src/Security/Voter/EcohortVoter.php line 12

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Entity\Study;
  6. use App\Entity\Survey;
  7. use App\Entity\User;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. use Symfony\Component\Security\Core\Security;
  12. class EcohortVoter extends Voter
  13. {
  14. const ECOHORT_MANAGE = 'ECOHORT_MANAGE';
  15. /**
  16. * @var Security
  17. */
  18. private $security;
  20. /**
  21. * UserVoter constructor.
  22. * @param Security $security
  23. */
  24. public function __construct(Security $security)
  25. {
  26. $this->security = $security;
  27. }
  29. protected function supports($attribute, $subject)
  30. {
  31. return in_array($attribute, [self::ECOHORT_MANAGE])
  32. && ($subject instanceof Study || $subject instanceof Survey);
  33. }
  35. protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
  36. {
  37. /** @var User $user */
  38. $user = $token->getUser();
  40. // if the user is anonymous, do not grant access
  41. if (!$user instanceof User) {
  42. return false;
  43. }
  45. // if the user is anonymous, do not grant access
  46. if (!in_array('ROLE_ADMIN', $user->getRoles()) || !in_array('ROLE_ECITY', $user->getRoles())) {
  47. return false;
  48. }
  49. // get user permissions
  50. $permissions = $user->getPermissions();
  52. if( !is_array($permissions) ) {
  53. return false;
  54. }
  56. switch ($attribute) {
  57. case self::ECOHORT_MANAGE:
  58. if (in_array('ECOHORT_MANAGE', $permissions)) {
  59. return true;
  60. }
  61. break;
  62. }
  64. return false;
  65. }
  66. }