src/Security/Voter/PropertyVoter.php line 14

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\AbstractCollaborator;
  6. use App\Entity\Property;
  7. use App\Entity\Reference\ReferencePropertyStatus;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. use Symfony\Component\Security\Core\Security;
  11. use Symfony\Component\Security\Core\User\UserInterface;
  12. use Exception;
  14. class PropertyVoter extends Voter
  15. {
  16.     public const GET 'GET';
  17.     public const POST 'POST';
  18.     public const PROPERTY_EDIT 'PROPERTY_EDIT';
  20.     /**
  21.      * @var Security
  22.      */
  23.     private Security $security;
  25.     /**
  26.      * @param Security $security
  27.      */
  28.     public function __construct(Security $security)
  29.     {
  30.         $this->security $security;
  31.     }
  33.     protected function supports(string $attribute$subject)
  34.     {
  35.         return in_array(
  36.             $attribute,
  37.             [self::POSTself::GETself::PROPERTY_EDIT],
  38.             true
  39.         ) && $subject instanceof Property;
  40.     }
  42.     /**
  43.      * @throws Exception
  44.      */
  45.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token)
  46.     {
  47.         /** @var UserInterface $user */
  48.         $user $token->getUser();
  50.         // Deny anonymous users
  51.         if (!$user instanceof UserInterface) {
  52.             return false;
  53.         }
  55.         /** @var Property $subject */
  56.         switch ($attribute) {
  57.             case self::PROPERTY_EDIT:
  58.                 if (
  59.                     ($this->security->isGranted(AbstractCollaborator::ROLE_AGENT) &&
  60.                         $subject->getCollaborator()->getId() === $user->getId() &&
  61.                         $subject->getReferencePropertyStatus()->getName(
  62.                         ) == ReferencePropertyStatus::REFERENCE_PROPERTY_STATUS_INVALIDE)
  63.                     ||
  64.                     (
  65.                         $this->security->isGranted(
  66.                             AbstractCollaborator::ROLE_MANAGER
  67.                         ) && $subject->getReferencePropertyStatus()->getName(
  68.                         ) != ReferencePropertyStatus::REFERENCE_PROPERTY_STATUS_RESERVED
  69.                     )
  70.                 ) {
  71.                     return true;
  72.                 }
  73.                 return false;
  74.             case self::POST:
  75.                 if ($this->security->isGranted(AbstractCollaborator::ROLE_AGENT) || $this->security->isGranted(
  76.                     AbstractCollaborator::ROLE_MANAGER
  77.                 )) {
  78.                     return true;
  79.                 }
  80.                 return false;
  81.         }
  82.         throw new Exception(sprintf('Unhandled attribute "%s"'$attribute));
  83.     }
  84. }