src/Security/CrudVoter.php line 26

Open in your IDE?
  1. <?php
  2. /**
  3.  * Created by IntelliJ IDEA.
  4.  * User: dogukan
  5.  * Date: 2019-01-27
  6.  * Time: 18:21
  7.  */
  9. namespace App\Security;
  11. use App\Entity\Role;
  12. use App\Entity\Route;
  13. use App\Service\SessionService;
  14. use Doctrine\ORM\EntityManagerInterface;
  15. use Psr\Cache\CacheItemPoolInterface;
  16. use Symfony\Component\HttpFoundation\Request;
  17. use Symfony\Component\HttpFoundation\RequestStack;
  18. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  19. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  20. use Symfony\Component\Security\Core\Security;
  22. /**
  23.  * Class CrudVoter
  24.  * @package App\Security
  25.  */
  26. class CrudVoter extends Voter
  27. {
  28.     const ATTR 'CRUD_VOTER';
  30.     /**
  31.      * @var EntityManagerInterface
  32.      */
  33.     private $entityManager;
  34.     /**
  35.      * @var Request|null
  36.      */
  37.     private $request null;
  38.     /**
  39.      * @var Security
  40.      */
  41.     private $security;
  42.     /**
  43.      * @var CacheItemPoolInterface
  44.      */
  45.     private $cacheItemPool;
  46.     /**
  47.      * @var SessionService
  48.      */
  49.     private $sessionService;
  51.     /**
  52.      * CrudVoter constructor.
  53.      * @param EntityManagerInterface $entityManager
  54.      * @param RequestStack $requestStack
  55.      * @param Security $security
  56.      * @param CacheItemPoolInterface $cacheItemPool
  57.      * @param SessionService $sessionService
  58.      */
  59.     public function __construct(
  60.         EntityManagerInterface $entityManager,
  61.         RequestStack $requestStack,
  62.         Security $security,
  63.         CacheItemPoolInterface $cacheItemPool,
  64.         SessionService $sessionService
  65.     ) {
  66.         $this->entityManager $entityManager;
  67.         $this->request $requestStack->getMasterRequest();
  68.         $this->security $security;
  69.         $this->cacheItemPool $cacheItemPool;
  70.         $this->sessionService $sessionService;
  71.     }
  73.     /**
  74.      * @return EntityManagerInterface
  75.      */
  76.     public function getEntityManager(): EntityManagerInterface
  77.     {
  78.         return $this->entityManager;
  79.     }
  81.     /**
  82.      * @return Request|null
  83.      */
  84.     public function getRequest(): ?Request
  85.     {
  86.         return $this->request;
  87.     }
  89.     /**
  90.      * @return Security
  91.      */
  92.     public function getSecurity(): Security
  93.     {
  94.         return $this->security;
  95.     }
  97.     /**
  98.      * {@inheritdoc}
  99.      */
  100.     protected function supports($attribute$subject)
  101.     {
  102.         return $attribute === self::ATTR && $this->request !== null;
  103.     }
  105.     /**
  106.      * {@inheritdoc}
  107.      */
  108.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  109.     {
  110.         // todo: may be we can handle security exceptions to throw more meaningful exceptions
  111.         $endpoint $this->request->attributes->get('_route');
  112.         $routeRoles = [];
  114.         $cacheItem $this->cacheItemPool->getItem($endpoint);
  115.         if ($cacheItem->isHit()) {
  116.             $routeRoles $cacheItem->get();
  117.         } else {
  118.             /** @var Route $route */
  119.             $route $this->entityManager
  120.                 ->getRepository(Route::class)
  121.                 ->findOneBy(['endpoint' => $endpoint]);
  123.             if ($route !== null) {
  124.                 $routeRoles $route->getRoles()->map(function (Role $role) {
  125.                     return $role->getIdentifier();
  126.                 })->toArray();
  127.             }
  128.         }
  130.         return $this->sessionService->hasOneOfRoles($routeRoles);
  131.     }
  132. }