src/WmsBundle/Security/RoleRoutingVoter.php line 25

Open in your IDE?
  1. <?php
  2. /**
  3.  * Created by Notive.
  4.  * Project: wms.p
  5.  * User: Henny Krijnen
  6.  * Date: 07/03/17
  7.  * Time: 11:16
  8.  */
  10. namespace WmsBundle\Security;
  12. use FOS\OAuthServerBundle\Security\Authentication\Token\OAuthToken;
  13. use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
  14. use Symfony\Component\HttpKernel\Exception\UnauthorizedHttpException;
  15. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  16. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  17. use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
  18. use WmsBundle\Exceptions\DeprecatedException;
  19. use WmsBundle\Services\AuthorizationService;
  21. /**
  22.  * Class RoleProvider
  23.  * @package WmsBundle\Security
  24.  */
  25. class RoleRoutingVoter implements VoterInterface
  26. {
  28.     /** @var AuthorizationService */
  29.     private $authorizationService;
  30.     /** @var bool */
  31.     private $wmsRolesEnabled;
  33.     /**
  34.      * RoleVoter constructor.
  35.      * @param AuthorizationService $authorizationService
  36.      * @param bool $wmsRolesEnabled
  37.      */
  38.     public function __construct(AuthorizationService $authorizationService$wmsRolesEnabled true)
  39.     {
  40.         $this->authorizationService $authorizationService;
  41.         $this->wmsRolesEnabled $wmsRolesEnabled;
  42.     }
  44.     /**
  45.      * @param TokenInterface $token
  46.      * @param null|object $object
  47.      * @param array $attributes
  48.      * @return int
  49.      * @throws \Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException
  50.      * @throws UnauthorizedHttpException
  51.      */
  52.     public function vote(TokenInterface $token$object, array $attributes)
  53.     {
  54.         if ($this->wmsRolesEnabled &&
  55.             $token instanceof OAuthToken &&
  56.             !$this->authorizationService->isAuthorized($token$object$attributes)
  57.         ) {
  58.             throw new AccessDeniedHttpException('Sorry, you do not have permission to do this.');
  59.         }
  60.         return Voter::ACCESS_ABSTAIN;
  61.     }
  63.     /**
  64.      * Checks if the voter supports the given attribute.
  65.      *
  66.      * @param mixed $attribute An attribute (usually the attribute name string)
  67.      *
  68.      * @return bool true if this Voter supports the attribute, false otherwise
  69.      *
  70.      * @deprecated since version 2.8, to be removed in 3.0.
  71.      */
  72.     public function supportsAttribute($attribute)
  73.     {
  74.         throw new DeprecatedException('supportsAttribute');
  75.     }
  77.     /**
  78.      * Checks if the voter supports the given class.
  79.      *
  80.      * @param string $class A class name
  81.      *
  82.      * @return bool true if this Voter can process the class
  83.      *
  84.      * @deprecated since version 2.8, to be removed in 3.0.
  85.      */
  86.     public function supportsClass($class)
  87.     {
  88.         throw new DeprecatedException('supportsClass');
  89.     }
  90. }