src/Security/Voter/ModeratorVoter.php line 19

Open in your IDE?
  1. <?php
  2. /*
  3.  * @since 1.0.0
  4.  * @copyright Copyright (C) 2020 ArtMedia. All rights reserved.
  5.  * @website http://artmedia.biz.pl
  6.  * @author Arkadiusz Tobiasz
  7.  * @email kontakt@artmedia.biz.pl
  8.  */
  9. namespace App\Security\Voter;
  10. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  12. use Symfony\Component\Security\Core\Security;
  13. use Symfony\Component\Security\Core\User\UserInterface;
  14. use App\Settings\SettingsManager;
  15. use Doctrine\ORM\EntityManagerInterface;
  16. class ModeratorVoter extends Voter
  17. {
  18.     private $security;
  19.     private $settingsManager;
  20.     public function __construct(
  21.         Security $security,
  22.         SettingsManager $settingsManager
  23.     )
  24.     {
  25.         $this->security $security;
  26.         $this->settingsManager $settingsManager;
  27.     }
  28.     protected function supports($attribute$subject)
  29.     {
  30.         $actions = [
  31.             SettingsManager::ADMIN_VIEW_PRIVATE_FIELDS,
  32.             SettingsManager::ADMIN_TOP_UP_BALANCE,
  33.             SettingsManager::ADMIN_EDIT_USER,
  34.             SettingsManager::ADMIN_EDIT_PROFILE,
  35.             SettingsManager::ADMIN_PAYOUTS,
  36.         ];
  37.         return in_array($attribute, ['ROLE_MODERATOR_PERMISSION'])
  38.             && (
  39.                 (is_array($subject) && count(array_intersect($subject$actions))) || 
  40.                 (is_string($subject) && in_array($subject$actions))
  41.             )
  42.         ;
  43.     }
  44.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  45.     {
  46.         $user $token->getUser();
  47.         // if the user is anonymous, do not grant access
  48.         if (!$user instanceof UserInterface) {
  49.             return false;
  50.         }
  51.         if (!is_array($subject)) {
  52.             $actions = [
  53.                 $subject,
  54.             ];
  55.         } else {
  56.             $actions $subject;
  57.         }
  58.         $configs $this->settingsManager->get($actionstrue);
  59.         $groups = [];
  60.         foreach ($configs as $item) {
  61.             $item json_decode($itemtrue);
  62.             if ($item) {
  63.                 $groups array_merge($groups$item);
  64.             }
  65.         }
  66.         if (!$groups) {
  67.             return false;
  68.         }
  69.         array_unique($groups);
  70.         // Allow if user match
  71.         return count($user->getGroups($groups)) ? true false;
  72.     }
  73. }