mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2025-06-12 13:24:25 +00:00
add voter for calendar
This commit is contained in:
parent
d150a8251b
commit
0ec0708807
@ -11,44 +11,41 @@ declare(strict_types=1);
|
|||||||
|
|
||||||
namespace Chill\CalendarBundle\Menu;
|
namespace Chill\CalendarBundle\Menu;
|
||||||
|
|
||||||
|
use Chill\CalendarBundle\Security\Voter\CalendarVoter;
|
||||||
use Chill\MainBundle\Routing\LocalMenuBuilderInterface;
|
use Chill\MainBundle\Routing\LocalMenuBuilderInterface;
|
||||||
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
|
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
|
||||||
use Chill\PersonBundle\Entity\AccompanyingPeriod;
|
use Chill\PersonBundle\Entity\AccompanyingPeriod;
|
||||||
use Knp\Menu\MenuItem;
|
use Knp\Menu\MenuItem;
|
||||||
|
use Symfony\Bundle\SecurityBundle\SecurityBundle;
|
||||||
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
|
||||||
|
use Symfony\Component\Security\Core\Security;
|
||||||
use Symfony\Contracts\Translation\TranslatorInterface;
|
use Symfony\Contracts\Translation\TranslatorInterface;
|
||||||
|
|
||||||
class AccompanyingCourseMenuBuilder implements LocalMenuBuilderInterface
|
class AccompanyingCourseMenuBuilder implements LocalMenuBuilderInterface
|
||||||
{
|
{
|
||||||
protected AuthorizationHelper $authorizationHelper;
|
private Security $security;
|
||||||
|
|
||||||
protected TokenStorageInterface $tokenStorage;
|
|
||||||
|
|
||||||
protected TranslatorInterface $translator;
|
protected TranslatorInterface $translator;
|
||||||
|
|
||||||
public function __construct(
|
public function __construct(
|
||||||
TokenStorageInterface $tokenStorage,
|
Security $security,
|
||||||
AuthorizationHelper $authorizationHelper,
|
|
||||||
TranslatorInterface $translator
|
TranslatorInterface $translator
|
||||||
) {
|
) {
|
||||||
|
$this->security = $security;
|
||||||
$this->translator = $translator;
|
$this->translator = $translator;
|
||||||
$this->authorizationHelper = $authorizationHelper;
|
|
||||||
$this->tokenStorage = $tokenStorage;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function buildMenu($menuId, MenuItem $menu, array $parameters)
|
public function buildMenu($menuId, MenuItem $menu, array $parameters)
|
||||||
{
|
{
|
||||||
$period = $parameters['accompanyingCourse'];
|
$period = $parameters['accompanyingCourse'];
|
||||||
|
|
||||||
if (AccompanyingPeriod::STEP_DRAFT !== $period->getStep()) {
|
if ($this->security->isGranted(CalendarVoter::SEE, $period)) {
|
||||||
/*
|
|
||||||
$menu->addChild($this->translator->trans('Calendar'), [
|
$menu->addChild($this->translator->trans('Calendar'), [
|
||||||
'route' => 'chill_calendar_calendar_list',
|
'route' => 'chill_calendar_calendar_list',
|
||||||
'routeParameters' => [
|
'routeParameters' => [
|
||||||
'accompanying_period_id' => $period->getId(),
|
'accompanying_period_id' => $period->getId(),
|
||||||
], ])
|
], ])
|
||||||
->setExtras(['order' => 35]);
|
->setExtras(['order' => 35]);
|
||||||
*/
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -0,0 +1,79 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Chill\CalendarBundle\Security\Voter;
|
||||||
|
|
||||||
|
use Chill\MainBundle\Security\Authorization\AbstractChillVoter;
|
||||||
|
use Chill\MainBundle\Security\Authorization\VoterHelperFactoryInterface;
|
||||||
|
use Chill\MainBundle\Security\Authorization\VoterHelperInterface;
|
||||||
|
use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
|
||||||
|
use Chill\PersonBundle\Entity\AccompanyingPeriod;
|
||||||
|
use Chill\PersonBundle\Entity\Person;
|
||||||
|
use Chill\PersonBundle\Security\Authorization\AccompanyingPeriodVoter;
|
||||||
|
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||||
|
use Symfony\Component\Security\Core\Security;
|
||||||
|
|
||||||
|
class CalendarVoter extends AbstractChillVoter implements ProvideRoleHierarchyInterface
|
||||||
|
{
|
||||||
|
public const SEE = 'CHILL_CALENDAR_CALENDAR_SEE';
|
||||||
|
|
||||||
|
|
||||||
|
private Security $security;
|
||||||
|
|
||||||
|
private VoterHelperInterface $voterHelper;
|
||||||
|
|
||||||
|
|
||||||
|
public function __construct(
|
||||||
|
Security $security,
|
||||||
|
VoterHelperFactoryInterface $voterHelperFactory
|
||||||
|
) {
|
||||||
|
$this->security = $security;
|
||||||
|
$this->voterHelper = $voterHelperFactory
|
||||||
|
->generate(self::class)
|
||||||
|
->addCheckFor(AccompanyingPeriod::class, [self::SEE])
|
||||||
|
->build();
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getRolesWithHierarchy(): array
|
||||||
|
{
|
||||||
|
return ['Calendar' => $this->getRoles()];
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getRoles(): array
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
self::SEE,
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
public function getRolesWithoutScope(): array
|
||||||
|
{
|
||||||
|
return [];
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function supports($attribute, $subject): bool
|
||||||
|
{
|
||||||
|
return $this->voterHelper->supports($attribute, $subject);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
|
||||||
|
{
|
||||||
|
if ($subject instanceof AccompanyingPeriod) {
|
||||||
|
switch ($attribute) {
|
||||||
|
case self::SEE:
|
||||||
|
|
||||||
|
if ($subject->getStep() === AccompanyingPeriod::STEP_DRAFT) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
// we first check here that the user has read access to the period
|
||||||
|
return $this->security->isGranted(AccompanyingPeriodVoter::SEE, $subject);
|
||||||
|
default:
|
||||||
|
throw new \LogicException('subject not implemented');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
throw new \LogicException('attribute not implemented');
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
Loading…
x
Reference in New Issue
Block a user