src/Security/Voter/UserVoter.php line 12

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\User;
  6. use App\Enum\PermissionEnum;
  7. use App\Service\UserPermissionLookup;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. use Symfony\Component\Security\Core\User\UserInterface;
  12. class UserVoter extends Voter
  13. {
  14.     /**
  15.      * @var UserPermissionLookup
  16.      */
  17.     private $userPermissionLookup;
  19.     public function __construct(UserPermissionLookup $userPermissionLookup)
  20.     {
  21.         $this->userPermissionLookup $userPermissionLookup;
  22.     }
  24.     protected function supports($attribute$subject)
  25.     {
  26.         $arrayPermissions = [
  27.             PermissionEnum::EMPLOYEE_VIEW,
  28.             PermissionEnum::EMPLOYEE_EDIT,
  29.             PermissionEnum::EMPLOYEE_CREATE,
  30.             PermissionEnum::EMPLOYEE_DELETE,
  32.             PermissionEnum::CUSTOMER_VIEW,
  33.             PermissionEnum::CUSTOMER_EDIT,
  34.             PermissionEnum::CUSTOMER_CREATE,
  35.             PermissionEnum::CUSTOMER_DELETE,
  36.             PermissionEnum::CUSTOMER_LANDING_PAGE,
  38.             PermissionEnum::ASSIGNMENT_FINISH,
  39.             PermissionEnum::DOWNLOAD_FILE,
  40.             PermissionEnum::DASHBOARD_VIEW_ADMIN,
  41.             PermissionEnum::CUSTOMER_ALLOW_DELIVERY,
  42.             ];
  43.         if (!\in_array($attribute$arrayPermissionstrue)) {
  44.             return false;
  45.         }
  47.         if (!$subject instanceof User) {
  48.             return false;
  49.         }
  51.         return true;
  52.     }
  54.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  55.     {
  56.         /** @var User $user */
  57.         $user $token->getUser();
  58.         if (!$user instanceof UserInterface) {
  59.             return false;
  60.         }
  61.         switch ($attribute) {
  62.             case PermissionEnum::EMPLOYEE_EDIT:
  63.                 return $this->employeeCanEdit($user);
  64.             case PermissionEnum::EMPLOYEE_VIEW:
  65.                 return $this->employeeCanView($user);
  66.             case  PermissionEnum::EMPLOYEE_CREATE:
  67.                 return $this->employeeCanCreate($user);
  68.             case  PermissionEnum::EMPLOYEE_DELETE:
  69.                 return $this->employeeCanDelete($user);
  70.             case PermissionEnum::CUSTOMER_EDIT:
  71.                 return $this->customerCanEdit($user);
  72.             case  PermissionEnum::CUSTOMER_CREATE:
  73.                 return $this->customerCanCreate($user);
  74.             case  PermissionEnum::CUSTOMER_DELETE:
  75.                 return $this->customerCanDelete($user);
  76.             case  PermissionEnum::CUSTOMER_VIEW:
  77.                 return $this->customerCanView($user);
  78.             case PermissionEnum::ASSIGNMENT_FINISH:
  79.                 return $this->canViewFinishAssignment($user);
  81.             case PermissionEnum::CUSTOMER_LANDING_PAGE:
  82.                 return $this->customerLandingPageCanView($user);
  83.             case PermissionEnum::DOWNLOAD_FILE:
  84.                 return $this->canViewDownloadFile($user);
  85.             case PermissionEnum::DASHBOARD_VIEW_ADMIN:
  86.                 return $this->canViewDashBoardAdmin($user);
  87.              case PermissionEnum::CUSTOMER_ALLOW_DELIVERY:
  88.                 return $this->canAllowDelivery($user);
  89.         }
  91.         return false;
  92.     }
  93.     private function canViewDashBoardAdmin(User $user): bool
  94.     {
  95.         $permissions $this->userPermissionLookup->findAllByUser($user);
  96.         if (\in_array(PermissionEnum::DASHBOARD_VIEW_ADMIN$permissionstrue)) {
  97.             return true;
  98.         }
  100.         return false;
  101.     }
  102.     private function customerCanView(User $user): bool
