Symfony Profiler

<?php
//------------------------------------------------------------------------------
// src/Security/TakeoutVoter.php
//------------------------------------------------------------------------------
namespace App\Security;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Doctrine\Persistence\ManagerRegistry;
use App\Entity\Access;
use App\Entity\Config\Config;
use App\Entity\Config\Module;
use App\Entity\HR\AccessFunction;
use App\Entity\Security\Acl;
use App\Entity\Security\AclPermission;
use App\Services\Config\ModuleTools;
class TakeoutVoter extends Voter
{
//--------------------------------------------------------------------------------
// is_granted constants
const IS_ACTIVE = "takeout_is_active";
const ALLOW_TAKEOUT = "allow_takeout";
const IS_GRANTED_CONSTANTS = array(
self::IS_ACTIVE,
self::ALLOW_TAKEOUT,
);
//--------------------------------------------------------------------------------
// acl constants
const ACL_ALLOW_TAKEOUT = "takeout";
//--------------------------------------------------------------------------------
public function __construct(ManagerRegistry $doctrine, ModuleTools $moduleTools)
{
$this->em = $doctrine->getManager();
$this->moduleTools = $moduleTools;
$this->aclRepository = $this->em->getRepository(Acl::class);
$this->aclPermissionRepository = $this->em->getRepository(AclPermission::class);
}
// Plan.io Task #4453 [See AccessVoter for details]
public function supportsAttribute(string $attribute): bool
{
return in_array($attribute, self::IS_GRANTED_CONSTANTS, true);
}
protected function supports(string $attribute, $subject = null): bool
{
// if the attribute isn't one we support, return false
if (!in_array($attribute, self::IS_GRANTED_CONSTANTS))
{
return false;
}
return true;
}
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{
$user = $token->getUser();
if (!$user instanceof Access)
{
// the user must be logged in; if not, deny access
return false;
}
// The user must have a function; if not deny access
$function = $user->getFunction();
if ($function === null) return false;
// Plan.io Task #3710 : Get current group
$currentGroup = $user->getSocietyGroup();
if ($currentGroup === null)
return false;
// Module activated ?
if ($this->moduleTools->isInactiveByCode($currentGroup, Module::MODULE_TAKEOUT))
{
return false;
}
switch ($attribute)
{
case self::IS_ACTIVE:
return true;
case self::ALLOW_TAKEOUT:
return $this->allowTakeout($user, $function);
}
throw new \LogicException('This code should not be reached!');
}
private function allowTakeout(Access $user, AccessFunction $function)
{
// Get Acl_Permission
$aclPerm = $this->aclPermissionRepository->findOneByName(self::ACL_ALLOW_TAKEOUT);
if ($aclPerm === null) return false;
// Get Acl
$acl = $this->aclRepository->findOneBy(array(
'function' => $function,
'permission' => $aclPerm
));
if ($acl === null) return false;
// Since only one acl type can exist
// we can return the result of the acl_permission
return $acl->getValue();
}
}

src/Security/TakeoutVoter.php line 19