src/Security/Voter/SurveyVoter.php line 11

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\AccountingFirm;
  6. use App\Entity\Survey;
  7. use App\Entity\User;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. class SurveyVoter extends Voter
  12. {
  13.     const ACCESS 'SURVEY_ACCESS';
  14.     const EDIT 'SURVEY_EDIT';
  15.     const DELETE 'SURVEY_DELETE';
  17.     const NEW = 'SURVEY_NEW';
  19.     
  21.     protected function supports(string $attributemixed $subject): bool
  22.     {
  23.         return in_array($attribute, [self::ACCESSself::EDITself::DELETEself::NEW])
  24.             && ($subject === null || $subject instanceof Survey);
  25.     }
  27.     protected function voteOnAttribute(string $attributemixed $subjectTokenInterface $token): bool
  28.     {
  29.         $user $token->getUser();
  31.         if (!$user instanceof User) {
  32.             return false;
  33.         }
  35.         if (in_array('ROLE_ADMIN'$user->getRoles())) {
  36.             return true;
  37.         }
  39.         switch ($attribute) {
  40.             case self::ACCESS:
  41.                 return $this->canAccessSurvey($user);
  42.             case self::EDIT:
  43.             case self::DELETE:
  44.                 return $this->canEditSurvey($user$subject);
  45.             case self::NEW:
  46.                 return $this->canNewSurvey($user);
  47.         }
  49.         return false;
  50.     }
  52.     private function canAccessSurvey(User $user): bool
  53.     {
  54.         $accountingFirm $user->getAccountingFirm();
  55.         if (!$accountingFirm) {
  56.             return false;
  57.         }
  59.         return $this->canAccessSurveyModule($accountingFirm);
  60.     }
  62.     private function canEditSurvey(User $user, ?Survey $survey): bool
  63.     {
  64.         if (!$this->canAccessSurvey($user)) {
  65.             return false;
  66.         }
  68.         if (!$survey) {
  69.             return false;
  70.         }
  72.         $accountingFirm $survey->getAccountingFirm();
  74.         if (!$this->canAccessSurveyClient($accountingFirm)) {
  75.             return false;
  76.         }
  78.         return $survey->getAccountingFirm() === $user->getAccountingFirm();
  79.     }
  81.     private function canAccessSurveyModule(AccountingFirm $accountingFirm): bool
  82.     {
  83.         return $accountingFirm->getSurveyClientActivate() === true || $accountingFirm->getWebsiteCreatedAt() !== null;
  84.     }
  86.     private function canNewSurvey(User $user): bool
  87.     {
  88.         $accountingFirm $user->getAccountingFirm();
  89.         if (!$accountingFirm) {
  90.             return false;
  91.         }
  93.         if (!$this->canAccessSurveyClient($accountingFirm)) {
  94.             return false;
  95.         }
  97.         return $accountingFirm->getSurveyClientActivate() === true;
  98.     }
  100.     //verify if token survey and widget url are not null
  101.     private function canAccessSurveyClient(AccountingFirm $accountingFirm): bool
  102.     {
  103.         return $accountingFirm->getSurveyToken() !== null && $accountingFirm->getSurveyWidgetUrl() !== null;
  104.     }
  105. }