<?php
namespace App\Security\Voter\Purchase;
use App\Entity\Purchase\PurchaseRequest;
use App\Entity\Security\User;
use Symfony\Component\HttpFoundation\Session\SessionInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\User\UserInterface;
class PurchaseOrderVoter extends Voter
{
private $session;
public function __construct(SessionInterface $session)
{
$this->session = $session;
}
protected function supports($attribute, $subject)
{
// replace with your own logic
// https://symfony.com/doc/current/security/voters.html
if (!in_array($attribute, [
'ROLE_PURCHASE_ORDER_CREATE',
'ROLE_PURCHASE_ORDER_VIEW',
'ROLE_PURCHASE_ORDER_EDIT',
'ROLE_PURCHASE_ORDER_ENABLE',
'ROLE_PURCHASE_ORDER_DISABLE',
'ROLE_PURCHASE_ORDER_DELETE',
'ROLE_PURCHASE_ORDER_ARCHIVE',
'ROLE_PURCHASE_ORDER_NOT_ARCHIVE',
'ROLE_PURCHASE_ORDER_VALIDATE',
'ROLE_PURCHASE_ORDER_REJECTED',
'ROLE_PURCHASE_ORDER_REVERSE',
'ROLE_PURCHASE_ORDER_GENERATE',
'ROLE_PURCHASE_ORDER_DUPLICATE',
'ROLE_PURCHASE_ORDER_DELIVERY',
'ROLE_PURCHASE_ORDER_RECEPTION',
'ROLE_PURCHASE_ORDER_INVOICE'])) {
return false;
}
// only vote on `Activity` objects
if (!$subject instanceof PurchaseRequest) {
return false;
}
return true;
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
// ... (check conditions and return true to grant permission) ...
switch ($attribute) {
case 'ROLE_PURCHASE_ORDER_CREATE':
return $this->canCreate();
break;
case 'ROLE_PURCHASE_ORDER_VIEW':
return $this->canView();
break;
case 'ROLE_PURCHASE_ORDER_EDIT':
return $this->canEdit($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_ENABLE':
return $this->canEnable($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_DISABLE':
return $this->canDisable($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_DELETE':
return $this->canDelete($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_ARCHIVE':
return $this->canArchive($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_NOT_ARCHIVE':
return $this->canNotArchive($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_VALIDATE':
return $this->canValidate($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_REJECTED':
return $this->canReject($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_REVERSE':
return $this->canReverse($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_DUPLICATE':
return $this->canDuplicate($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_DELIVERY':
return $this->canDelivery($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_RECEPTION':
return $this->canReception($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_GENERATE':
return $this->canGenerate($subject, $user);
break;
case 'ROLE_PURCHASE_ORDER_INVOICE':
return $this->canInvoice($subject, $user);
break;
}
return false;
}
private function canCreate()
{
if (in_array('ROLE_PURCHASE_ORDER_CREATE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canView()
{
if (in_array('ROLE_PURCHASE_ORDER_VIEW', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canEdit(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_EDIT', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canEnable(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_ENABLE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canDisable(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_DISABLE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canDelete(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_DELETE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canArchive(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_ARCHIVE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canNotArchive(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_NOT_ARCHIVE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canValidate(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_VALIDATE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canReject(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_REJECTED', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canReverse(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_REVERSE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canDuplicate(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_DUPLICATE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canDelivery(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_DELIVERY', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canReception(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_RECEPTION', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canGenerate(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_GENERATE', $this->session->get('privileges'))) {
return true;
}
return false;
}
private function canInvoice(PurchaseRequest $purchaseOrder, User $user)
{
if (in_array('ROLE_PURCHASE_ORDER_INVOICE', $this->session->get('privileges'))) {
return true;
}
return false;
}
}