Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-06-07 18:44:08 +00:00
Code Issues Actions Projects Releases Wiki Activity

voters adjusted

Browse Source
This commit is contained in:
Julie Lenaerts 2021-11-19 11:29:29 +01:00
parent 26a13ae6df
commit 210c8b8b97
4 changed files with 27 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/Bundle/ChillActivityBundle/Security/Authorization/ActivityVoter.php
View File

@ -91,6 +91,11 @@ class ActivityVoter extends AbstractChillVoter implements ProvideRoleHierarchyIn
return false;
}
} elseif ($subject->getAccompanyingPeriod() instanceof AccompanyingPeriod) {
if (AccompanyingPeriod::STEP_CLOSED === $subject->getAccompanyingPeriod->getStep()) {
if (\in_array($attribute, [self::UPDATE, self::CREATE, self::DELETE])) {
return false;
}
}
if (!$this->security->isGranted(AccompanyingPeriodVoter::SEE, $subject->getAccompanyingPeriod())) {
return false;
}

8
src/Bundle/ChillDocStoreBundle/Security/Authorization/AccompanyingCourseDocumentVoter.php
View File

@ -76,6 +76,14 @@ class AccompanyingCourseDocumentVoter extends AbstractChillVoter implements Prov
return false;
}
if ($subject instanceof AccompanyingCourseDocument) {
if (AccompanyingPeriod::STEP_CLOSED === $subject->getCourse()->getStep()) {
if (\in_array($attribute, [self::UPDATE, self::CREATE, self::DELETE])) {
return false;
}
}
}
return $this->voterHelper->voteOnAttribute($attribute, $subject, $token);
}

15
src/Bundle/ChillPersonBundle/Security/Authorization/AccompanyingPeriodVoter.php
View File

@ -68,6 +68,13 @@ class AccompanyingPeriodVoter extends AbstractChillVoter implements ProvideRole
}
if ($subject instanceof AccompanyingPeriod) {
if (AccompanyingPeriod::STEP_CLOSED === $subject->getStep()) {
if (\in_array($attribute, [self::EDIT, self::DELETE])) {
return false;
}
}
if (AccompanyingPeriod::STEP_DRAFT === $subject->getStep()) {
// only creator can see, edit, delete, etc.
if ($subject->getCreatedBy() === $token->getUser()
@ -77,13 +84,7 @@ class AccompanyingPeriodVoter extends AbstractChillVoter implements ProvideRole
return false;
}
// if (AccompanyingPeriod::STEP_CLOSED === $subject->getStep()) {
// if($this->security->isGranted(self::EDIT, $subject)) {
// return false;
// }
// }
// if confidential, only the referent can see it
if ($subject->isConfidential()) {
return $token->getUser() === $subject->getUser();

6
src/Bundle/ChillTaskBundle/Security/Authorization/TaskVoter.php
View File

@ -112,6 +112,12 @@ final class TaskVoter extends AbstractChillVoter implements ProvideRoleHierarchy
if (!$this->accessDecisionManager->decide($token, [AccompanyingPeriodVoter::SEE], $period)) {
return false;
}
if (AccompanyingPeriod::STEP_CLOSED === $subject->getCourse()->getStep()) {
if (\in_array($attribute, [self::UPDATE, self::CREATE_COURSE, self::DELETE])) {
return false;
}
}
}
}