src/Uniski/CommerceBundle/Security/BookingVoter.php line 10

Open in your IDE?
  1. <?php
  2. // src/CommerceBundle/Security/MaterialVoter.php
  3. namespace Uniski\CommerceBundle\Security;
  5. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  6. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  7. use Uniski\CommerceBundle\Entity\Booking;
  8. use Uniski\UserBundle\Entity\User;
  10. class BookingVoter extends Voter
  11. {
  12.     // these strings are just invented: you can use anything
  13.     const CANCEL        'cancel';
  14.     const VIEW          'view';
  15.     const PAY           'pay';
  16.     const APPLY_CANCEL  'apply_cancel';
  19.     protected function supports($attribute$subject)
  20.     {
  21.         // if the attribute isn't one we support, return false
  22.         if (!in_array($attribute, array(
  23.             self::CANCELself::VIEWself::PAYself::APPLY_CANCEL))) {
  24.             return false;
  25.         }
  27.         // only vote on Booking objects inside this voter
  28.         if (!$subject instanceof Booking) {
  29.             return false;
  30.         }
  32.         return true;
  33.     }
  35.     protected function voteOnAttribute($attribute$bookingTokenInterface $token)
  36.     {
  37.         $user $token->getUser();
  39.         if (!$user instanceof User) {
  40.             // the user must be logged in; if not, deny access
  41.             return false;
  42.         }
  44.         switch($attribute) {
  45.             case self::CANCEL:
  46.                 return $this->canCancel($booking$user);
  47.             case self::VIEW:
  48.                 return $this->canView($booking$user);
  49.             case self::PAY:
  50.                 return $this->canPay($booking$user);
  51.             case self::APPLY_CANCEL:
  52.                 return $this->canApplyCancel($booking$user);
  53.         }
  55.         throw new \LogicException('This code should not be reached!');
  56.     }
  58.     private function canCancel(Booking $bookingUser $user)
  59.     {
  60.         if (( $user->hasRole('ROLE_ADMIN') ||
  61.                $user->hasRole('ROLE_SALESMAN') ) &&
  62.              $booking->getStatus() != Booking::STATUS_DELETED) return true;
  64.         return $booking->getStatus() == Booking::STATUS_PRE_BOOKED &&
  65.                $booking->getUser()->getId() == $user->getId();
  66.     }
  68.     private function canApplyCancel(Booking $bookingUser $user)
  69.     {
  70.         if (( $user->hasRole('ROLE_ADMIN') ||
  71.               $user->hasRole('ROLE_SALESMAN') ) &&
  72.             $booking->getStatus() != Booking::STATUS_DELETED) return true;
  74.         return ($booking->getStatus() == Booking::STATUS_PAYED ||
  75.                 $booking->getStatus() == Booking::STATUS_HALF_PAYED) &&
  76.                $booking->getDateIn() > new \DateTime() &&
  77.                $booking->getUser()->getId() == $user->getId();
  78.     }
  81.     private function canView(Booking $bookingUser $user)
  82.     {
  83.         if ( $user->hasRole('ROLE_ADMIN') ||
  84.              $user->hasRole('ROLE_SALESMAN'))  return true;
  85.         else return $booking->getUser()->getId() == $user->getId();
  86.     }
  88.     private function canPay(Booking $bookingUser $user)
  89.     {
  90.         if ( $booking->getUser()->getId() != $user->getId() ) return false;
  92.         return $booking->getStatus() == Booking::STATUS_PENDING ||
  93.                $booking->getStatus() == Booking::STATUS_HALF_PAYED;
  94.     }
  96. }