 
  2. // src/Security/Voter/OccurrenceVoter.php
  3. namespace App\Security\Voter;
  5. use App\Entity\Occurrence;
  6. use Menke\UserBundle\Entity\User;
  7. use App\Repository\CourseProviderRepository;
  8. use App\Repository\OccurrenceProviderRepository;
  9. use App\Repository\VenueProviderRepository;
  10. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  13. class OccurrenceVoter extends Voter
  14. {
  15.     public const VIEW 'OCCURRENCE_VIEW';
  16.     public const EDIT 'OCCURRENCE_EDIT';
  17.     public const CREATE 'OCCURRENCE_CREATE';
  19.     private $occRepo;
  20.     private $courseRepo;
  21.     private $venueRepo;
  23.     public function __construct(
  24.         OccurrenceProviderRepository $occRepo,
  25.         CourseProviderRepository $courseRepo,
  26.         VenueProviderRepository $venueRepo
  27.     ) {
  28.         $this->occRepo $occRepo;
  29.         $this->courseRepo $courseRepo;
  30.         $this->venueRepo $venueRepo;
  31.     }
  33.     protected function supports($attribute$subject): bool
  34.     {
  35.         if (\in_array($attribute, [self::VIEWself::EDIT]) && $subject instanceof Occurrence) {
  36.             return true;
  37.         }
  38.         if ($attribute === self::CREATE && ($subject === null || $subject instanceof \App\Entity\Course)) {
  39.             return true// CREATE wird mit Course-Kontext aufgerufen
  40.         }
  41.         return false;
  42.     }
  44.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  45.     {
  46.         $user $token->getUser();
  47.         if (!$user instanceof User) {
  48.             return false;
  49.         }
  50.         if (!\in_array('ROLE_PROVIDER'$user->getRoles(), true) && !\in_array('ROLE_ADMIN'$user->getRoles(), true)) {
  51.             return false;
  52.         }
  54.         if (\in_array('ROLE_ADMIN'$user->getRoles(), true)) {
  55.             return true// Admin darf immer
  56.         }
  58.         $provider $user->getProvider();
  59.         if (!$provider) {
  60.             return false;
  61.         }
  63.         switch ($attribute) {
  64.             case self::CREATE:
  65.                 // subject ist der Course, zu dem die Occurrence angelegt werden soll
  66.                 /** @var \App\Entity\Course $course */
  67.                 $course $subject;
  68.                 return $this->courseRepo->existsFor($course->getId(), $provider->getId());
  69.             case self::VIEW:
  70.             case self::EDIT:
  71.                 /** @var Occurrence $occ */
  72.                 $occ $subject;
  73.                 // Direkt an Occurrence?
  74.                 if ($this->occRepo->existsFor($occ->getId(), $provider->getId())) return true;
  75.                 // Über Course?
  76.                 if ($occ->getCourse() && $this->courseRepo->existsFor($occ->getCourse()->getId(), $provider->getId())) return true;
  77.                 // Über Venue?
  78.                 if ($occ->getVenue() && $this->venueRepo->existsFor($occ->getVenue()->getId(), $provider->getId())) return true;
  80.                 return false;
  81.         }
  83.         return false;
  84.     }
  85. }