Documents can be added/viewed/edited for an accompanyingCourse + menu entry added

2025-08-21 07:03:49 +00:00 · 2021-09-14 15:44:06 +02:00
parent 88c192c22e
commit 2e5c2de363
11 changed files with 142 additions and 92 deletions
--- a/src/Bundle/ChillDocStoreBundle/Security/Authorization/AccompanyingCourseDocumentVoter.php
+++ b/src/Bundle/ChillDocStoreBundle/Security/Authorization/AccompanyingCourseDocumentVoter.php
@@ -0,0 +1,94 @@
+<?php
+
+namespace Chill\DocStoreBundle\Security\Authorization;
+
+use Chill\DocStoreBundle\Entity\AccompanyingCourseDocument;
+use Chill\MainBundle\Security\Authorization\AbstractChillVoter;
+use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
+use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
+use Chill\MainBundle\Entity\User;
+use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
+use Psr\Log\LoggerInterface;
+
+/**
+ *
+ */
+class AccompanyingCourseDocumentVoter extends AbstractChillVoter implements ProvideRoleHierarchyInterface
+{
+    const CREATE = 'CHILL_ACCOMPANYING_COURSE_DOCUMENT_CREATE';
+    const SEE    = 'CHILL_ACCOMPANYING_COURSE_DOCUMENT_SEE';
+    const SEE_DETAILS = 'CHILL_ACCOMPANYING_COURSE_DOCUMENT_SEE_DETAILS';
+    const UPDATE = 'CHILL_ACCOMPANYING_COURSE_DOCUMENT_UPDATE';
+    const DELETE = 'CHILL_ACCOMPANYING_COURSE_DOCUMENT_DELETE';
+
+    /**
+     * @var AuthorizationHelper
+     */
+    protected $authorizationHelper;
+
+    /**
+     * @var AccessDecisionManagerInterface
+     */
+    protected $accessDecisionManager;
+
+    /**
+     * @var LoggerInterface
+     */
+    protected $logger;
+
+    public function __construct(
+        AccessDecisionManagerInterface $accessDecisionManager,
+        AuthorizationHelper $authorizationHelper,
+        LoggerInterface $logger
+    )
+    {
+        $this->accessDecisionManager = $accessDecisionManager;
+        $this->authorizationHelper = $authorizationHelper;
+        $this->logger = $logger;
+    }
+
+    public function getRoles()
+    {
+        return [
+            self::CREATE,
+            self::SEE,
+            self::SEE_DETAILS,
+            self::UPDATE,
+            self::DELETE
+        ];
+    }
+    
+    protected function supports($attribute, $subject)
+    {
+        if (\in_array($attribute, $this->getRoles()) && $subject instanceof AccompanyingCourseDocument) {
+            return true;
+        }
+        
+        //if ($subject instanceof AccompanyingPeriod && $attribute === self::CREATE) {
+            return true;
+        //}
+        
+        return false;
+    }
+
+    protected function isGranted($attribute, $report, $user = null)
+    {
+        if (! $user instanceof User){
+            return false;
+        }
+        // TODO 
+        // return $this->helper->userHasAccess($user, $report, $attribute);
+        return true;
+    }
+
+    public function getRolesWithoutScope()
+    {
+        return array();
+    }
+
+
+    public function getRolesWithHierarchy()
+    {
+        return ['accompanyingCourseDocument' => $this->getRoles() ];
+    }
+}