src/Security/Voters/ClusterVoter.php line 17

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace App\Security\Voters;
  7. use App\Services\Clients\ClientSystemState\ClientSystemStateService;
  8. use App\Entity\Client;
  9. use App\Entity\Cluster;
  10. use App\Entity\CompanyPerson;
  11. use App\Entity\OA2User;
  12. use App\Repository\ClientRepository;
  13. use App\Repository\CompanyPersonRepository;
  14. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  15. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  17. class ClusterVoter extends Voter
  18. {
  19.     public const MODE_READ 'read';
  20.     public const CAN_MAKE_CLUSTERS 'can_make_clusters';
  22.     private $clientRepository;
  23.     private $clientSystemStateService;
  24.     private $companyPersonRepository;
  26.     public function __construct(
  27.         ClientRepository $clientRepository,
  28.         ClientSystemStateService $clientSystemStateService,
  29.         CompanyPersonRepository $companyPersonRepository
  30.     ) {
  31.         $this->clientRepository $clientRepository;
  32.         $this->clientSystemStateService $clientSystemStateService;
  33.         $this->companyPersonRepository $companyPersonRepository;
  34.     }
  36.     /**
  37.      * @param string $attribute
  38.      * @param mixed  $subject
  39.      *
  40.      * @return bool
  41.      */
  42.     protected function supports($attribute$subject)
  43.     {
  44.         return !(!$subject instanceof Cluster)
  46.          ;
  47.     }
  49.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  50.     {
  51.         if (!in_array($attribute$this->getSupportedPermissions())) {
  52.             return false;
  53.         }
  54.         /** @var Cluster $cluster */
  55.         $cluster $subject;
  57.         /** @var Client|null $currentClient */
  58.         $currentClient $this->getCurrentClient($token);
  59.         if ($currentClient === null) {
  60.             return false;
  61.         }
  63.         if ($attribute === self::MODE_READ) {
  64.             return $this->canRead($currentClient$cluster);
  65.         }
  66.         if ($attribute === self::CAN_MAKE_CLUSTERS) {
  67.             return $this->canMakeClusters($currentClient$cluster);
  68.         }
  70.         return false;
  71.     }
  73.     private function getSupportedPermissions(): array
  74.     {
  75.         return [
  76.             self::MODE_READ,
  77.             self::CAN_MAKE_CLUSTERS,
  78.         ];
  79.     }
  81.     private function getCurrentClient(TokenInterface $token): ?Client
  82.     {
  83.         /** @var OA2User $oa2User */
  84.         $oa2User $token->getUser();
  85.         if (!$oa2User instanceof OA2User || $oa2User->isBankUser()) {
  86.             return null// Client user only
  87.         }
  89.         return $this->clientRepository->findOneByOa2User($oa2User);
  90.     }
  92.     public function canRead(Client $currentClientCluster $cluster): bool
  93.     {
  94.         /** @var CompanyPerson $relationCompany */
  95.         $relationCompany $this->companyPersonRepository->findOneByOwnerClient($currentClient$cluster->getClient());
  97.         return (bool) $relationCompany;
  98.     }
  100.     public function canMakeClusters(Client $currentClientCluster $cluster): bool
  101.     {
  102.         /** @var CompanyPerson $relationCompany */
  103.         $relationCompany $this->companyPersonRepository->findOneByOwnerClient($currentClient$cluster->getClient());
  105.         return $relationCompany $relationCompany->getCanMakeClusters() : false;
  106.     }
  107. }