src/V4/Voters/QuoteVoter.php line 12

Open in your IDE?
  1. <?php
  3. namespace App\V4\Voters;
  5. use App\Security\SecurityConfig;
  6. use App\Security\User;
  7. use LogicException;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. use Symfony\Component\Security\Core\Security;
  12. class QuoteVoter extends Voter
  13. {
  14.     const QUOTE_MANAGE_LIST 'quote_manage_list';
  15.     const QUOTE_SHOW_LIST 'quote_show_list';
  16.     const QUOTE_ADD_EDIT 'quote_add_edit';
  17.     const QUOTE_DUPLICATE 'quote_duplicate';
  18.     const QUOTE_REGENERATE_PRICES 'quote_regenerate_prices';
  19.     const QUOTE_MANAGE_FIELDS 'quote_manage_fields';
  20.     const QUOTE_STATE_ADD_EDIT 'quote_state_add_edit';
  21.     const QUOTE_REASON_ADD_EDIT 'quote_reason_add_edit';
  22.     const QUOTE_LINES_EXPORT_PDF 'quote_lines_export_pdf';
  24.     /**
  25.      * @var Security
  26.      */
  27.     private $security;
  29.     public function __construct(Security $security)
  30.     {
  31.         $this->security $security;
  32.     }
  34.     /**
  35.      * @param $attribute
  36.      * @param $subject
  37.      *
  38.      * @return bool
  39.      */
  40.     protected function supports($attribute$subject): bool
  41.     {
  42.         return in_array($attribute, [
  43.             self::QUOTE_MANAGE_LIST,
  44.             self::QUOTE_SHOW_LIST,
  45.             self::QUOTE_ADD_EDIT,
  46.             self::QUOTE_DUPLICATE,
  47.             self::QUOTE_REGENERATE_PRICES,
  48.             self::QUOTE_MANAGE_FIELDS,
  49.             self::QUOTE_STATE_ADD_EDIT,
  50.             self::QUOTE_REASON_ADD_EDIT,
  51.             self::QUOTE_LINES_EXPORT_PDF,
  52.         ], true);
  53.     }
  55.     /**
  56.      * @param $attribute
  57.      * @param $subject
  58.      * @param TokenInterface $token
  59.      *
  60.      * @return bool
  61.      *
  62.      * @throws LogicException
  63.      */
  64.     protected function voteOnAttribute($attribute$subjectTokenInterface $token): bool
  65.     {
  66.         $user $token->getUser();
  67.         if (!$user instanceof User) {
  68.             return false;
  69.         }
  71.         switch ($attribute) {
  72.             case self::QUOTE_MANAGE_LIST:
  73.                 return $this->canQuoteManageList();
  74.             case self::QUOTE_SHOW_LIST:
  75.                 return $this->canQuoteShowList();
  76.             case self::QUOTE_ADD_EDIT:
  77.                 return $this->canQuoteAddEdit();
  78.             case self::QUOTE_DUPLICATE:
  79.                 return $this->canQuoteDuplicate();
  80.             case self::QUOTE_REGENERATE_PRICES:
  81.                 return $this->canQuoteRegeneratePrices($user);
  82.             case self::QUOTE_MANAGE_FIELDS:
  83.                 return $this->canQuoteManageFields();
  84.             case self::QUOTE_STATE_ADD_EDIT:
  85.                 return $this->canQuoteStateAddEdit();
  86.             case self::QUOTE_REASON_ADD_EDIT:
  87.                 return $this->canQuoteReasonAddEdit();
  88.             case self::QUOTE_LINES_EXPORT_PDF:
  89.                 return $this->canExportQuotesPdf();
  90.         }
  92.         throw new LogicException('This should never happen');
  93.     }
  95.     private function canQuoteManageList(): bool
  96.     {
  97.         return $this->canAccessQuote();
  98.     }
  100.     private function canQuoteShowList(): bool
  101.     {
  102.         return $this->canAccessQuote();
  103.     }
  105.     private function canQuoteAddEdit(): bool
  106.     {
  107.         return $this->canAccessQuote();
  108.     }
  110.     private function canQuoteDuplicate(): bool
  111.     {
  112.         return $this->canAccessQuote();
  113.     }
  115.     /**
  116.      * @param User $user
  117.      *
  118.      * @return bool
  119.      */
  120.     private function canQuoteRegeneratePrices(User $user): bool
  121.     {
  122.         return in_array(SecurityConfig::QUOTE_REGENERATE_PRICES$user->getRoles(), true);
  123.     }
  125.     private function canQuoteManageFields(): bool
  126.     {
  127.         return $this->canAccessQuote();
  128.     }
  130.     private function canQuoteStateAddEdit(): bool
  131.     {
  132.         return $this->canAccessQuote();
  133.     }
  135.     private function canQuoteReasonAddEdit(): bool
  136.     {
  137.         return $this->canAccessQuote();
  138.     }
  140.     /**
  141.      * @return bool
  142.      */
  143.     private function canExportQuotesPdf(): bool
  144.     {
  145.         return $this->canAccessQuote();
  146.     }
  148.     /**
  149.      * @TODO: Si le client n'a pas le droit "quote show", il peut tout de même voir les devis qu'il gère.
  150.      *
  151.      * @return bool
  152.      */
  153.     private function canAccessQuote(): bool
  154.     {
  155.         return true;
  156.     }
  157. }