src/Security/Voter/PropertyVisitVoucherVoter.php line 15

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\AbstractCollaborator;
  6. use App\Entity\Mandate;
  7. use App\Entity\PropertyVisitVoucher;
  8. use App\Entity\Reference\ReferenceMandateStatus;
  9. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  10. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. use Symfony\Component\Security\Core\Security;
  12. use Symfony\Component\Security\Core\User\UserInterface;
  13. use Exception;
  15. class PropertyVisitVoucherVoter extends Voter
  16. {
  17.     public const POST 'POST';
  18.     public const PUT 'PUT';
  19.     public const DELETE 'DELETE';
  20.     public const GET 'GET';
  22.     /**
  23.      * @var Security
  24.      */
  25.     private Security $security;
  27.     /**
  28.      * @param Security $security
  29.      */
  30.     public function __construct(Security $security)
  31.     {
  32.         $this->security $security;
  33.     }
  35.     protected function supports(string $attribute$subject)
  36.     {
  37.         return in_array(
  38.             $attribute,
  39.             [self::POSTself::PUTself::DELETEself::GET],
  40.             true
  41.         ) && $subject instanceof PropertyVisitVoucher;
  42.     }
  44.     /**
  45.      * @throws Exception
  46.      */
  47.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token)
  48.     {
  49.         /** @var UserInterface $user */
  50.         $user $this->security->getUser();
  52.         // Deny anonymous users
  53.         if (!$user instanceof UserInterface) {
  54.             return false;
  55.         }
  56.         $mandates $subject->getMandates();
  57.         /** @var PropertyVisitVoucher $subject */
  58.         switch ($attribute) {
  59.             case self::DELETE:
  60.                 if (
  61.                     $subject->getCreatedBy() === $user->getId()
  62.                     && $this->security->isGranted(AbstractCollaborator::ROLE_AGENT)
  63.                 ) {
  64.                     return true;
  65.                 }
  66.                 break;
  67.             case self::PUT:
  68.                 foreach ($mandates as $mandate) {
  69.                     if (
  70.                         $this->isHaveValidMandate($mandate)
  71.                         && $this->security->isGranted(AbstractCollaborator::ROLE_AGENT)
  72.                         && $subject->getCreatedBy() === $user->getId()
  73.                     ) {
  74.                         return true;
  75.                     }
  76.                 }
  77.                 break;
  78.             case self::GET:
  79.                 if (
  80.                     $subject->getCreatedBy() === $user->getId()
  81.                     && $this->security->isGranted(AbstractCollaborator::ROLE_AGENT)
  82.                 ) {
  83.                     return true;
  84.                 }
  85.                 break;
  86.             case self::POST:
  87.                 foreach ($mandates as $mandate) {
  88.                     if ($this->isHaveValidMandate($mandate)) {
  89.                         return true;
  90.                     }
  91.                 }
  92.                 return false;
  93.         }
  94.         throw new Exception(sprintf('Unhandled attribute "%s"'$attribute));
  95.     }
  97.     public function isHaveValidMandate(Mandate $mandate): bool
  98.     {
  99.         if (
  100.             !($mandate->getReferenceMandateStatus()->getCode(
  101.             ) === ReferenceMandateStatus::REFERENCE_CODE_MANDATE_STATUS_VALID ||
  102.             $mandate->getReferenceMandateStatus()->getCode(
  103.             ) === ReferenceMandateStatus::REFERENCE_CODE_MANDATE_STATUS_RESERVED)
  104.         ) {
  105.             return false;
  106.         }
  108.         return true;
  109.     }
  110. }