src/Schedule/Application/Security/ScheduleInstanceVoter.php line 30

Open in your IDE?
  1. <?php
  2. /**
  3.  * This file is part of the educat package.
  4.  *
  5.  * (c) Solvee
  6.  *
  7.  * For the full copyright and license information, please view the LICENSE
  8.  * file that was distributed with this source code.
  9.  */
  11. declare(strict_types=1);
  13. namespace App\Schedule\Application\Security;
  15. use App\Common\Model\Core\UserInterface;
  16. use App\Common\Model\Schedule\ScheduleInstanceInterface;
  17. use App\Common\Security\ObjectOwnerVoterTrait;
  18. use App\Common\Security\VoterTrait;
  19. use LogicException;
  20. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  21. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  22. use Symfony\Component\Security\Core\Security;
  23. use function in_array;
  25. /**
  26.  * Class ScheduleInstanceVoter
  27.  *
  28.  * @author  MichaƂ Rybnik <michal.rybnik@solvee.pl>
  29.  */
  30. class ScheduleInstanceVoter extends Voter
  31. {
  32.     use VoterTrait;
  33.     use ObjectOwnerVoterTrait;
  35.     public const GET 'get_schedule_instance';
  37.     /**
  38.      * @param Security $security
  39.      */
  40.     public function __construct(Security $security)
  41.     {
  42.         $this->security $security;
  43.     }
  45.     /**
  46.      * @inheritDoc
  47.      */
  48.     protected function supports(string $attribute$subject): bool
  49.     {
  50.         if (!in_array(
  51.             $attribute,
  52.             [
  53.                 self::GET,
  54.             ],
  55.             true
  56.         )) {
  57.             return false;
  58.         }
  60.         return $subject instanceof ScheduleInstanceInterface;
  61.     }
  63.     /**
  64.      * @param string                    $attribute
  65.      * @param ScheduleInstanceInterface $subject
  66.      * @param TokenInterface            $token
  67.      *
  68.      * @return bool
  69.      */
  70.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  71.     {
  72.         $user $token->getUser();
  74.         if (!$user instanceof UserInterface) {
  75.             return false;
  76.         }
  78.         switch ($attribute) {
  79.             case self::GET:
  80.                 return $this->canGet($subject$user);
  81.         }
  83.         throw new LogicException('This code should not be reached.');
  84.     }
  86.     /**
  87.      * @param ScheduleInstanceInterface $subject
  88.      * @param UserInterface             $user
  89.      *
  90.      * @return bool
  91.      */
  92.     private function canGet(ScheduleInstanceInterface $subjectUserInterface $user): bool
  93.     {
  94.         return $this->isAdminOrOwner($subject$user);
  95.     }
  97.     /**
  98.      * @param ScheduleInstanceInterface $scheduleInstance
  99.      * @param UserInterface             $user
  100.      *
  101.      * @return bool
  102.      */
  103.     private function isAdminOrOwner(ScheduleInstanceInterface $scheduleInstanceUserInterface $user): bool
  104.     {
  105.         return $this->isAdmin() || $this->isObjectOwner($scheduleInstance$user->getAccount());
  106.     }
  107. }