<?php
namespace App\Voter;
use App\Entity\Contenu\Actualite;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Security;
class ActualiteVoter extends Voter
{
// these strings are just invented: you can use anything
const EDIT = 'edit';
const VIEW = 'view';
private $security;
public function __construct(Security $security)
{
$this->security = $security;
}
protected function supports($attribute, $subject)
{
// if the attribute isn't one we support, return false
if (!in_array($attribute, array(self::VIEW, self::EDIT))) {
return false;
}
if (!$subject instanceof Actualite) {
return false;
}
return true;
}
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
switch ($attribute) {
case self::VIEW:
return $this->canView($subject, $user);
case self::EDIT:
return $this->canEdit($subject, $user);
}
throw new \LogicException('This code should not be reached!');
}
private function canView(Actualite $actualite, $user)
{
if ($this->security->isGranted(['ROLE_ADMIN']) || $actualite->getUsers()->contains($user)) {
return true;
}
if (true === $actualite->getVisible()) {
$dateActuelle = new \DateTime();
if (
$actualite->getPublishedAt() <= $dateActuelle &&
($actualite->getExpiredAt() >= $dateActuelle || is_null($actualite->getExpiredAt()))
) {
return true;
}
}
return false;
}
private function canEdit(Actualite $actualite, $user)
{
if ($this->security->isGranted(['ROLE_ADMIN']) || $actualite->getUser()->contains($user)) {
return true;
}
return false;
}
}