src/Security/Voter/Promotions/NationalPromotionVoter.php line 14

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter\Promotions;
  5. use App\Entity\Promotions\NationalPromotion;
  6. use App\Entity\User;
  7. use App\Enum\MenuRolesManagerEnum;
  8. use App\Enum\VotersEnum;
  9. use LogicException;
  10. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  12. use Symfony\Component\Security\Core\Security;
  14. class NationalPromotionVoter extends Voter
  15. {
  16.     private Security $security;
  17.     private array $voters;
  19.     public function __construct(Security $security)
  20.     {
  21.         $this->security $security;
  22.         $this->voters = [
  23.             VotersEnum::LIST_NATIONAL_PROMOTION,
  24.             VotersEnum::CREATE_NATIONAL_PROMOTION,
  25.             VotersEnum::READ,
  26.             VotersEnum::UPDATE,
  27.             VotersEnum::DELETE,
  28.             VotersEnum::IMPORT_NATIONAL_PROMOTION_GARAGES,
  29.             VotersEnum::EXPORT_NATIONAL_PROMOTION,
  30.         ];
  31.     }
  33.     protected function supports(string $attribute$subject): bool
  34.     {
  35.         // first check the $subject and last if the $attribute is supported,
  36.         // because there are attributes (with subject) used as well by other voters (like UPDATE, ...)
  37.         if ($subject && !$subject instanceof NationalPromotion) {
  38.             // only vote on these objects
  39.             return false;
  40.         }
  41.         if (in_array($attribute$this->voters)) {
  42.             // if the attribute is one we support
  43.             return true;
  44.         }
  46.         return false;
  47.     }
  49.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  50.     {
  51.         $user $token->getUser();
  52.         if (!$user instanceof User) {
  53.             // the user must be logged in; if not, deny access
  54.             return false;
  55.         }
  56.         switch ($attribute) {
  57.             case VotersEnum::LIST_NATIONAL_PROMOTION:
  58.                 return $this->canList();
  59.             case VotersEnum::CREATE_NATIONAL_PROMOTION:
  60.                 return $this->canCreate();
  61.             case VotersEnum::READ:
  62.                 return $this->canRead();
  63.             case VotersEnum::UPDATE:
  64.                 return $this->canUpdate();
  65.             case VotersEnum::DELETE:
  66.                 return $this->canDelete();
  67.             case VotersEnum::IMPORT_NATIONAL_PROMOTION_GARAGES:
  68.                 return $this->canImport();
  69.             case VotersEnum::EXPORT_NATIONAL_PROMOTION:
  70.                 return $this->canExport();
  71.         }
  73.         throw new LogicException('This code should not be reached!');
  74.     }
  76.     private function canList(): bool
  77.     {
  78.         return $this->isAdminUser();
  79.     }
  81.     private function canCreate(): bool
  82.     {
  83.         return $this->isAdminUser();
  84.     }
  86.     private function canRead(): bool
  87.     {
  88.         return $this->isAdminUser();
  89.     }
  91.     private function canUpdate(): bool
  92.     {
  93.         return $this->isAdminUser();
  94.     }
  96.     private function canDelete(): bool
  97.     {
  98.         return $this->isAdminUser();
  99.     }
  101.     private function canImport(): bool
  102.     {
  103.         return $this->isAdminUser();
  104.     }
  106.     private function canExport(): bool
  107.     {
  108.         return $this->isAdminUser();
  109.     }
  111.     private function isAdminUser(): bool
  112.     {
  113.         return $this->security->isGranted(MenuRolesManagerEnum::ROLE_MENU_NATIONAL_PROMOTIONS);
  114.     }
  115. }