src/Security/SuperheroFreight/ReplenishmentOrderVoter.php line 15

Open in your IDE?
  1. <?php
  3. namespace App\Security\SuperheroFreight;
  5. use App\Entity\CommonData\User;
  6. use App\Entity\SuperheroFreight\ReplenishmentOrder;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. /**
  11.  * Class ReplenishmentOrderVoter
  12.  *
  13.  * @package App\Security\SuperheroFreight
  14.  */
  15. class ReplenishmentOrderVoter extends Voter
  16. {
  17.     /**
  18.      * @var string
  19.      */
  20.     const VIEW 'view';
  22.     /**
  23.      * @var string
  24.      */
  25.     const EDIT 'edit';
  27.     /**
  28.      * @param string $attribute
  29.      * @param mixed  $subject
  30.      *
  31.      * @return bool
  32.      */
  33.     protected function supports($attribute$subject): bool
  34.     {
  35.         if (!in_array($attribute, [self::VIEWself::EDIT])) {
  36.             return false;
  37.         }
  39.         if (!$subject instanceof ReplenishmentOrder) {
  40.             return false;
  41.         }
  43.         return true;
  44.     }
  46.     /**
  47.      * @param string         $attribute
  48.      * @param mixed          $subject
  49.      * @param TokenInterface $token
  50.      *
  51.      * @return bool
  52.      */
  53.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  54.     {
  55.         $user $token->getUser();
  57.         if (!$user instanceof User) {
  58.             return false;
  59.         }
  61.         /** @var ReplenishmentOrder $replenishmentOrder */
  62.         $replenishmentOrder $subject;
  64.         switch ($attribute) {
  65.             case self::VIEW:
  66.                 return $this->canView($replenishmentOrder$user);
  67.             case self::EDIT:
  68.                 return $this->canEdit($replenishmentOrder$user);
  69.         }
  71.         throw new \LogicException('This code should not be reached!');
  72.     }
  74.     /**
  75.      * @param ReplenishmentOrder $replenishmentOrder
  76.      * @param User               $user
  77.      *
  78.      * @return bool
  79.      */
  80.     private function canView(ReplenishmentOrder $replenishmentOrderUser $user): bool
  81.     {
  82.         return $user === $replenishmentOrder->getShfUser()->getUser() && !$replenishmentOrder->isDeleted();
  83.     }
  85.     /**
  86.      * @param ReplenishmentOrder $replenishmentOrder
  87.      * @param User               $user
  88.      *
  89.      * @return bool
  90.      */
  91.     private function canEdit(ReplenishmentOrder $replenishmentOrderUser $user): bool
  92.     {
  93.         return $replenishmentOrder->isEditable() &&
  94.             $user === $replenishmentOrder->getShfUser()->getUser() &&
  95.             !$replenishmentOrder->isDeleted();
  96.     }
  97. }