<?php
namespace Harmonizely\Service\Panel\AccessVoters;
use Harmonizely\Model\EventInterface;
use Harmonizely\Model\UserInterface;
class EventVoter extends AbstractVoter
{
/**
* Resource name
*/
const RESOURCE_NAME = 'event';
/**
* View event
*/
const EVENT_VIEW = 'event_view';
/**
* Edit event
*/
const EVENT_EDIT = 'event_edit';
/**
* Edit delete
*/
const EVENT_DELETE = 'event_delete';
/**
* Return resource name
*
* @return string
*/
function getResourceName(): string
{
return self::RESOURCE_NAME;
}
/**
* Return allowed attributes for current user
*
* @return array|string[]
*/
function getResourceAttributes(): array
{
return [self::EVENT_VIEW, self::EVENT_EDIT, self::EVENT_DELETE];
}
/**
* Return allowed attributes for current user
*
* @param UserInterface $user
* @param $subject
* @return array|string[]
*/
function getAllowedAttributes(UserInterface $user, $subject): array
{
if (!($subject instanceof EventInterface)) {
return $this->getResourceAttributes();
}
$allowedAttributes = [];
$eventUser = $subject->getUser();
if ($eventUser->getId() === $user->getId()) {
$allowedAttributes = $this->getResourceAttributes();
} else {
$userDefaultOrganization = $user->getDefaultOrganization();
if ($eventUser->getDefaultOrganization()->getId() === $userDefaultOrganization->getId()) {
if ($userDefaultOrganization->isOrganizationOwner($user)) {
$allowedAttributes = $this->getResourceAttributes();
}
}
}
return $allowedAttributes;
}
/**
* Determines if the attribute and subject are supported by this voter.
*
* @param string $attribute An attribute
* @param mixed $subject The subject to secure, e.g. an object the user wants to access or any other PHP type
*
* @return bool True if the attribute and subject are supported, false otherwise
*/
protected function supports($attribute, $subject): bool
{
if (!($subject instanceof EventInterface)) {
return false;
}
if (!in_array($attribute, $this->getResourceAttributes())) {
return false;
}
return true;
}
}