src/FMT/Application/Voter/UserVoter.php line 15

Open in your IDE?
  1. <?php
  3. namespace FMT\Application\Voter;
  5. use FMT\Data\Entity\Campaign;
  6. use FMT\Data\Entity\User;
  7. use FOS\UserBundle\Model\UserInterface;
  8. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  9. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  11. /**
  12.  * Class UserVoter
  13.  * @package FMT\Application\Voter
  14.  */
  15. class UserVoter extends Voter
  16. {
  17.     const CAN_ADD_CAMPAIGN 'canAddCampaign';
  18.     const CAN_SHARE_FB 'canShareUserFB';
  19.     const CAN_SHARE_TW 'canShareUserTW';
  20.     const CAN_SEE_PRIVATE_ELEMENTS 'canSeePrivateElements';
  21.     const CAN_DELETE_ACCOUNT 'canDeleteAccount';
  22.     const CAN_EDIT_CAMPAIGN 'canEditCampaign';
  23.     const CAN_USE_SCHOOL 'canUseSchool';
  25.     const AVAILABLE_METHODS = [
  26.         self::CAN_ADD_CAMPAIGN,
  27.         self::CAN_SHARE_FB,
  28.         self::CAN_SHARE_TW,
  29.         self::CAN_SEE_PRIVATE_ELEMENTS,
  30.         self::CAN_DELETE_ACCOUNT,
  31.         self::CAN_EDIT_CAMPAIGN,
  32.         self::CAN_USE_SCHOOL,
  33.     ];
  35.     /**
  36.      * @param string $attribute
  37.      * @param mixed $subject
  38.      * @return bool
  39.      * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  40.      */
  41.     protected function supports($attribute$subject)
  42.     {
  43.         if (!in_array($attributeself::AVAILABLE_METHODS)) {
  44.             return false;
  45.         }
  47.         return true;
  48.     }
  50.     /**
  51.      * @param string $attribute
  52.      * @param mixed $subject
  53.      * @param TokenInterface $token
  54.      * @return bool
  55.      * @SuppressWarnings(PHPMD.UnusedFormalParameter)
  56.      */
  57.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  58.     {
  59.         /** @var User $user */
  60.         $user $token->getUser();
  61.         if (!$subject instanceof User) {
  62.             return false;
  63.         }
  65.         if (method_exists($this$attribute)) {
  66.             return $this->$attribute($subject$user);
  67.         }
  69.         return false;
  70.     }
  72.     /**
  73.      * @param User $owner
  74.      * @param User|string $currentUser
  75.      * @return bool
  76.      */
  77.     protected function canAddCampaign(User $owner$currentUser)
  78.     {
  79.         $isSchoolActive $owner->isStudent() && $owner->getProfile()->getSchool()->isActive();
  80.         // to prevent more than one campaign add this to return:  && !$owner->hasFinishedCampaign()
  81.         return $owner === $currentUser && !$owner->hasUnfinishedCampaign() && $isSchoolActive;
  82.     }
  84.     /**
  85.      * @param User $owner
  86.      * @return bool
  87.      */
  88.     protected function canShareUserFB(User $owner)
  89.     {
  90.         $profile $owner->getProfile();
  92.         return $profile->isVisibleForAll() && $profile->isFacebook();
  93.     }
  95.     /**
  96.      * @param User $owner
  97.      * @return bool
  98.      */
  99.     protected function canShareUserTW(User $owner)
  100.     {
  101.         $profile $owner->getProfile();
  103.         return $profile->isVisibleForAll() && $profile->isTwitter();
  104.     }
  106.     /**
  107.      * @param User $owner
  108.      * @param User|string $currentUser
  109.      * @return bool
  110.      */
  111.     protected function canSeePrivateElements(User $owner$currentUser)
  112.     {
  113.         return $owner === $currentUser;
  114.     }
  116.     /**
  117.      * @param UserInterface $user
  118.      * @return bool
  119.      */
  120.     protected function canDeleteAccount(UserInterface $user)
  121.     {
  122.         $campaign $user->getUnfinishedCampaign();
  123.         if (null === $campaign) {
  124.             return true;
  125.         }
  127.         return !$campaign->isPositiveBalance();
  128.     }
  130.     /**
  131.      * @param Campaign $campaign
  132.      * @param User|string $user
  133.      * @return bool
  134.      */
  135.     protected function canEditCampaign(User $currentUser$user)
  136.     {
  137.         $isSchoolActive $user->isStudent() && $user->getProfile()->getSchool()->isActive();
  139.         return $user === $currentUser && $currentUser->getUnfinishedCampaign() && $isSchoolActive;
  140.     }
  142.     protected function canUseSchool(User $ownerCampaign $campaign)
  143.     {
  144.         return $campaign->getSchool()->isActive();
  145.     }
  146. }