src/Security/Voter/BookingIntervalVoter.php line 15

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\Booking;
  6. use App\Entity\BookingInterval;
  7. use App\Entity\User;
  8. use App\Service\BookingService;
  9. use App\Service\SolicitationService;
  10. use LogicException;
  11. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  12. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  13. use Symfony\Component\Security\Core\Security;
  15. class BookingIntervalVoter extends Voter
  16. {
  17.     public const CREATE 'create_booking_interval';
  18.     public const EDIT 'edit_booking_interval';
  19.     public const SHOW 'show_booking_interval';
  21.     /** @var Security $security */
  22.     private $security;
  23.     /** @var SolicitationService $solicitationService */
  24.     private $bookingService;
  26.     /**
  27.      * BookingIntervalVoter constructor.
  28.      * @param Security $security
  29.      * @param BookingService $bookingService
  30.      */
  31.     public function __construct(Security $securityBookingService $bookingService)
  32.     {
  33.         $this->security $security;
  34.         $this->bookingService $bookingService;
  35.     }
  37.     /**
  38.      * @inheritDoc
  39.      */
  40.     protected function supports($attribute$subject): bool
  41.     {
  42.         // if the attribute isn't one we support, return false
  43.         if (!in_array($attribute, [self::CREATEself::EDITself::SHOW])) {
  44.             return false;
  45.         }
  47.         if (!$subject instanceof Booking && !$subject instanceof BookingInterval) {
  48.             return false;
  49.         }
  51.         return true;
  52.     }
  54.     /**
  55.      * @inheritDoc
  56.      */
  57.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  58.     {
  59.         $user $token->getUser();
  61.         if (!$user instanceof User) {
  62.             // the user must be logged in; if not, deny access
  63.             return false;
  64.         }
  66.         switch ($attribute) {
  67.             case self::CREATE:
  68.                 return $this->canCreate($subject);
  69.             case self::EDIT:
  70.                 return $this->canEdit($subject);
  71.             case self::SHOW:
  72.                 return $this->canShow();
  73.         }
  75.         throw new LogicException('This code should not be reached!');
  76.     }
  78.     /**
  79.      * @param Booking $booking
  80.      * @return bool
  81.      */
  82.     private function canCreate(Booking $booking): bool
  83.     {
  84.         $beneficiary $booking->getSolicitation()->getBeneficiary();
  85.         $collectiveLine $booking->getSolicitation()->getContractLine();
  87.         // Quantity 0 is unlimited, so we can create another solicitation
  88.         $availableQuantities $this->bookingService->getAvailableQuantity($collectiveLine$beneficiarynull);
  89.         return (
  90.             $collectiveLine->getEnabledRelevantPeriod() &&
  91.             $this->security->isGranted('ROLE_ATCLIENTE') &&
  92.             $availableQuantities
  93.         );
  94.     }
  96.     /**
  97.      * @param BookingInterval $bookingInterval
  98.      * @return bool
  99.      */
  100.     private function canEdit(BookingInterval $bookingInterval): bool
  101.     {
  102.         $serviceBag $bookingInterval->getBooking()->getSolicitation()->getContractLine();
  103.         // Quantity 0 is unlimited, so we can create another solicitation
  104.         return ($serviceBag->getEnabledRelevantPeriod() && $this->security->isGranted('ROLE_ATCLIENTE'));
  105.     }
  107.     /**
  108.      * @return bool
  109.      */
  110.     private function canShow(): bool
  111.     {
  112.         return $this->security->isGranted('ROLE_ATCLIENTE');
  113.     }
  114. }