src/Security/Voter/BackendPopUpMessageVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\User;
  6. use App\Utils\Commons;
  7. use LogicException;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. use Symfony\Component\Security\Core\Security;
  11. use Symfony\Component\Security\Core\User\UserInterface;
  13. class BackendPopUpMessageVoter extends Voter
  14. {
  15.     const BACKEND_POP_UP_VIEW 'BACKEND_POP_UP_VIEW';
  16.     const BACKEND_POP_UP_CREATE 'BACKEND_POP_UP_CREATE';
  17.     const BACKEND_POP_UP_EDIT 'BACKEND_POP_UP_EDIT';
  18.     const BACKEND_POP_UP_DELETE 'BACKEND_POP_UP_DELETE';
  19.     const BACKEND_POP_UP_STATUS_CHANGE 'BACKEND_POP_UP_STATUS_CHANGE';
  21.     /**
  22.      * @var Security
  23.      */
  24.     private $security;
  26.     /**
  27.      * @var Commons
  28.      */
  29.     private $commons;
  31.     /**
  32.      * @var array
  33.      */
  34.     private $permissions;
  37.     /**
  38.      * BackendPlanVoter constructor.
  39.      * @param Security $security
  40.      * @param Commons $commons
  41.      */
  42.     public function __construct(Security $securityCommons $commons)
  43.     {
  44.         $this->security $security;
  45.         $this->commons $commons;
  46.         $this->permissions = [];
  47.     }
  49.     /**
  50.      * @param mixed $attribute
  51.      * @param mixed $subject
  52.      * @return bool
  53.      */
  54.     protected function supports($attribute$subject): bool
  55.     {
  57.         if (!in_array($attribute, [self::BACKEND_POP_UP_VIEWself::BACKEND_POP_UP_STATUS_CHANGEself::BACKEND_POP_UP_EDITself::BACKEND_POP_UP_CREATEself::BACKEND_POP_UP_DELETE])) {
  58.             return false;
  59.         }
  60.         return true;
  62.     }
  64.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  65.     {
  66.         /** @var User $user */
  67.         $user $token->getUser();
  68.         // if the user is anonymous, do not grant access
  69.         if (!$user instanceof UserInterface) {
  70.             return false;
  71.         }
  72.         $this->permissions $this->commons->getBackendPermissions($user);
  74.         if ($this->hasSuperUser() === true) {
  75.             return true;
  76.         }
  78.         switch ($attribute) {
  79.             case self::BACKEND_POP_UP_VIEW:
  80.                 return $this->canView();
  81.             case self::BACKEND_POP_UP_CREATE:
  82.                 return $this->canCreate();
  83.             case self::BACKEND_POP_UP_EDIT:
  84.                 return $this->canEdit();
  85.             case self::BACKEND_POP_UP_DELETE:
  86.                 return $this->canDelete();
  87.             case self::BACKEND_POP_UP_STATUS_CHANGE:
  88.                 return $this->canChangeStatus();
  89.         }
  91.         throw new LogicException('Invalid attribute: ' $attribute);
  92.     }
  94.     /**
  95.      * Return True if have Super View Permission else return false
  96.      * @return bool
  97.      */
  98.     private function hasSuperUser(): bool
  99.     {
  100.         if (array_key_exists('superUser'$this->permissions)) {
  101.             if (in_array('Yes'$this->permissions['superUser'])) {
  102.                 return true;
  103.             }
  104.         }
  105.         return false;
  106.     }
  108.     /**
  109.      * Return True if have View Permission else return false
  110.      * @return bool
  111.      */
  112.     private function canView(): bool
  113.     {
  115.         if (array_key_exists('backendPopUp'$this->permissions)) {
  116.             if (in_array('View'$this->permissions['backendPopUp'])) {
  117.                 return true;
  118.             }
  119.         }
  120.         return false;
  121.     }
  123.     /**
  124.      * Return True if have Edit Permission else return false
  125.      * @return bool
  126.      */
  127.     private function canEdit(): bool
  128.     {
  129.         if (array_key_exists('backendPopUp'$this->permissions)) {
  130.             if (in_array('Edit'$this->permissions['backendPopUp'])) {
  131.                 return true;
  132.             }
  133.         }
  135.         return false;
  136.     }
  138.     /**
  139.      * Return True if have Create Permission else return false
  140.      * @return bool
  141.      */
  142.     private function canCreate(): bool
  143.     {
  144.         if (array_key_exists('backendPopUp'$this->permissions)) {
  145.             if (in_array('Create'$this->permissions['backendPopUp'])) {
  146.                 return true;
  147.             }
  148.         }
  150.         return false;
  151.     }
  153.     /**
  154.      * Return True if have Delete Permission else return false
  155.      * @return bool
  156.      */
  157.     private function canDelete(): bool
  158.     {
  159.         if (array_key_exists('backendPopUp'$this->permissions)) {
  160.             if (in_array('Delete'$this->permissions['backendPopUp'])) {
  161.                 return true;
  162.             }
  163.         }
  165.         return false;
  166.     }
  168.     /**
  169.      * Return True if have Change Status Permission else return false
  170.      * @return bool
  171.      */
  172.     private function canChangeStatus(): bool
  173.     {
  174.         if (array_key_exists('backendPopUp'$this->permissions)) {
  175.             if (in_array('Change'$this->permissions['backendPopUp'])) {
  176.                 return true;
  177.             }
  178.         }
  180.         return false;
  181.     }
  182. }