Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-08-20 14:43:49 +00:00
Code Issues Actions Projects Releases Wiki Activity

cs: Fix code style (safe rules only).

Browse Source
This commit is contained in:
Pol Dellaiera
2021-11-23 14:06:38 +01:00
parent 149d7ce991
commit 8f96a1121d
1223 changed files with 65199 additions and 64625 deletions
Download Patch File Download Diff File Expand all files Collapse all files

157
src/Bundle/ChillEventBundle/Security/Authorization/EventVoter.php
View File

@@ -1,65 +1,56 @@
<?php
/*
* Copyright (C) 2020 Champs Libres Cooperative <info@champs-libres.coop>
/**
* Chill is a software for social workers
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* For the full copyright and license information, please view
* the LICENSE file that was distributed with this source code.
*/
namespace Chill\EventBundle\Security\Authorization;
use Chill\MainBundle\Security\Authorization\AbstractChillVoter;
use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
use Chill\EventBundle\Entity\Event;
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
use Chill\MainBundle\Entity\User;
use Chill\MainBundle\Security\Authorization\AbstractChillVoter;
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
use Chill\PersonBundle\Entity\Person;
use Chill\PersonBundle\Security\Authorization\PersonVoter;
use Psr\Log\LoggerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Symfony\Component\Security\Core\Role\Role;
use Psr\Log\LoggerInterface;
/**
* Description of EventVoter
*
* @author Mathieu Jaumotte <jaum_mathieu@collectifs.net>
* @author Champs Libres <info@champs-libres.coop>
* Description of EventVoter.
*/
class EventVoter extends AbstractChillVoter implements ProvideRoleHierarchyInterface
{
const SEE = 'CHILL_EVENT_SEE';
const SEE_DETAILS = 'CHILL_EVENT_SEE_DETAILS';
const CREATE = 'CHILL_EVENT_CREATE';
const UPDATE = 'CHILL_EVENT_UPDATE';
public const CREATE = 'CHILL_EVENT_CREATE';
const ROLES = [
public const ROLES = [
self::SEE,
self::SEE_DETAILS,
self::CREATE,
self::UPDATE
self::UPDATE,
];
/**
* @var AuthorizationHelper
*/
protected $authorizationHelper;
public const SEE = 'CHILL_EVENT_SEE';
public const SEE_DETAILS = 'CHILL_EVENT_SEE_DETAILS';
public const UPDATE = 'CHILL_EVENT_UPDATE';
/**
* @var AccessDecisionManagerInterface
*/
protected $accessDecisionManager;
/**
* @var AuthorizationHelper
*/
protected $authorizationHelper;
/**
* @var LoggerInterface
*/
@@ -69,65 +60,12 @@ class EventVoter extends AbstractChillVoter implements ProvideRoleHierarchyInter
AccessDecisionManagerInterface $accessDecisionManager,
AuthorizationHelper $authorizationHelper,
LoggerInterface $logger
)
{
) {
$this->accessDecisionManager = $accessDecisionManager;
$this->authorizationHelper = $authorizationHelper;
$this->logger = $logger;
}
public function supports($attribute, $subject)
{
return ($subject instanceof Event && in_array($attribute, self::ROLES))
||
($subject instanceof Person && \in_array($attribute, [ self::CREATE, self::SEE ]))
||
(NULL === $subject && $attribute === self::SEE )
;
}
/**
*
* @param string $attribute
* @param Event $subject
* @param TokenInterface $token
* @return boolean
*/
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$this->logger->debug(sprintf("Voting from %s class", self::class));
if (!$token->getUser() instanceof User) {
return false;
}
if ($subject instanceof Event) {
return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute);
} elseif ($subject instanceof Person) {
return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute);
} else {
// subject is null. We check that at least one center is reachable
$centers = $this->authorizationHelper
->getReachableCenters($token->getUser(), new Role($attribute));
return count($centers) > 0;
}
if (!$this->accessDecisionManager->decide($token, [PersonVoter::SEE], $person)) {
return false;
}
return $this->authorizationHelper->userHasAccess(
$token->getUser(),
$subject,
$attribute
);
}
public function getRoles(): array
{
return self::ROLES;
@@ -136,7 +74,7 @@ class EventVoter extends AbstractChillVoter implements ProvideRoleHierarchyInter
public function getRolesWithHierarchy(): array
{
return [
'Event' => self::ROLES
'Event' => self::ROLES,
];
}
@@ -145,4 +83,49 @@ class EventVoter extends AbstractChillVoter implements ProvideRoleHierarchyInter
return [];
}
public function supports($attribute, $subject)
{
return ($subject instanceof Event && in_array($attribute, self::ROLES))
|| ($subject instanceof Person && \in_array($attribute, [self::CREATE, self::SEE]))
|| (null === $subject && self::SEE === $attribute);
}
/**
* @param string $attribute
* @param Event $subject
*
* @return bool
*/
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$this->logger->debug(sprintf('Voting from %s class', self::class));
if (!$token->getUser() instanceof User) {
return false;
}
if ($subject instanceof Event) {
return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute);
}
if ($subject instanceof Person) {
return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute);
}
// subject is null. We check that at least one center is reachable
$centers = $this->authorizationHelper
->getReachableCenters($token->getUser(), new Role($attribute));
return count($centers) > 0;
if (!$this->accessDecisionManager->decide($token, [PersonVoter::SEE], $person)) {
return false;
}
return $this->authorizationHelper->userHasAccess(
$token->getUser(),
$subject,
$attribute
);
}
}

