src/Security/Voter/CursusDriverVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\ChannelUserData\Cursus\AbstractCursus;
  6. use App\Entity\ChannelUserData\Cursus\FileAbstractCursus;
  7. use Nellapp\Bundle\SDKBundle\Permission\Enum\ChannelUserPermissionEnum;
  8. use Nellapp\Bundle\SDKBundle\Permission\Security\Voter\UserOwnerVoter;
  9. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  10. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. use Symfony\Component\Security\Core\Security;
  13. class CursusDriverVoter extends Voter
  14. {
  15.     public const VIEW 'view';
  16.     public const DELETE 'delete';
  17.     public const PUT 'put';
  18.     public const POST 'post';
  19.     public const DOWNLOAD 'download';
  21.     public function __construct(
  22.         private Security $security,
  23.     ) {}
  25.     protected function supports(string $attribute$subject): bool
  26.     {
  27.         return ($subject instanceof AbstractCursus || $subject instanceof FileAbstractCursus) && in_array($attribute, [self::VIEWself::DELETEself::PUTself::POSTself::DOWNLOAD]);
  28.     }
  30.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  31.     {
  32.         if ($subject instanceof AbstractCursus) {
  33.             $cursus $subject;
  34.             $file null;
  35.         } else {
  36.             $cursus $subject->getAbstractCursus();
  37.             $file $subject;
  38.         }
  39.         $channel $cursus->getChannel();
  41.         $isFileOwner $file !== null && $this->security->isGranted(UserOwnerVoter::USER_OWNER$file);
  42.         $isDriveOwner $this->security->isGranted(UserOwnerVoter::USER_OWNER$cursus);
  43.         if ($attribute === self::VIEW) {
  44.             return
  45.                 $this->security->isGranted(ChannelUserPermissionEnum::CHANNEL_USER_PERM_DSA_SHOW_DRIVE$channel)
  46.                 || $isDriveOwner && (!($file !== null) || $file->isShare())
  47.                 ;
  48.         } else if ($attribute === self::DELETE) {
  49.             return
  50.                 $this->security->isGranted(ChannelUserPermissionEnum::CHANNEL_USER_PERM_DRIVE_DELETE$channel)
  51.                 || $isFileOwner
  52.                 ;
  53.         } else if ($attribute === self::PUT) {
  54.             return
  55.                 $this->security->isGranted(ChannelUserPermissionEnum::CHANNEL_USER_PERM_DRIVE_UPDATE$channel)
  56.                 || $isFileOwner
  57.                 ;
  58.         } else if ($attribute === self::POST) {
  59.             return
  60.                 $this->security->isGranted(ChannelUserPermissionEnum::CHANNEL_USER_PERM_DRIVE_IMPORT$channel)
  61.                 || $isDriveOwner
  62.                 ;
  63.         } else if ($attribute === self::DOWNLOAD) {
  64.             return
  65.                 $this->security->isGranted(ChannelUserPermissionEnum::CHANNEL_USER_PERM_DRIVE_DOWNLOAD$channel)
  66.                 || $isDriveOwner && $file?->isShare()
  67.                 ;
  68.         }
  69.         return false;
  70.     }
  71. }