Angel Fernando Quiroz Campos
2 months ago
parent
4a79e1debb
commit
26e375f460
@ -0,0 +1,75 @@ |
|||||||
|
<?php |
||||||
|
|
||||||
|
/* For licensing terms, see /license.txt */ |
||||||
|
|
||||||
|
declare(strict_types=1); |
||||||
|
|
||||||
|
namespace Chamilo\CoreBundle\Security\Authorization\Voter; |
||||||
|
|
||||||
|
use Chamilo\CoreBundle\Entity\TrackEAttemptQualify; |
||||||
|
use Chamilo\CoreBundle\Entity\User; |
||||||
|
use Chamilo\CoreBundle\ServiceHelper\IsAllowedToEditHelper; |
||||||
|
use Symfony\Bundle\SecurityBundle\Security; |
||||||
|
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; |
||||||
|
use Symfony\Component\Security\Core\Authorization\Voter\Voter; |
||||||
|
use Symfony\Component\Security\Core\User\UserInterface; |
||||||
|
|
||||||
|
/** |
||||||
|
* @extends Voter<'VIEW', TrackEAttemptQualify> |
||||||
|
*/ |
||||||
|
class TrackEAttemptQualifyVoter extends Voter |
||||||
|
{ |
||||||
|
public const VIEW = 'VIEW'; |
||||||
|
|
||||||
|
public function __construct( |
||||||
|
private readonly Security $security, |
||||||
|
private readonly IsAllowedToEditHelper $isAllowedToEditHelper, |
||||||
|
) {} |
||||||
|
|
||||||
|
/** |
||||||
|
* @inheritDoc |
||||||
|
*/ |
||||||
|
protected function supports(string $attribute, mixed $subject): bool |
||||||
|
{ |
||||||
|
$allowed = [ |
||||||
|
self::VIEW, |
||||||
|
]; |
||||||
|
|
||||||
|
return $subject instanceof TrackEAttemptQualify && \in_array($attribute, $allowed); |
||||||
|
} |
||||||
|
|
||||||
|
/** |
||||||
|
* @inheritDoc |
||||||
|
*/ |
||||||
|
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool |
||||||
|
{ |
||||||
|
$user = $token->getUser(); |
||||||
|
|
||||||
|
if (!$user instanceof UserInterface) { |
||||||
|
return false; |
||||||
|
} |
||||||
|
|
||||||
|
if ($this->security->isGranted('ROLE_ADMIN')) { |
||||||
|
return true; |
||||||
|
} |
||||||
|
|
||||||
|
assert($user instanceof User); |
||||||
|
assert($subject instanceof TrackEAttemptQualify); |
||||||
|
|
||||||
|
$trackExercise = $subject->getTrackExercise(); |
||||||
|
$session = $trackExercise->getSession(); |
||||||
|
$course = $trackExercise->getCourse(); |
||||||
|
|
||||||
|
$isAllowedToEdit = $this->isAllowedToEditHelper->check(false, true, false, true, $course, $session) || $user->isCourseTutor(); |
||||||
|
|
||||||
|
if ($isAllowedToEdit) { |
||||||
|
return true; |
||||||
|
} |
||||||
|
|
||||||
|
if ($trackExercise->getUser()->getId() === $user->getId()) { |
||||||
|
return true; |
||||||
|
} |
||||||
|
|
||||||
|
return false; |
||||||
|
} |
||||||
|
} |
||||||
Loading…
Reference in new issue