src/Security/Voter/BackendDeletedCustomerVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\User;
  6. use App\Utils\Commons;
  7. use LogicException;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. use Symfony\Component\Security\Core\Security;
  11. use Symfony\Component\Security\Core\User\UserInterface;
  13. class BackendDeletedCustomerVoter extends Voter
  14. {
  15.     const BACKEND_DELETED_CUSTOMER_VIEW 'BACKEND_DELETED_CUSTOMER_VIEW';
  16.     const BACKEND_UNCONFIRMED_CUSTOMER_VIEW 'BACKEND_UNCONFIRMED_CUSTOMER_VIEW';
  17.     const BACKEND_DATA_EXPORT_VIEW 'BACKEND_DATA_EXPORT_VIEW';
  19.     /**
  20.      * @var Security
  21.      */
  22.     private $security;
  23.     /**
  24.      * @var Commons
  25.      */
  26.     private $commons;
  27.     /**
  28.      * @var array
  29.      */
  30.     private $permissions;
  32.     /**
  33.      * SupportVoter constructor.
  34.      * @param Security $security
  35.      * @param Commons $commons
  36.      */
  37.     public function __construct(Security $securityCommons $commons)
  38.     {
  39.         $this->security $security;
  40.         $this->commons $commons;
  41.         $this->permissions = [];
  42.     }
  44.     /**
  45.      * @param string $attribute
  46.      * @param mixed $subject
  47.      * @return bool
  48.      */
  49.     protected function supports($attribute$subject): bool
  50.     {
  51.         if (!in_array($attribute,
  52.             [self::BACKEND_DELETED_CUSTOMER_VIEWself::BACKEND_UNCONFIRMED_CUSTOMER_VIEWself::BACKEND_DATA_EXPORT_VIEW]
  53.         )) {
  54.             return false;
  55.         }
  56.         return true;
  57.     }
  59.     /**
  60.      * @param string $attribute
  61.      * @param mixed $subject
  62.      * @param TokenInterface $token
  63.      * @return bool
  64.      */
  65.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  66.     {
  67.         /** @var User $user */
  68.         $user $token->getUser();
  69.         // if the user is anonymous, do not grant access
  70.         if (!$user instanceof UserInterface) {
  71.             return false;
  72.         }
  73.         $this->permissions $this->commons->getBackendPermissions($user);
  75.         if ($this->hasSuperUser() === true) {
  76.             return true;
  77.         }
  79.         switch ($attribute) {
  80.             case self::BACKEND_DELETED_CUSTOMER_VIEW:
  81.                 return $this->canViewDeleted();
  82.             case self::BACKEND_UNCONFIRMED_CUSTOMER_VIEW:
  83.                 return $this->canViewUnconfirmed();
  84.             case self::BACKEND_DATA_EXPORT_VIEW:
  85.                 return $this->canDataExportView();
  86.         }
  88.         throw new LogicException('Invalid attribute: ' $attribute);
  89.     }
  91.     /**
  92.      * Return True if have Super View Permission else return false
  93.      * @return bool
  94.      */
  95.     private function hasSuperUser(): bool
  96.     {
  97.         if (array_key_exists('superUser'$this->permissions)) {
  98.             if (in_array('Yes'$this->permissions['superUser'])) {
  99.                 return true;
  100.             }
  101.         }
  102.         return false;
  103.     }
  105.     /**
  106.      * Return True if have View Permission else return false
  107.      * @return bool
  108.      */
  109.     private function canViewDeleted(): bool
  110.     {
  111.         if (array_key_exists('deletedCustomers'$this->permissions)) {
  112.             if (in_array('View'$this->permissions['deletedCustomers'])) {
  113.                 return true;
  114.             }
  115.         }
  116.         return false;
  117.     }
  119.     /**
  120.      * Return True if have View Permission else return false
  121.      * @return bool
  122.      */
  123.     private function canViewUnconfirmed(): bool
  124.     {
  125.         if (array_key_exists('unconfirmedCustomers'$this->permissions)) {
  126.             if (in_array('View'$this->permissions['unconfirmedCustomers'])) {
  127.                 return true;
  128.             }
  129.         }
  130.         return false;
  131.     }
  133.     /**
  134.      * Return True if have dataExport View Permission else return false
  135.      * @return bool
  136.      */
  137.     private function canDataExportView(): bool
  138.     {
  139.         if (array_key_exists('dataExport'$this->permissions)) {
  140.             if (in_array('View'$this->permissions['dataExport'])) {
  141.                 return true;
  142.             }
  143.         }
  144.         return false;
  145.     }
  148. }