src/Security/RevueManagement/NumeroEditVoter.php line 18

Open in your IDE?
  1. <?php
  3. namespace App\Security\RevueManagement;
  5. use App\Entity\RevueManagement\Numero;
  6. use Symfony\Contracts\Translation\TranslatorInterface;
  7. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  8. use Symfony\Component\HttpFoundation\RedirectResponse;
  9. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  10. use Symfony\Component\HttpKernel\Event\ResponseEvent;
  11. use Symfony\Component\HttpKernel\KernelEvents;
  12. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  13. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  14. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  15. use Symfony\Component\Security\Core\Security;
  16. use Symfony\Component\Security\Core\User\UserInterface;
  18. class NumeroEditVoter extends Voter
  19. {
  20.     private Security $security;
  21.     private SessionInterface $session;
  22.     private TranslatorInterface $translator;
  23.     private EventDispatcherInterface $dispatcher;
  24.     private $url null;
  25.     private UrlGeneratorInterface $router;
  27.     public function __construct(Security $securitySessionInterface $sessionTranslatorInterface $translatorUrlGeneratorInterface $routerEventDispatcherInterface $dispatcher)
  28.     {
  29.         $this->security $security;
  30.         $this->session $session;
  31.         $this->translator $translator;
  32.         $this->dispatcher $dispatcher;
  33.         $this->router $router;
  34.     }
  36.     protected function supports($attribute$subject)
  37.     {
  38.         return \in_array($attribute, ['NUMERO_EDIT'], true)
  39.             && $subject instanceof Numero;
  40.     }
  42.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token)
  43.     {
  44.         switch ($attribute) {
  45.             case 'NUMERO_EDIT':
  46.                 return $this->canEdit($subject$token);
  47.         }
  49.         throw new \LogicException('This code should not be reached!');
  50.     }
  52.     private function canEdit(Numero $numeroTokenInterface $token): bool
  53.     {
  54.         $user $token->getUser();
  55.         // if the user is anonymous, do not grant access
  56.         if (!$user instanceof UserInterface) {
  57.             return false;
  58.         } elseif ($this->security->isGranted('ROLE_GESTION_NUMEROS')) {
  59.             if ($numero->getState() == Numero::PUBLISHED || $numero->getState() == Numero::CONTROLLED ) {
  60.                 $this->session->getFlashBag()->add('error'$this->translator->trans('numero.have_published'));
  61.                 $this->url $this->router->generate('admin_numero_show', ['id'=> $numero->getId()]);                
  62.                 $this->dispatcher->addListener(KernelEvents::RESPONSE, [$this'onKernelResponse']);                 
  63.                 return false;
  64.             }            
  65.             return true;
  66.         }
  68.         return false;
  69.     }
  70.    
  71.     public function onKernelResponse(ResponseEvent $event)
  72.     {
  73.         $response = new RedirectResponse($this->url);
  74.         $event->setResponse($response);
  75.     }     
  76. }