<?php
/*
* @since 1.0.0
* @copyright Copyright (C) 2020 ArtMedia. All rights reserved.
* @website http://artmedia.biz.pl
* @author Arkadiusz Tobiasz
* @email kontakt@artmedia.biz.pl
*/
namespace App\Security\Voter;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Core\User\UserInterface;
use App\Settings\SettingsManager;
use Doctrine\ORM\EntityManagerInterface;
class ModeratorVoter extends Voter
{
private $security;
private $settingsManager;
public function __construct(
Security $security,
SettingsManager $settingsManager
)
{
$this->security = $security;
$this->settingsManager = $settingsManager;
}
protected function supports($attribute, $subject)
{
$actions = [
SettingsManager::ADMIN_VIEW_PRIVATE_FIELDS,
SettingsManager::ADMIN_TOP_UP_BALANCE,
SettingsManager::ADMIN_EDIT_USER,
SettingsManager::ADMIN_EDIT_PROFILE,
SettingsManager::ADMIN_PAYOUTS,
];
return in_array($attribute, ['ROLE_MODERATOR_PERMISSION'])
&& (
(is_array($subject) && count(array_intersect($subject, $actions))) ||
(is_string($subject) && in_array($subject, $actions))
)
;
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
if (!is_array($subject)) {
$actions = [
$subject,
];
} else {
$actions = $subject;
}
$configs = $this->settingsManager->get($actions, true);
$groups = [];
foreach ($configs as $item) {
$item = json_decode($item, true);
if ($item) {
$groups = array_merge($groups, $item);
}
}
if (!$groups) {
return false;
}
array_unique($groups);
// Allow if user match
return count($user->getGroups($groups)) ? true : false;
}
}