Symfony Profiler

<?php
namespace PaperKite\Common\Security\Voter;
use Lightbulb\Symfony\Exception\NotFoundException;
use PaperKite\Common\Entity\CommonUserInterface;
use PaperKite\Common\Entity\Enum\MemberApplicationProcessingStatusEnumType;
use PaperKite\Common\Entity\Member\MemberApplication;
use PaperKite\Common\Service\Member\MemberApplicationReaderService;
use PaperKite\CompanyApi\Entity\CompanyUserInterface;
use PaperKite\EmployeeApi\Entity\EmployeeInterface;
use PaperKite\HealthMutualApi\Entity\HealthMutualUserInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Core\User\UserInterface;
class MemberApplicationVoter extends Voter
{
public const LIST = 'MEMBER_APPLICATION_LIST';
public const VIEW = 'MEMBER_APPLICATION_VIEW';
public const EDIT = 'MEMBER_APPLICATION_EDIT';
public const LITE_VIEW = 'MEMBER_APPLICATION_LITE_VIEW';
public const COMPANY_EDIT = 'MEMBER_APPLICATION_COMPANY_EDIT';
public const HEALTH_MUTUAL_EDIT = 'MEMBER_APPLICATION_HEALTH_MUTUAL_EDIT';
public function __construct(
private Security $security,
private MemberApplicationReaderService $memberApplicationReaderService,
) {
}
protected function supports(string $attribute, $subject): bool
{
// https://symfony.com/doc/current/security/voters.html
return in_array(
$attribute,
[
self::VIEW,
self::EDIT,
self::LITE_VIEW,
self::COMPANY_EDIT,
self::HEALTH_MUTUAL_EDIT,
]
);
}
/**
* @param string $subject Member application identifier
*
* @throws NotFoundException
*/
protected function voteOnAttribute(string $attribute, $subject, TokenInterface $token): bool
{
/** @var CommonUserInterface $user */
$user = $token->getUser();
// if the user is anonymous, do not grant access
if (!$user instanceof UserInterface) {
return false;
}
if ($this->security->isGranted('ROLE_SUPER_ADMIN')) {
return true;
}
$memberApplication = $this->memberApplicationReaderService->getById($subject);
return match ($attribute) {
self::VIEW => $this->viewCheck($user),
self::EDIT => $this->editCheck($user, $memberApplication),
self::LITE_VIEW => $this->liteViewCheck($user, $memberApplication),
self::COMPANY_EDIT => $this->companyEditCheck($user, $memberApplication),
self::HEALTH_MUTUAL_EDIT => $this->healthMutualEditCheck($user, $memberApplication),
default => false,
};
}
private function viewCheck(CommonUserInterface $user): bool
{
if ($user instanceof EmployeeInterface) {
return true;
}
return false;
}
private function editCheck(CommonUserInterface $user, MemberApplication $memberApplication): bool
{
if ($user instanceof EmployeeInterface) {
// No edition of closed/exported member application
if (true === in_array($memberApplication->getProcessingStatus(), [
MemberApplicationProcessingStatusEnumType::STATUS_TO_BE_EXPORTED,
MemberApplicationProcessingStatusEnumType::STATUS_CLOSED,
], true)) {
return false;
}
return true;
}
return false;
}
private function liteViewCheck(CommonUserInterface $user, MemberApplication $memberApplication): bool
{
if ($user instanceof HealthMutualUserInterface) {
if ($memberApplication->getHealthMutual() === $user->getHealthMutual()) {
return true;
}
}
if ($user instanceof CompanyUserInterface) {
if ($memberApplication->getCompany() === $user->getCompany()) {
return true;
}
}
return false;
}
private function companyEditCheck(CommonUserInterface $user, MemberApplication $memberApplication): bool
{
if ($user instanceof CompanyUserInterface) {
if ($memberApplication->getCompany() === $user->getCompany()) {
return true;
}
}
return false;
}
private function healthMutualEditCheck(CommonUserInterface $user, MemberApplication $memberApplication): bool
{
if ($user instanceof HealthMutualUserInterface) {
if ($memberApplication->getHealthMutual() === $user->getHealthMutual()) {
return true;
}
}
return false;
}
}

src/Common/Security/Voter/MemberApplicationVoter.php line 18