  103.     {
  104.         $permissions $this->userPermissionLookup->findAllByUser($user);
  105.         if (\in_array(PermissionEnum::CUSTOMER_VIEW$permissionstrue)) {
  106.             return true;
  107.         }
  109.         return false;
  110.     }
  112.     private function customerCanEdit(User $user): bool
  113.     {
  114.         $permissions $this->userPermissionLookup->findAllByUser($user);
  115.         if (\in_array(PermissionEnum::CUSTOMER_EDIT$permissionstrue)) {
  116.             return true;
  117.         }
  119.         return false;
  120.     }
  122.     private function customerCanCreate(User $user): bool
  123.     {
  124.         $permissions $this->userPermissionLookup->findAllByUser($user);
  125.         if (\in_array(PermissionEnum::CUSTOMER_CREATE$permissionstrue)) {
  126.             return true;
  127.         }
  129.         return false;
  130.     }
  132.     private function customerCanDelete(User $user): bool
  133.     {
  134.         $permissions $this->userPermissionLookup->findAllByUser($user);
  135.         if (\in_array(PermissionEnum::CUSTOMER_DELETE$permissionstrue)) {
  136.             return true;
  137.         }
  139.         return false;
  140.     }
  142.     private function employeeCanView(User $user): bool
  143.     {
  144.         $permissions $this->userPermissionLookup->findAllByUser($user);
  145.         if (\in_array(PermissionEnum::EMPLOYEE_VIEW$permissionstrue)) {
  146.             return true;
  147.         }
  149.         return false;
  150.     }
  152.     private function employeeCanEdit(User $user): bool
  153.     {
  154.         $permissions $this->userPermissionLookup->findAllByUser($user);
  155.         if (\in_array(PermissionEnum::EMPLOYEE_EDIT$permissionstrue)) {
  156.             return true;
  157.         }
  159.         return false;
  160.     }
  162.     private function employeeCanCreate(User $user): bool
  163.     {
  164.         $permissions $this->userPermissionLookup->findAllByUser($user);
  165.         if (\in_array(PermissionEnum::EMPLOYEE_CREATE$permissionstrue)) {
  166.             return true;
  167.         }
  169.         return false;
  170.     }
  172.     private function employeeCanDelete(User $user): bool
  173.     {
  174.         $permissions $this->userPermissionLookup->findAllByUser($user);
  175.         if (\in_array(PermissionEnum::EMPLOYEE_DELETE$permissionstrue)) {
  176.             return true;
  177.         }
  179.         return false;
  180.     }
  182.     private function canViewFinishAssignment(User $user): bool
  183.     {
  184.         $permissions $this->userPermissionLookup->findAllByUser($user);
  185.         if (\in_array(PermissionEnum::ASSIGNMENT_FINISH$permissionstrue)) {
  186.             return true;
  187.         }
  189.         return false;
  190.     }
  192.     private function customerLandingPageCanView(User $user): bool
  193.     {
  194.         $permissions $this->userPermissionLookup->findAllByUser($user);
  195.         if (\in_array(PermissionEnum::CUSTOMER_LANDING_PAGE$permissionstrue)) {
  196.             return true;
  197.         }
  199.         return false;
  200.     }
  201.     private function canViewDownloadFile(User $user): bool
  202.     {
  203.         $permissions $this->userPermissionLookup->findAllByUser($user);
  204.         if (\in_array(PermissionEnum::DOWNLOAD_FILE$permissionstrue)) {
  205.             return true;
  206.         }
  208.         return false;
  209.     }
  210.      private function canAllowDelivery(User $user): bool
  211.     {
  212.         $permissions $this->userPermissionLookup->findAllByUser($user);
  213.         if (\in_array(PermissionEnum::CUSTOMER_ALLOW_DELIVERY$permissionstrue)) {
  214.             return true;
  215.         }
  217.         return false;
  218.     }
  219. }