src/Security/Voter/PageVoter.php line 12

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter;
  5. use App\Config;
  6. use App\Entity\BackUser;
  7. use App\Entity\Page;
  8. use App\Utils\VoterHelper;
  9. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  10. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  12. class PageVoter extends Voter
  13. {
  14.     private const SEE_FRONT     'see-front';
  15.     private const SEE           'see';
  16.     private const EDIT          'edit';
  17.     private const PAGE_COMPOSER 'page-composer';
  18.     private const TRASH         'trash';
  19.     private const DELETE        'delete';
  20.     private const DRAFT         'draft';
  21.     private const SUBMIT        'submit';
  22.     private const PUBLISH       'publish';
  23.     private const UN_PUBLISH    'un-publish';
  24.     private const ARCHIVE       'archive';
  25.     private const PREVIEW       'preview';
  27.     /**
  28.      * PageVoter constructor.
  29.      */
  30.     public function __construct()
  31.     {
  32.     }
  34.     protected function supports(string $attributemixed $subject): bool
  35.     {
  36.         return $subject instanceof Page && in_array($attribute, [self::SEE_FRONTself::SEEself::EDITself::PAGE_COMPOSERself::TRASHself::DELETEself::DRAFTself::SUBMITself::PUBLISHself::UN_PUBLISHself::ARCHIVEself::PREVIEW], true);
  37.     }
  39.     protected function voteOnAttribute(string $attributemixed $subjectTokenInterface $token): bool
  40.     {
  41.         $user $token->getUser();
  42.         // the user must be logged in; if not, deny permission
  43.         if (!$user instanceof BackUser && self::SEE_FRONT != $attribute) {
  44.             return false;
  45.         }
  47.         switch ($attribute) {
  48.             case self::SEE_FRONT:
  49.                 if (!$subject->isVisible()) {
  50.                     return false;
  51.                 }
  52.                 break;
  53.             case self::PAGE_COMPOSER:
  54.                 if (Config::isTemplateLocked($subject->getTemplate())) {
  55.                     return false;
  56.                 }
  57.                 break;
  58.             case self::TRASH:
  59.                 if (!$subject->isMulti()) {
  60.                     return false;
  61.                 }
  62.                 break;
  63.             case self::DELETE:
  64.                 if (!$subject->isMulti() || Page::STATUS_TRASH != $subject->getStatus()) {
  65.                     return false;
  66.                 }
  67.                 break;
  68.         }
  70.         return VoterHelper::voteOnAttribute($attribute$subject$token'page');
  71.     }
  72. }