<?php/*** Copyright (C) SUEZ Smart Solutions - All Rights Reserved* On’Connect Gateway Management, 2018* Unauthorized copying of this file, via any medium is strictly prohibited* Proprietary and confidential* For the full copyright and license information, please report to the LICENSE CONTRACT.*/namespace TSMS\TradeBundle\Security\Voter;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;use TSMS\CoreBundle\Entity\User;/** * Class CanEditDeleteFileVoter. */class CanEditDeleteFileVoter implements VoterInterface{ const DOCUMENT_CAN_EDIT_DELETE_FILE = 'DOCUMENT_CAN_EDIT_DELETE_FILE'; /** * {@inheritdoc} */ public function supportsAttribute($attribute) { return in_array($attribute, [self::DOCUMENT_CAN_EDIT_DELETE_FILE]); } /** * {@inheritdoc} */ public function supportsClass($class) { $supportedClass = 'TSMS\TradeBundle\Entity\File'; return $supportedClass === $class || is_subclass_of($class, $supportedClass); } /** * @param TokenInterface $token * @param $file * @param array $attributes * * @return int */ public function vote(TokenInterface $token, $file, array $attributes) { // If $file is no a file, skip. if (null === $file) { return VoterInterface::ACCESS_ABSTAIN; } if (!$this->supportsClass(get_class($file))) { return VoterInterface::ACCESS_ABSTAIN; } /** @var User $user */ $user = $token->getUser(); // If user is super-administrator, deletion is granted if ($user->hasRole('ROLE_ADMIN_TSMS') || $user->hasRole('ROLE_ADMIN_PERIMETER')) { return VoterInterface::ACCESS_GRANTED; } $authorId = (int) $file->getMetadataValue('author_id'); // If current user authored document, deletion is granted if ($authorId === $user->getId()) { return VoterInterface::ACCESS_GRANTED; } // All other cases: deletion denied return VoterInterface::ACCESS_DENIED; }}