Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-08-29 19:13:49 +00:00
Code Issues Actions Projects Releases Wiki Activity

Apply the voter to allow all transition on EntityWorkflowGuardTransition

Browse Source 
This allow to effectively check that a user is allowed to apply all transitions on a workflow and, if yes, enable the given transition.
This commit is contained in:
Julien Fastré
2024-09-16 14:47:00 +02:00
parent 4696332a46
commit 4d8de46ac9
2 changed files with 41 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/Bundle/ChillMainBundle/Workflow/EventSubscriber/EntityWorkflowGuardTransition.php
View File

@@ -13,12 +13,24 @@ namespace Chill\MainBundle\Workflow\EventSubscriber;
use Chill\MainBundle\Entity\User;
use Chill\MainBundle\Entity\Workflow\EntityWorkflow;
use Chill\MainBundle\Security\Authorization\EntityWorkflowTransitionVoter;
use Chill\MainBundle\Templating\Entity\UserRender;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Workflow\Event\GuardEvent;
use Symfony\Component\Workflow\TransitionBlocker;
/**
* Prevent apply a transition on an entity workflow.
*
* This apply logic and rules to decide if a transition can be applyed.
*
* Those rules are:
*
* - if the transition is system-only or is allowed for user;
* - if the user is present in the dest users for a workflow;
* - or if the user have permission to apply all the transitions
*/
class EntityWorkflowGuardTransition implements EventSubscriberInterface
{
public function __construct(
@@ -85,11 +97,17 @@ class EntityWorkflowGuardTransition implements EventSubscriberInterface
);
}
if (!$entityWorkflow->getCurrentStep()->getAllDestUser()->contains($user)) {
if (
!$entityWorkflow->getCurrentStep()->getAllDestUser()->contains($user)
) {
if ($event->getMarking()->has('initial')) {
return;
}
if ($this->security->isGranted(EntityWorkflowTransitionVoter::APPLY_ALL_TRANSITIONS, $entityWorkflow->getCurrentStep())) {
return;
}
$event->addTransitionBlocker(new TransitionBlocker(
'workflow.You are not allowed to apply a transition on this workflow. Only those users are allowed: %users%',
'f3eeb57c-7532-11ec-9495-e7942a2ac7bc',