src/Security/Voter/EmplacementVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\Emplacement;
  6. use App\Entity\User;
  7. use Symfony\Component\Security\Core\Security;
  8. use Symfony\Component\Security\Core\User\UserInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
  11. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  13. class EmplacementVoter extends Voter
  14. {
  15. public const EDIT = 'EMPLACEMENT_EDIT';
  16. public const VIEW = 'EMPLACEMENT_VIEW';
  17. public const DELETE = 'EMPLACEMENT_DELETE';
  18. public const CREATE = 'EMPLACEMENT_CREATE';
  20. public function __construct(private Security $security)
  21. {}
  23. protected function supports(string $attribute, $emplacement): bool
  24. {
  25. // replace with your own logic
  26. // https://symfony.com/doc/current/security/voters.html
  27. return in_array($attribute, [self::EDIT, self::VIEW, self::DELETE, self::CREATE])
  28. && $emplacement instanceof \App\Entity\Emplacement;
  29. }
  31. protected function voteOnAttribute(string $attribute, $emplacement, TokenInterface $token): bool
  32. {
  33. $user = $token->getUser();
  34. // if the user is anonymous, do not grant access
  35. if (!$user instanceof UserInterface) {
  36. return false;
  37. }
  39. //On vérifie si l'utilisateur est admin
  40. if($this->security->isGranted('ROLE_ADMIN'))
  41. {
  42. return true;
  43. }
  45. // ... (check conditions and return true to grant permission) ...
  46. switch ($attribute) {
  47. case self::EDIT:
  48. // on vérifie si on peut éditer
  49. return $this->canEdit($emplacement, $user);
  50. break;
  51. case self::VIEW:
  52. // on vérifie si on peut visualiser
  53. return $this->canView($emplacement, $user);
  54. break;
  55. case self::DELETE:
  56. // on vérifie si on peut supprimer
  57. return $this->canDelete($emplacement, $user);
  58. break;
  59. case self::CREATE:
  60. // on vérifie si on peut créer
  61. return $this->canCreate($emplacement, $user);
  62. break;
  63. }
  65. return false;
  66. }
  68. private function canEdit(Emplacement $emplacement, User $user){
  69. // Le compte qui a accès à cet emplacement et qui a le ROLE_EMPLACEMENT peut modifier cet emplacement
  70. if($this->security->isGranted('ROLE_FOODTRUCK') OR $this->security->isGranted('ROLE_EMPLACEMENT'))
  71. {
  72. return ($user === $emplacement->getCreateur());
  74. // foreach ($user->getAccesEmplacements() as $key => $accesEmplacement) {
  75. // if($accesEmplacement->getEmplacement() === $emplacement){
  76. // return true;
  77. // }
  78. // }
  79. }
  80. }
  82. private function canView(Emplacement $emplacement, User $user){
  83. // Le compte qui a accès à cet emplacement peut le visualiser
  84. foreach ($user->getAccesEmplacements() as $key => $accesEmplacement) {
  85. if($accesEmplacement->getEmplacement() === $emplacement){
  86. return true;
  87. }
  88. }
  89. }
  90. private function canDelete(Emplacement $emplacement, User $user){
  91. // Seul l'admin peut supprimer un emplacement
  93. // Le compte qui a accès à un emplacement peut seulement supprimer son accès
  97. }
  98. private function canCreate(Emplacement $emplacement, User $user){
  99. // Le ROLE_FOODTRUCK peut créer un emplacement
  100. // Le ROLE_EMPLACEMENT peut créer un emplacement
  101. if($this->security->isGranted('ROLE_FOODTRUCK') OR $this->security->isGranted('ROLE_EMPLACEMENT'))
  102. {
  103. return true;
  104. }
  105. }
  107. }