src/Security/Voter/CRM/CRMAccessVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace App\Security\Voter\CRM;
  5. use App\Data\RoleConstant;
  6. use App\Entity\User;
  7. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  8. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  10. /**
  11.  * @extends Voter<string, mixed>
  12.  */
  13. class CRMAccessVoter extends Voter
  14. {
  15.     public const CRM_ACCESS 'crm_access';
  17.     public const ANONYMOUS_USER 'anon.';
  19.     protected function supports(string $attribute$subject): bool
  20.     {
  21.         return self::CRM_ACCESS === $attribute && null !== $subject;
  22.     }
  24.     protected function voteOnAttribute(string $attribute$subjectTokenInterface $token): bool
  25.     {
  26.         /** @var User|null $user */
  27.         $user $token->getUser();
  29.         if (!$user instanceof User) {
  30.             return false;
  31.         }
  33.         $userRoles $user->getRoles();
  34.         if (empty($userRoles)) {
  35.             return false;
  36.         }
  38.         switch ($subject) {
  39.             case RoleConstant::ROLE_SUPPORT:
  40.                 return $this->checkRoleInArray([
  41.                     RoleConstant::ROLE_SUPPORT,
  42.                     RoleConstant::ROLE_ADMIN_SUPPORT,
  43.                     RoleConstant::ROLE_ADMIN,
  44.                     RoleConstant::ROLE_SUPER_ADMIN,
  45.                 ], $userRoles);
  46.             case RoleConstant::ROLE_EDUCATEUR:
  47.                 return $this->checkRoleInArray([
  48.                     RoleConstant::ROLE_EDUCATEUR,
  49.                     RoleConstant::ROLE_ADMIN,
  50.                     RoleConstant::ROLE_SUPER_ADMIN,
  51.                 ], $userRoles);
  52.             case RoleConstant::ROLE_ADMIN_SUPPORT:
  53.                 return $this->checkRoleInArray([
  54.                     RoleConstant::ROLE_ADMIN_SUPPORT,
  55.                     RoleConstant::ROLE_ADMIN,
  56.                     RoleConstant::ROLE_SUPER_ADMIN,
  57.                 ], $userRoles);
  58.             case RoleConstant::ROLE_TRADER:
  59.                 return $this->checkRoleInArray([
  60.                     RoleConstant::ROLE_TRADER,
  61.                     RoleConstant::ROLE_ADMIN,
  62.                     RoleConstant::ROLE_SUPER_ADMIN,
  63.                 ], $userRoles);
  64.             case RoleConstant::ROLE_ADMIN:
  65.                 return $this->checkRoleInArray([
  66.                     RoleConstant::ROLE_ADMIN,
  67.                     RoleConstant::ROLE_SUPER_ADMIN,
  68.                 ], $userRoles);
  69.             case RoleConstant::ROLE_SUPER_ADMIN:
  70.                 return $this->checkRoleInArray([
  71.                     RoleConstant::ROLE_SUPER_ADMIN,
  72.                 ], $userRoles);
  73.         }
  75.         return false;
  76.     }
  78.     /**
  79.      * @param string[] $rolesToCheck
  80.      * @param string[] $userRoles
  81.      */
  82.     private function checkRoleInArray(
  83.         array $rolesToCheck,
  84.         array $userRoles
  85.     ): bool {
  86.         foreach ($rolesToCheck as $roleToCheck) {
  87.             if (in_array($roleToCheck$userRolestrue)) {
  88.                 return true;
  89.             }
  90.         }
  92.         return false;
  93.     }
  94. }