<?php
/**
* Copyright (C) SUEZ Smart Solutions - All Rights Reserved
* On’Connect Gateway Management, 2018
* Unauthorized copying of this file, via any medium is strictly prohibited
* Proprietary and confidential
* For the full copyright and license information, please report to the LICENSE CONTRACT.
*/
namespace TSMS\TradeBundle\Security\Voter;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
use TSMS\CoreBundle\Entity\User;
/**
* Class CanEditDeleteFolderVoter.
*/
class CanEditDeleteFolderVoter implements VoterInterface
{
const DOCUMENT_CAN_EDIT_DELETE_FOLDER = 'DOCUMENT_CAN_EDIT_DELETE_FOLDER';
/**
* {@inheritdoc}
*/
public function supportsAttribute($attribute)
{
return in_array($attribute, [self::DOCUMENT_CAN_EDIT_DELETE_FOLDER]);
}
/**
* {@inheritdoc}
*/
public function supportsClass($class)
{
$supportedClass = 'TSMS\TradeBundle\Entity\DocumentFolder';
return $supportedClass === $class || is_subclass_of($class, $supportedClass);
}
/**
* @param TokenInterface $token
* @param $folder
* @param array $attributes
*
* @return int
*/
public function vote(TokenInterface $token, $folder, array $attributes)
{
if (null === $folder) {
return VoterInterface::ACCESS_ABSTAIN;
}
// If $file is no a file, skip.
if (!$this->supportsClass(get_class($folder))) {
return VoterInterface::ACCESS_ABSTAIN;
}
if ($folder->getParentId() === 0) {
return VoterInterface::ACCESS_DENIED;
}
/** @var User $user */
$user = $token->getUser();
// If user is super-administrator, deletion is granted
if ($user->hasRole('ROLE_ADMIN_TSMS') || $user->hasRole('ROLE_ADMIN_PERIMETER')) {
return VoterInterface::ACCESS_GRANTED;
}
$authorId = $folder->getMetadataValue('author_id');
if ((int) $authorId === $user->getId()) {
return VoterInterface::ACCESS_GRANTED;
}
return VoterInterface::ACCESS_DENIED;
}
}