src/Security/Voter/Whatsapp/WhatsappMessageTemplateVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter\Whatsapp;
  5. use App\Entity\User;
  6. use App\Entity\Whatsapp\WhatsappMessageTemplate;
  7. use App\Enum\UserRolesEnum;
  8. use App\Enum\VotersEnum;
  9. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  10. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. use Symfony\Component\Security\Core\Security;
  13. class WhatsappMessageTemplateVoter extends Voter
  14. {
  15.     private Security $security;
  16.     private array $voters;
  18.     public function __construct(Security $security)
  19.     {
  20.         $this->security $security;
  21.         $this->voters = [
  22.             VotersEnum::LIST_WHATSAPP_MESSAGE_TEMPLATE,
  23.             VotersEnum::CREATE_WHATSAPP_MESSAGE_TEMPLATE,
  24.             VotersEnum::READ,
  25.             VotersEnum::UPDATE,
  26.             VotersEnum::DELETE,
  27.         ];
  28.     }
  30.     protected function supports(string $attribute$subject): bool
  31.     {
  32.         // first check the $subject and last if the $attribute is supported,
  33.         // because there are attributes (with subject) used as well by other voters (like UPDATE, ...)
  34.         if ($subject && !$subject instanceof WhatsappMessageTemplate) {
  35.             // only vote on these objects
  36.             return false;
  37.         }
  38.         if (in_array($attribute$this->voters)) {
  39.             // if the attribute is one we support
  40.             return true;
  41.         }
  43.         return false;
  44.     }
  46.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  47.     {
  48.         $user $token->getUser();
  49.         if (!$user instanceof User) {
  50.             // the user must be logged in; if not, deny access
  51.             return false;
  52.         }
  53.         switch ($attribute) {
  54.             case VotersEnum::LIST_WHATSAPP_MESSAGE_TEMPLATE:
  55.                 return $this->canlist();
  56.             case VotersEnum::CREATE_WHATSAPP_MESSAGE_TEMPLATE:
  57.                 return $this->canCreate();
  58.             case VotersEnum::READ:
  59.                 return $this->canRead();
  60.             case VotersEnum::UPDATE:
  61.                 return $this->canUpdate();
  62.             case VotersEnum::DELETE:
  63.                 return $this->canDelete();
  64.         }
  66.         throw new \LogicException('This code should not be reached!');
  67.     }
  69.     private function canList(): bool
  70.     {
  71.         return $this->isAdminUser();
  72.     }
  74.     private function canCreate(): bool
  75.     {
  76.         return $this->isAdminUser();
  77.     }
  79.     private function canRead(): bool
  80.     {
  81.         return $this->isAdminUser();
  82.     }
  84.     private function canUpdate(): bool
  85.     {
  86.         return $this->isAdminUser();
  87.     }
  89.     private function canDelete(): bool
  90.     {
  91.         return $this->isAdminUser();
  92.     }
  94.     private function isAdminUser(): bool
  95.     {
  96.         return $this->security->isGranted(UserRolesEnum::ROLE_ADMIN_LONG);
  97.     }
  98. }