首頁 探索 說明
註冊 登入
Opentalent
/
ap2i
2
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
目錄樹: 527355a5f6
分支列表 標籤列表
ap2i
/
src
/
Security
/
ModuleVoter.php

ModuleVoter.php 3.0 KB
文件歷史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. <?php
    2. 

  2. declare(strict_types=1);
    3. 

  3. 

  4. namespace App\Security;
    5. 

  5. 

  6. use ApiPlatform\Core\Metadata\Resource\Factory\ResourceMetadataFactoryInterface;
    7. 

  7. use App\Entity\Access\Access;
    8. 

  8. use App\Entity\Organization\Organization;
    9. 

  9. use App\Service\Security\Module;
    10. 

  10. use Symfony\Component\HttpFoundation\Request;
    11. 

  11. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
    12. 

  12. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
    13. 

  13. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
    14. 

  14. use ApiPlatform\Core\Util\RequestAttributesExtractor;
    15. 

  15. 

  16. /**
    17. 

  17.  * Class ModuleVoter : permet d'assurer que la resource appelée est comprise dans l'un des modules de la structure
    18. 

  18.  * @package App\Security
    19. 

  19.  */
    20. 

  20. class ModuleVoter extends Voter
    21. 

  21. {
    22. 

  22.     private $resourceMetadataFactory;
    23. 

  23. 

  24.     const HAVING_MODULE = 'IS_HAVING_MODULE';
    25. 

  25. 

  26.     private $module;
    27. 

  27. 

  28.     public function __construct(Module $module, ResourceMetadataFactoryInterface $resourceMetadataFactory)
    29. 

  29.     {
    30. 

  30.         $this->module = $module;
    31. 

  31.         $this->resourceMetadataFactory = $resourceMetadataFactory;
    32. 

  32.     }
    33. 

  33. 

  34.     /**
    35. 

  35.      * @inheritDoc
    36. 

  36.      */
    37. 

  37.     protected function supports(string $attribute, $subject)
    38. 

  38.     {
    39. 

  39.         if (!in_array($attribute, [self::HAVING_MODULE])) {
    40. 

  40.             return false;
    41. 

  41.         }
    42. 

  42.         return true;
    43. 

  43.     }
    44. 

  44. 

  45.     /**
    46. 

  46.      * @param string $attribute
    47. 

  47.      * @param mixed $subject
    48. 

  48.      * @param TokenInterface $token
    49. 

  49.      * @return bool
    50. 

  50.      * @throws \ApiPlatform\Core\Exception\ResourceClassNotFoundException
    51. 

  51.      */
    52. 

  52.     protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
    53. 

  53.     {
    54. 

  54.         if (!$subject->attributes->get('_api_resource_class') || !$resourceMetadata = $this->resourceMetadataFactory->create($subject->attributes->get('_api_resource_class'))) {
    55. 

  55.             throw new AccessDeniedHttpException(sprintf('Missing resource class'));
    56. 

  56.         }
    57. 

  57. 

  58.         $module = $this->module->getModuleByResourceName($resourceMetadata->getShortName());
    59. 

  59. 

  60.         //Check if there is a module for this entity : eq configuration problem
    61. 

  61.         if (null === $module) {
    62. 

  62.             throw new AccessDeniedHttpException(sprintf('There no module for the entity (%s) !', $resourceMetadata->getShortName()));
    63. 

  63.         }
    64. 

  64. 

  65.         /** @var Access $currentAccess */
    66. 

  66.         $currentAccess = $token->getUser();
    67. 

  67.         /** @var Organization $organization */
    68. 

  68.         $organization = $currentAccess->getOrganization();
    69. 

  69. 

  70.         return $this->isOrganizationHaveThisModule($organization, $module);
    71. 

  71.     }
    72. 

  72. 

  73.     /**
    74. 

  74.      * Test si l'organisation possède le module parmis les modules possédés via le produit souscrit, les options souscrites
    75. 

  75.      * ou les modules possédées via des conditions particulières (isCmf par exemple)
    76. 

  76.      *
    77. 

  77.      * @param Organization $organization
    78. 

  78.      * @param string $module
    79. 

  79.      * @return bool
    80. 

  80.      */
    81. 

  81.     private function isOrganizationHaveThisModule(Organization $organization, string $module): bool{
    82. 

  82.         $organizationModules = $this->module->getOrganizationModules($organization);
    83. 

  83.         return in_array($module, $organizationModules);
    84. 

  84.     }
    85. 

  85. }
    86.