161
src/Bundle/ChillEventBundle/Security/Authorization/ParticipationVoter.php
View File

@@ -1,64 +1,53 @@
<?php
/*
* Copyright (C) 2020 Champs-Libres <info@champs-libres.coop>
/**
* Chill is a software for social workers
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
* For the full copyright and license information, please view
* the LICENSE file that was distributed with this source code.
*/
namespace Chill\EventBundle\Security\Authorization;
use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
use Chill\MainBundle\Security\Authorization\AbstractChillVoter;
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
use Chill\EventBundle\Entity\Participation;
use Chill\MainBundle\Entity\User;
use Chill\MainBundle\Security\Authorization\AbstractChillVoter;
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
use Chill\PersonBundle\Entity\Person;
use Chill\PersonBundle\Security\Authorization\PersonVoter;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Role\Role;
use Psr\Log\LoggerInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Symfony\Component\Security\Core\Role\Role;
/**
*
*
* @author Julien Fastré <julien.fastre@champs-libres.coop>
*/
class ParticipationVoter extends AbstractChillVoter implements ProvideRoleHierarchyInterface
{
const SEE = 'CHILL_EVENT_PARTICIPATION_SEE';
const SEE_DETAILS = 'CHILL_EVENT_PARTICIPATION_SEE_DETAILS';
const CREATE = 'CHILL_EVENT_PARTICIPATION_CREATE';
const UPDATE = 'CHILL_EVENT_PARTICIPATION_UPDATE';
public const CREATE = 'CHILL_EVENT_PARTICIPATION_CREATE';
const ROLES = [
public const ROLES = [
self::SEE,
self::SEE_DETAILS,
self::CREATE,
self::UPDATE
self::UPDATE,
];
/**
* @var AuthorizationHelper
*/
protected $authorizationHelper;
public const SEE = 'CHILL_EVENT_PARTICIPATION_SEE';
public const SEE_DETAILS = 'CHILL_EVENT_PARTICIPATION_SEE_DETAILS';
public const UPDATE = 'CHILL_EVENT_PARTICIPATION_UPDATE';
/**
* @var AccessDecisionManagerInterface
*/
protected $accessDecisionManager;
/**
* @var AuthorizationHelper
*/
protected $authorizationHelper;
/**
* @var LoggerInterface
*/
@@ -68,65 +57,12 @@ class ParticipationVoter extends AbstractChillVoter implements ProvideRoleHierar
AccessDecisionManagerInterface $accessDecisionManager,
AuthorizationHelper $authorizationHelper,
LoggerInterface $logger
)
{
) {
$this->accessDecisionManager = $accessDecisionManager;
$this->authorizationHelper = $authorizationHelper;
$this->logger = $logger;
}
public function supports($attribute, $subject)
{
return ($subject instanceof Participation && in_array($attribute, self::ROLES))
||
($subject instanceof Person && \in_array($attribute, [ self::CREATE, self::SEE ]))
||
(NULL === $subject && $attribute === self::SEE )
;
}
/**
*
* @param string $attribute
* @param Participation $subject
* @param TokenInterface $token
* @return boolean
*/
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$this->logger->debug(sprintf("Voting from %s class", self::class));
if (!$token->getUser() instanceof User) {
return false;
}
if ($subject instanceof Participation) {
return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute);
} elseif ($subject instanceof Person) {
return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute);
} else {
// subject is null. We check that at least one center is reachable
$centers = $this->authorizationHelper
->getReachableCenters($token->getUser(), new Role($attribute));
return count($centers) > 0;
}
if (!$this->accessDecisionManager->decide($token, [PersonVoter::SEE], $person)) {
return false;
}
return $this->authorizationHelper->userHasAccess(
$token->getUser(),
$subject,
$attribute
);
}
public function getRoles(): array
{
return self::ROLES;
@@ -135,7 +71,7 @@ class ParticipationVoter extends AbstractChillVoter implements ProvideRoleHierar
public function getRolesWithHierarchy(): array
{
return [
'Event' => self::ROLES
'Event' => self::ROLES,
];
}
@@ -144,4 +80,49 @@ class ParticipationVoter extends AbstractChillVoter implements ProvideRoleHierar
return [];
}
public function supports($attribute, $subject)
{
return ($subject instanceof Participation && in_array($attribute, self::ROLES))
|| ($subject instanceof Person && \in_array($attribute, [self::CREATE, self::SEE]))
|| (null === $subject && self::SEE === $attribute);
}
/**
* @param string $attribute
* @param Participation $subject
*
* @return bool
*/
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$this->logger->debug(sprintf('Voting from %s class', self::class));
if (!$token->getUser() instanceof User) {
return false;
}
if ($subject instanceof Participation) {
return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute);
}
if ($subject instanceof Person) {
return $this->authorizationHelper->userHasAccess($token->getUser(), $subject, $attribute);
}
// subject is null. We check that at least one center is reachable
$centers = $this->authorizationHelper
->getReachableCenters($token->getUser(), new Role($attribute));
return count($centers) > 0;
if (!$this->accessDecisionManager->decide($token, [PersonVoter::SEE], $person)) {
return false;
}
return $this->authorizationHelper->userHasAccess(
$token->getUser(),
$subject,
$attribute
);
}
}