<?php/*** Copyright (C) SUEZ Smart Solutions - All Rights Reserved* On’Connect Gateway Management, 2018* Unauthorized copying of this file, via any medium is strictly prohibited* Proprietary and confidential* For the full copyright and license information, please report to the LICENSE CONTRACT.*/namespace TSMS\TradeBundle\Security\Voter;use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;use TSMS\CoreBundle\Entity\User;/** * Class CanEditDeleteFolderVoter. */class CanEditDeleteFolderVoter implements VoterInterface{ const DOCUMENT_CAN_EDIT_DELETE_FOLDER = 'DOCUMENT_CAN_EDIT_DELETE_FOLDER'; /** * {@inheritdoc} */ public function supportsAttribute($attribute) { return in_array($attribute, [self::DOCUMENT_CAN_EDIT_DELETE_FOLDER]); } /** * {@inheritdoc} */ public function supportsClass($class) { $supportedClass = 'TSMS\TradeBundle\Entity\DocumentFolder'; return $supportedClass === $class || is_subclass_of($class, $supportedClass); } /** * @param TokenInterface $token * @param $folder * @param array $attributes * * @return int */ public function vote(TokenInterface $token, $folder, array $attributes) { if (null === $folder) { return VoterInterface::ACCESS_ABSTAIN; } // If $file is no a file, skip. if (!$this->supportsClass(get_class($folder))) { return VoterInterface::ACCESS_ABSTAIN; } if ($folder->getParentId() === 0) { return VoterInterface::ACCESS_DENIED; } /** @var User $user */ $user = $token->getUser(); // If user is super-administrator, deletion is granted if ($user->hasRole('ROLE_ADMIN_TSMS') || $user->hasRole('ROLE_ADMIN_PERIMETER')) { return VoterInterface::ACCESS_GRANTED; } $authorId = $folder->getMetadataValue('author_id'); if ((int) $authorId === $user->getId()) { return VoterInterface::ACCESS_GRANTED; } return VoterInterface::ACCESS_DENIED; }}