Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-06-12 13:24:25 +00:00
Code Issues Actions Projects Releases Wiki Activity

Fix error on EventVoter

Browse Source
This commit is contained in:
Tchama 2019-01-25 18:01:37 +01:00
parent 31876ee8b6
commit 29b7641528
3 changed files with 22 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Menu/PersonMenuBuilder.php
View File

@ -48,17 +48,7 @@ class PersonMenuBuilder implements LocalMenuBuilderInterface
->setExtras([ ->setExtras([
'order' => 500 'order' => 500
]); ]);
}
////
else {
dump('not see');
} }
if ($this->authorizationChecker->isGranted(EventVoter::CREATE, $person)) {
dump('create');
} else {
dump('not create');
}
////
} }
public static function getMenuIds(): array public static function getMenuIds(): array

7
Resources/views/Event/listByPerson.html.twig
View File

@ -50,13 +50,6 @@
<td> <td>
<ul class="record_actions"> <ul class="record_actions">
<li> <li>
{% if is_granted('CHILL_EVENT_SEE', participation.event) %}
see {% else %} not see
{% endif %}
{% if is_granted('CHILL_EVENT_CREATE', participation.event) %}
create {% else %} not create
{% endif %}
{% if is_granted('CHILL_EVENT_SEE_DETAILS', participation.event) %} {% if is_granted('CHILL_EVENT_SEE_DETAILS', participation.event) %}
<a href="{{ path('chill_event__event_show', { 'event_id' : participation.event.id } ) }}" class="sc-button black"> <a href="{{ path('chill_event__event_show', { 'event_id' : participation.event.id } ) }}" class="sc-button black">
{{ 'See'|trans }} {{ 'See'|trans }}

29
Security/Authorization/EventVoter.php
View File

@ -1,6 +1,20 @@
<?php <?php
/*
* Copyright (C) 2018 Champs Libres Cooperative <info@champs-libres.coop>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace Chill\EventBundle\Security\Authorization; namespace Chill\EventBundle\Security\Authorization;
@ -9,16 +23,16 @@ use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
use Chill\EventBundle\Entity\Event; use Chill\EventBundle\Entity\Event;
use Chill\MainBundle\Security\Authorization\AuthorizationHelper; use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
use Chill\MainBundle\Entity\User; use Chill\MainBundle\Entity\User;
use Chill\PersonBundle\Entity\Person;
use Chill\PersonBundle\Security\Authorization\PersonVoter; use Chill\PersonBundle\Security\Authorization\PersonVoter;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface; use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
/** /**
* Description of EventVoter * Description of EventVoter
* *
* @author Julien Fastré <julien.fastre@champs-libres.coop> * @author Mathieu Jaumotte <jaum_mathieu@collectifs.net>
* @author Champs Libres <info@champs-libres.coop> * @author Champs Libres <info@champs-libres.coop>
*/ */
class EventVoter extends AbstractChillVoter implements ProvideRoleHierarchyInterface class EventVoter extends AbstractChillVoter implements ProvideRoleHierarchyInterface
@ -93,23 +107,24 @@ class EventVoter extends AbstractChillVoter implements ProvideRoleHierarchyInter
return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute); return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute);
} else { } else {
// subject is null. We check that at least one center is reachable // subject is null. We check that at least one center is reachable
$centers = $this->authorizationHelper $centers = $this->authorizationHelper
->getReachableCenters($token->getUser(), new Role($attribute)); ->getReachableCenters($token->getUser(), new Role($attribute));
return count($centers) > 0; return count($centers) > 0;
} }
if (!$this->accessDecisionManager->decide($token, [PersonVoter::SEE], $person)) { if (!$this->accessDecisionManager->decide($token, [PersonVoter::SEE], $person)) {
return false; return false;
} }
return $this->authorizationHelper->userHasAccess( return $this->authorizationHelper->userHasAccess(
$token->getUser(), $token->getUser(),
$subject, $subject,
$attribute $attribute
); );
} }