mirror of
https://gitlab.com/Chill-Projet/chill-bundles.git
synced 2025-06-07 18:44:08 +00:00
80 lines
2.6 KiB
PHP
80 lines
2.6 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Chill is a software for social workers
|
|
*
|
|
* For the full copyright and license information, please view
|
|
* the LICENSE file that was distributed with this source code.
|
|
*/
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Chill\PersonBundle\Security\Authorization;
|
|
|
|
use Chill\PersonBundle\Entity\AccompanyingPeriod;
|
|
use Chill\PersonBundle\Entity\AccompanyingPeriod\AccompanyingPeriodWork;
|
|
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
|
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
|
use Symfony\Component\Security\Core\Security;
|
|
use UnexpectedValueException;
|
|
use function in_array;
|
|
|
|
class AccompanyingPeriodWorkVoter extends Voter
|
|
{
|
|
public const CREATE = 'CHILL_MAIN_ACCOMPANYING_PERIOD_WORK_CREATE';
|
|
public const SEE = 'CHILL_MAIN_ACCOMPANYING_PERIOD_WORK_SEE';
|
|
public const UPDATE = 'CHILL_MAIN_ACCOMPANYING_PERIOD_WORK_UPDATE';
|
|
|
|
private Security $security;
|
|
|
|
public function __construct(Security $security)
|
|
{
|
|
$this->security = $security;
|
|
}
|
|
|
|
protected function supports($attribute, $subject): bool
|
|
{
|
|
return
|
|
(
|
|
$subject instanceof AccompanyingPeriodWork
|
|
&& in_array($attribute, $this->getRoles(), true)
|
|
) || (
|
|
$subject instanceof AccompanyingPeriod
|
|
&& in_array($attribute, [self::SEE, self::CREATE])
|
|
);
|
|
}
|
|
|
|
/**
|
|
* @param string $attribute
|
|
* @param AccompanyingPeriodWork $subject
|
|
*/
|
|
protected function voteOnAttribute($attribute, $subject, TokenInterface $token): bool
|
|
{
|
|
if ($subject instanceof AccompanyingPeriodWork) {
|
|
switch ($attribute) {
|
|
case self::SEE:
|
|
return $this->security->isGranted(AccompanyingPeriodVoter::SEE_DETAILS, $subject->getAccompanyingPeriod());
|
|
|
|
default:
|
|
throw new UnexpectedValueException("attribute {$attribute} is not supported");
|
|
}
|
|
} elseif ($subject instanceof AccompanyingPeriod) {
|
|
switch ($attribute) {
|
|
case self::SEE:
|
|
return $this->security->isGranted(AccompanyingPeriodVoter::SEE_DETAILS, $subject);
|
|
|
|
default:
|
|
throw new UnexpectedValueException(sprintf("attribute {$attribute} is not supported on instance %s",
|
|
AccompanyingPeriod::class));
|
|
}
|
|
}
|
|
|
|
throw new UnexpectedValueException(sprintf("attribute {$attribute} on instance %s is not supported", get_class($subject)));
|
|
}
|
|
|
|
private function getRoles(): array
|
|
{
|
|
return [self::SEE];
|
|
}
|
|
}
|