src/Security/Voter/Payment/BillingVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter\Payment;
  5. use App\Entity\Billing;
  6. use App\Entity\Member;
  7. use App\Entity\Webmaster;
  8. use App\Security\ApiUser;
  9. use App\Service\User\MemberOperatorService;
  10. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  13. class BillingVoter extends Voter
  14. {
  15.     public const READPDF 'billing_pdf';
  16.     public const LISTPDF 'billing_list_pdf';
  18.     protected function supports(string $attribute$subject): bool
  19.     {
  20.         return in_array($attribute, [
  21.             self::READPDF,
  22.             self::LISTPDF,
  23.         ], true);
  24.     }
  26.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  27.     {
  28.         $user $token->getUser();
  30.         if (!$user instanceof ApiUser) {
  31.             return false;
  32.         }
  33.         if ($user->getIsAdmin()) {
  34.             return true;
  35.         }
  37.         if (self::LISTPDF === $attribute) {
  38.             if ($subject instanceof Member) {
  39.                 return $subject->getIsAmateur() || $subject->getAccount()->hasWebmaster();
  40.             }
  41.             if ($subject instanceof Webmaster) {
  42.                 return $subject->getIsActive();
  43.             }
  45.             return false;
  46.         }
  48.         if (!$subject instanceof Billing) {
  49.             return false;
  50.         }
  52.         if ($subject->getWebmaster() && $user->getIsWebmaster()) {
  53.             $owningWmOfBill $subject->getWebmaster();
  55.             return $owningWmOfBill->getId() === $user->getWebmaster()->getId();
  56.         }
  58.         /*
  59.          * @var $subject Billing
  60.          */
  61.         if ($user->getIsAmateur() && !$user->getIsOperator()) {
  62.             $amateur $user->getMember();
  63.             $billingAmateur $subject->getAmateur();
  65.             return $amateur->getId() === $billingAmateur->getId();
  66.         }
  67.         if ($user->getIsOperator()) {
  68.             if ($billingAmateur $subject->getAmateur()) {
  69.                 return MemberOperatorService::isMemberOperatedByUser($billingAmateur$user);
  70.             }
  71.             if ($billingWm $subject->getWebmaster()) {
  72.                 $owningMember $billingWm->getAccount()->getMember();
  74.                 return MemberOperatorService::isMemberOperatedByUser($owningMember$user);
  75.             }
  76.         }
  78.         return false;
  79.     }
  80. }