src/Security/Authorization/Voter/EnvironmentVoter.php line 8

Open in your IDE?
  1. <?php
  3. namespace App\Security\Authorization\Voter;
  4.  
  5. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  6. use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
  7.  
  8. class EnvironmentVoter implements VoterInterface
  9. {
  10.     const VIEW 'VIEW';
  11.     const EDIT 'EDIT';
  12.     const DELETE 'DELETE';
  13.     const CREATE 'CREATE';
  14.     const CLONE = 'CLONE';
  15.     const LIST = 'LIST';
  16.     const DEPLOY 'DEPLOY';
  17.     const STOP 'STOP';
  18.     const BUILD 'BUILD';
  19.     const DBIMPORT 'DBIMPORT';
  20.     const DBLANGIMPORT 'DBLANGIMPORT';
  21.     const DBEXPORT 'DBEXPORT';
  22.     const IDPFY 'IDPFY';
  23.     const PERMAUSER 'PERMAUSER';
  24.     const VIBERTOKEN 'VIBERTOKEN';
  25.     const INITDB 'INITDB';
  26.     const CREATEUSER 'CREATEUSER';
  27.     const DEBUG 'DEBUG';
  28.     const LOGLEVEL 'LOGLEVEL';
  29.     const CREATERESOURCEPROXYUSER 'CREATERESOURCEPROXYUSER';
  30.  
  31.     public function supportsAttribute($attribute)
  32.     {
  33.  
  34.         return in_array($attribute, array(
  35.             self::VIEW,
  36.             self::EDIT,
  37.             self::DELETE,
  38.             self::CREATE,
  39.             self::CLONE,
  40.             self::LIST,
  41.             self::DEPLOY,
  42.             self::STOP,
  43.             self::BUILD,
  44.             self::DBIMPORT,
  45.             self::DBLANGIMPORT,
  46.             self::DBEXPORT,
  47.             self::IDPFY,
  48.             self::PERMAUSER,
  49.             self::VIBERTOKEN,
  50.             self::INITDB,
  51.             self::CREATEUSER,
  52.             self::DEBUG,
  53.             self::LOGLEVEL,
  54.             self::CREATERESOURCEPROXYUSER,
  55.         ));
  56.     }
  57.  
  58.     public function supportsClass($class)
  59.     {
  60.  
  61.         $supportedClass 'App\Entity\Environment';
  62.  
  63.         if (is_string($class)) {
  64.             if ($class === $supportedClass) {
  65.                 return true;
  66.             } else {
  67.                 return false;
  68.             }
  69.         }
  70.         if(is_null($class)) {
  71.             return true;
  72.         }
  73.         return $supportedClass === get_class($class) || is_subclass_of(get_class($class), $supportedClass);
  74.     }
  75.  
  76.  
  77.     public function vote(TokenInterface $token$entity, array $attributes)
  78.     {
  80.         $user $token->getUser();
  81.         if (!is_object($user)) {
  82.             return VoterInterface::ACCESS_DENIED;
  83.         }
  84.  
  85.         if (!$this->supportsClass($entity)) {
  86.             return VoterInterface::ACCESS_ABSTAIN;
  87.         }
  88.         
  89.         $attribute $attributes[0];
  90.         if(is_array($attribute)) {
  91.             $attribute $attribute[0];
  92.         };
  93.         if($user->hasRole("SuperUsers")) {
  94.             return VoterInterface::ACCESS_GRANTED;
  95.         }
  96.         switch($attribute) {
  97.             case self::LIST:
  98.                 return VoterInterface::ACCESS_GRANTED;
  99.                 break;
  100.             case self::VIEW:
  101.                 return VoterInterface::ACCESS_GRANTED;
  102.                 break;
  103.             case self::CREATE:
  104.                 if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries")) {
  105.                     return VoterInterface::ACCESS_GRANTED;
  106.                 } else {
  107.                     return VoterInterface::ACCESS_DENIED;
  108.                 }
  109.                 break;
  110.             case self::CLONE:
  111.                 if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries")) {
  112.                     return VoterInterface::ACCESS_GRANTED;
  113.                 } else {
  114.                     return VoterInterface::ACCESS_DENIED;
  115.                 }
  116.                 break;
  117.             case self::EDIT:
  118.                 if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries") || $user->hasRole("Developers")) {
  119.                     return VoterInterface::ACCESS_GRANTED;
  120.                 } else {
  121.                     return VoterInterface::ACCESS_DENIED;
  122.                 }
  123.                 break;
  124.             case self::DELETE:
  125.                 if($user->hasRole("SuperUsers")) {
  126.                     return VoterInterface::ACCESS_GRANTED;
  127.                 } else {
  128.                     return VoterInterface::ACCESS_DENIED;
  129.                 }
  130.                 break;
  131.             case self::DEPLOY:
  132.                 if($entity->getType()->getName() != "prod") {
  133.                     return VoterInterface::ACCESS_GRANTED;
  134.                 } elseif($user->hasRole("SuperUsers") || $user->hasRole("Deliveries") || $user->hasRole("CSMs")) {
  135.                     return VoterInterface::ACCESS_GRANTED;
  136.                 } elseif($entity->getType()->getName() == "prod" && $user->hasRole("Developers") && $entity->getDebugMode() == true) {
  137.                     return VoterInterface::ACCESS_GRANTED;
  138.                 } else {
  139.                     return VoterInterface::ACCESS_DENIED;
  140.                 }
  141.                 break;
  142.             case self::STOP:
  143.                 if($entity->getType()->getName() != "prod") {
