src/Security/Voter/SolicitationVoter.php line 15

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\Beneficiary;
  6. use App\Entity\ContractLine;
  7. use App\Entity\Solicitation;
  8. use App\Entity\User;
  9. use App\Service\BookingService;
  10. use LogicException;
  11. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  12. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  13. use Symfony\Component\Security\Core\Security;
  15. class SolicitationVoter extends Voter
  16. {
  17.     public const CREATE 'create_solicitation';
  18.     public const EDIT 'edit_solicitation';
  19.     public const SHOW 'show_solicitation';
  21.     /** @var Security $security */
  22.     private $security;
  23.     /** @var BookingService $bookingService */
  24.     private $bookingService;
  26.     /**
  27.      * SolicitationVoter constructor.
  28.      * @param Security $security
  29.      * @param BookingService $bookingService
  30.      */
  31.     public function __construct(Security $securityBookingService $bookingService)
  32.     {
  33.         $this->security $security;
  34.         $this->bookingService $bookingService;
  35.     }
  37.     /**
  38.      * @inheritDoc
  39.      */
  40.     protected function supports($attribute$subject): bool
  41.     {
  42.         // if the attribute isn't one we support, return false
  43.         if (!in_array($attribute, [self::CREATEself::EDITself::SHOW])) {
  44.             return false;
  45.         }
  47.         return true;
  48.     }
  50.     /**
  51.      * @inheritDoc
  52.      */
  53.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  54.     {
  55.         $user $token->getUser();
  57.         if (!$user instanceof User) {
  58.             // the user must be logged in; if not, deny access
  59.             return false;
  60.         }
  62.         switch ($attribute) {
  63.             case self::CREATE:
  64.                 return $this->canCreate($subject);
  65.             case self::EDIT:
  66.                 return $this->canEdit($subject);
  67.             case self::SHOW:
  68.                 return $this->canShow();
  69.         }
  71.         throw new LogicException('This code should not be reached!');
  72.     }
  74.     /**
  75.      * @param $subject
  76.      * @return bool
  77.      */
  78.     private function canCreate($subject): bool
  79.     {
  80.         /** @var Beneficiary $beneficiary */
  81.         $beneficiary $subject['beneficiary'];
  82.         /** @var ContractLine $ontractLine */
  83.         $ontractLine $subject['contractLine'];
  85.         // Quantity 0 is unlimited, so we can create another solicitation
  86.         $availableQuantities $this->bookingService->getAvailableQuantity($ontractLine$beneficiarynull);
  87.         return (
  88.             $ontractLine->getEnabledRelevantPeriod() &&
  89.             $this->security->isGranted('ROLE_ATCLIENTE') &&
  90.             $availableQuantities
  91.         );
  92.     }
  94.     /**
  95.      * @param Solicitation $solicitation
  96.      * @return bool
  97.      */
  98.     private function canEdit(Solicitation $solicitation): bool
  99.     {
  100.         $ontractLine $solicitation->getContractLine();
  101.         // Quantity 0 is unlimited, so we can create another solicitation
  102.         return ($ontractLine->getEnabledRelevantPeriod() && $this->security->isGranted('ROLE_ATCLIENTE'));
  103.     }
  105.     /**
  106.      * @return bool
  107.      */
  108.     private function canShow(): bool
  109.     {
  110.         return $this->security->isGranted('ROLE_ATCLIENTE');
  111.     }
  112. }