initial commit
This commit is contained in:
@@ -0,0 +1,76 @@
|
||||
<?php
|
||||
namespace App\Security;
|
||||
|
||||
use App\Entity\User;
|
||||
use Symfony\Bundle\SecurityBundle\Security;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
class ClientsVoter extends Voter
|
||||
{
|
||||
const VIEW = "clientView";
|
||||
const ADD = "clientAdd";
|
||||
const EDIT = "clientEdit";
|
||||
const DELETE = "clientDelete";
|
||||
|
||||
public function __construct(readonly private Security $security)
|
||||
{
|
||||
}
|
||||
|
||||
protected function supports(string $attribute, mixed $subject): bool
|
||||
{
|
||||
if (!in_array($attribute, [self::VIEW, self::EDIT, self::ADD, self::DELETE])) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
|
||||
{
|
||||
$user = $token->getUser();
|
||||
if (!$user instanceof User) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return match ($attribute) {
|
||||
self::VIEW => $this->canView(),
|
||||
self::ADD => $this->canAdd(),
|
||||
self::EDIT => $this->canEdit(),
|
||||
self::DELETE => $this->canDelete(),
|
||||
};
|
||||
}
|
||||
|
||||
private function canView() : bool
|
||||
{
|
||||
if ($this->canAdd()) {
|
||||
return true;
|
||||
}
|
||||
return $this->security->isGranted('ROLE_CLIENT_VIEW');
|
||||
}
|
||||
private function canAdd() : bool
|
||||
{
|
||||
if ($this->canAll()){
|
||||
return true;
|
||||
}
|
||||
return $this->security->isGranted('ROLE_CLIENT_ADD');
|
||||
}
|
||||
// TODO: implement
|
||||
private function canEdit() : bool
|
||||
{
|
||||
return $this->canAdd();
|
||||
}
|
||||
|
||||
private function canDelete() : bool
|
||||
{
|
||||
if ($this->canAll()){
|
||||
return true;
|
||||
}
|
||||
return $this->security->isGranted('ROLE_CLIENT_DELETE');
|
||||
}
|
||||
|
||||
private function canAll() : bool
|
||||
{
|
||||
return $this->security->isGranted('ROLE_ACCESS_ALL');
|
||||
}
|
||||
}
|
||||
//HqmN6Egol5o_K5nY
|
||||
@@ -0,0 +1,57 @@
|
||||
<?php
|
||||
namespace App\Security;
|
||||
|
||||
use App\Entity\User;
|
||||
use Symfony\Bundle\SecurityBundle\Security;
|
||||
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
|
||||
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
|
||||
|
||||
class ReportsVoter extends Voter
|
||||
{
|
||||
const VIEW = 'reportView';
|
||||
const EDIT = 'reportEdit';
|
||||
|
||||
public function __construct(private readonly Security $security)
|
||||
{
|
||||
}
|
||||
protected function supports(string $attribute, mixed $subject): bool
|
||||
{
|
||||
if (!in_array($attribute, [self::VIEW, self::EDIT])) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
|
||||
{
|
||||
$user = $token->getUser();
|
||||
if (!$user instanceof User) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return match ($attribute) {
|
||||
self::EDIT => $this->canEdit(),
|
||||
self::VIEW => $this->canView(),
|
||||
};
|
||||
}
|
||||
|
||||
private function canEdit(): bool
|
||||
{
|
||||
if ($this->canAll()){
|
||||
return true;
|
||||
}
|
||||
return $this->security->isGranted("ROLE_REPORT_EDIT");
|
||||
}
|
||||
private function canView(): bool
|
||||
{
|
||||
if ($this->canEdit()) {
|
||||
return true;
|
||||
}
|
||||
return $this->security->isGranted("ROLE_REPORT_VIEW");
|
||||
}
|
||||
|
||||
private function canAll() : bool
|
||||
{
|
||||
return $this->security->isGranted('ROLE_ACCESS_ALL');
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user