  144.                     return VoterInterface::ACCESS_GRANTED;
  145.                 } elseif($user->hasRole("SuperUsers") || $user->hasRole("Deliveries") || $user->hasRole("CSMs")) {
  146.                     return VoterInterface::ACCESS_GRANTED;
  147.                 } elseif($entity->getType()->getName() == "prod" && $user->hasRole("Developers") && $entity->getDebugMode() == true) {
  148.                     return VoterInterface::ACCESS_GRANTED;
  149.                 } else {
  150.                     return VoterInterface::ACCESS_DENIED;
  151.                 }
  152.                 break;
  153.             case self::BUILD:
  154.                 if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries") || $user->hasRole("Developers") || $user->hasRole("CSMs")) {
  155.                     return VoterInterface::ACCESS_GRANTED;
  156.                 } else {
  157.                     return VoterInterface::ACCESS_DENIED;
  158.                 }
  159.                 break;
  160.             case self::DBIMPORT:
  161.                 if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries") || $user->hasRole("Developers")) {
  162.                     return VoterInterface::ACCESS_GRANTED;
  163.                 } else {
  164.                     return VoterInterface::ACCESS_DENIED;
  165.                 }
  166.                 break;
  167.             case self::DBEXPORT:
  168.                 return VoterInterface::ACCESS_GRANTED;
  169.                 break;
  170.             case self::IDPFY:
  171.                 if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries") || $user->hasRole("Developers") || $user->hasRole("CSMs")) {
  172.                     return VoterInterface::ACCESS_GRANTED;
  173.                 } else {
  174.                     return VoterInterface::ACCESS_DENIED;
  175.                 }
  176.                 break;
  177.             case self::DBLANGIMPORT:
  178.                 if($user->hasRole("SuperUsers") || $user->hasRole("CHEQPermaUsers")) {
  179.                     return VoterInterface::ACCESS_GRANTED;
  180.                 } else {
  181.                     return VoterInterface::ACCESS_DENIED;
  182.                 }
  183.                 break;
  184.             case self::PERMAUSER:
  185.                 if($user->hasRole("SuperUsers") || $user->hasRole("CHEQPermaUsers")) {
  186.                     return VoterInterface::ACCESS_GRANTED;
  187.                 } else {
  188.                     return VoterInterface::ACCESS_DENIED;
  189.                 }
  190.                 break;
  191.             
  192.             case self::VIBERTOKEN:
  193.                 if($user->hasRole("SuperUsers") || $user->hasRole("CHEQPermaUsers")) {
  194.                     return VoterInterface::ACCESS_GRANTED;
  195.                 } else {
  196.                     return VoterInterface::ACCESS_DENIED;
  197.                 }
  198.                 break;
  200.           case self::INITDB:
  201.                 if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries")) {
  202.                     return VoterInterface::ACCESS_GRANTED;
  203.                 } else {
  204.                     return VoterInterface::ACCESS_DENIED;
  205.                 }
  206.                 break;
  207.             case self::CREATEUSER:
  208.                 if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries") || $user->hasRole("Developers") || $user->hasRole("CSMs")) {
  209.                     return VoterInterface::ACCESS_GRANTED;
  210.                 } else {
  211.                     return VoterInterface::ACCESS_DENIED;
  212.                 }
  213.                 break;
  214.             case self::DEBUG:
  215.                 if($user->hasRole("SuperUsers") || $user->hasRole("Deliveries")) {
  216.                     return VoterInterface::ACCESS_GRANTED;
  217.                 } else {
  218.                     return VoterInterface::ACCESS_DENIED;
  219.                 }
  220.                 break;
  221.             case self::LOGLEVEL:
  222.                 if($entity->getType()->getName() != "prod") {
  223.                     return VoterInterface::ACCESS_GRANTED;
  224.                 } elseif($user->hasRole("SuperUsers") || $user->hasRole("Deliveries")) {
  225.                     return VoterInterface::ACCESS_GRANTED;
  226.                 } elseif($entity->getType()->getName() == "prod" && $user->hasRole("Developers") && $entity->getDebugMode() == true) {
  227.                     return VoterInterface::ACCESS_GRANTED;
  228.                 } else {
  229.                     return VoterInterface::ACCESS_DENIED;
  230.                 }
  231.             case self::CREATERESOURCEPROXYUSER:
  232.                 if($entity->getType()->getName() != "prod") {
  233.                     return VoterInterface::ACCESS_GRANTED;
  234.                 } elseif($user->hasRole("SuperUsers") || $user->hasRole("Deliveries")) {
  235.                     return VoterInterface::ACCESS_GRANTED;
  236.                 } elseif($entity->getType()->getName() == "prod" && $user->hasRole("Developers") && $entity->getDebugMode() == true) {
  237.                     return VoterInterface::ACCESS_GRANTED;
  238.                 } else {
  239.                     return VoterInterface::ACCESS_DENIED;
  240.                 }
  241.                 break;
  242.         }
  243.  
  244.         return VoterInterface::ACCESS_DENIED;
  245.     }
  246. }