Part-DB.Part-DB-server/src/Security/Voter/PartVoter.php

<?php
/**
 * This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).
 *
 * Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
 */

namespace App\Security\Voter;

use App\Entity\Parts\Part;
use App\Entity\UserSystem\User;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;

/**
 * A Voter that votes on Part entities.
 *
 * See parts permissions for valid operations.
 */
class PartVoter extends ExtendedVoter
{
    public const READ = 'read';

    protected function supports($attribute, $subject)
    {
        // replace with your own logic
        // https://symfony.com/doc/current/security/voters.html
        //return ($subject instanceof Part || in_array($subject, ['PERM_parts', 'PERM_parts_name']));

        if ($subject instanceof Part) {
            //Check if a sub permission should be checked -> $attribute has format name.edit
            if (false !== strpos($attribute, '.')) {
                [$perm, $op] = explode('.', $attribute);

                return $this->resolver->isValidOperation('parts_'.$perm, $op);
            }

            return $this->resolver->isValidOperation('parts', $attribute);
        }

        return false;
    }

    protected function voteOnUser($attribute, $subject, User $user): bool
    {
        if ($subject instanceof Part) {
            //Check for sub permissions
            if (false !== strpos($attribute, '.')) {
                [$perm, $op] = explode('.', $attribute);

                return $this->resolver->inherit($user, 'parts_'.$perm, $op) ?? false;
            }

            //Null concealing operator means, that no
            return $this->resolver->inherit($user, 'parts', $attribute) ?? false;
        }

        //Deny access by default.
        return false;
    }
}
Added a simple Voter for checking, if a user is allowed, to view/edit/create a part. 2019-03-18 19:05:41 +01:00			`<?php`
Updated copyright headers. 2019-11-01 13:40:30 +01:00			`/**`
Added an PHP CS fixer config file and applied it to files. We now use the same the same style as the symfony project, and it allows us to simply fix the style by executing php_cs_fixer fix in the project root. 2019-11-09 00:47:20 +01:00			`* This file is part of Part-DB (https://github.com/Part-DB/Part-DB-symfony).`
Updated copyright headers. 2019-11-01 13:40:30 +01:00			`*`
			`* Copyright (C) 2019 Jan Böhmer (https://github.com/jbtronics)`
			`*`
			`* This program is free software; you can redistribute it and/or`
			`* modify it under the terms of the GNU General Public License`
			`* as published by the Free Software Foundation; either version 2`
			`* of the License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program; if not, write to the Free Software`
			`* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA`
			`*/`
Added a simple Voter for checking, if a user is allowed, to view/edit/create a part. 2019-03-18 19:05:41 +01:00
			`namespace App\Security\Voter;`

Added entities and properties for some future features. 2019-08-12 15:47:57 +02:00			`use App\Entity\Parts\Part;`
			`use App\Entity\UserSystem\User;`
Added a simple Voter for checking, if a user is allowed, to view/edit/create a part. 2019-03-18 19:05:41 +01:00			`use Symfony\Component\Security\Core\Authorization\Voter\Voter;`

			`/**`
			`* A Voter that votes on Part entities.`
			`*`
			`* See parts permissions for valid operations.`
			`*/`
Use anonymous user permissions, if nobody is logged in. 2019-03-19 17:17:04 +01:00			`class PartVoter extends ExtendedVoter`
Added a simple Voter for checking, if a user is allowed, to view/edit/create a part. 2019-03-18 19:05:41 +01:00			`{`
Fixed some inspection issues. 2019-03-20 23:24:20 +01:00			`public const READ = 'read';`
Added a simple Voter for checking, if a user is allowed, to view/edit/create a part. 2019-03-18 19:05:41 +01:00
			`protected function supports($attribute, $subject)`
			`{`
			`// replace with your own logic`
			`// https://symfony.com/doc/current/security/voters.html`
			`//return ($subject instanceof Part \|\| in_array($subject, ['PERM_parts', 'PERM_parts_name']));`

Used PHP_CS_Fixer with symfony preset on codebase. 2019-03-20 23:16:07 +01:00			`if ($subject instanceof Part) {`
Check permissions in edit part form. 2019-03-19 19:00:39 +01:00			`//Check if a sub permission should be checked -> $attribute has format name.edit`
Used PHP_CS_Fixer with symfony preset on codebase. 2019-03-20 23:16:07 +01:00			`if (false !== strpos($attribute, '.')) {`
Check permissions in edit part form. 2019-03-19 19:00:39 +01:00			`[$perm, $op] = explode('.', $attribute);`
Used PHP_CS_Fixer with symfony preset on codebase. 2019-03-20 23:16:07 +01:00
Added an PHP CS fixer config file and applied it to files. We now use the same the same style as the symfony project, and it allows us to simply fix the style by executing php_cs_fixer fix in the project root. 2019-11-09 00:47:20 +01:00			`return $this->resolver->isValidOperation('parts_'.$perm, $op);`
Check permissions in edit part form. 2019-03-19 19:00:39 +01:00			`}`

Added permissions for the new functions. 2019-09-13 17:13:58 +02:00			`return $this->resolver->isValidOperation('parts', $attribute);`
Added a simple Voter for checking, if a user is allowed, to view/edit/create a part. 2019-03-18 19:05:41 +01:00			`}`

			`return false;`
			`}`

Use anonymous user permissions, if nobody is logged in. 2019-03-19 17:17:04 +01:00			`protected function voteOnUser($attribute, $subject, User $user): bool`
			`{`
Used PHP_CS_Fixer with symfony preset on codebase. 2019-03-20 23:16:07 +01:00			`if ($subject instanceof Part) {`
Check permissions in edit part form. 2019-03-19 19:00:39 +01:00			`//Check for sub permissions`
Used PHP_CS_Fixer with symfony preset on codebase. 2019-03-20 23:16:07 +01:00			`if (false !== strpos($attribute, '.')) {`
Check permissions in edit part form. 2019-03-19 19:00:39 +01:00			`[$perm, $op] = explode('.', $attribute);`
Used PHP_CS_Fixer with symfony preset on codebase. 2019-03-20 23:16:07 +01:00
			`return $this->resolver->inherit($user, 'parts_'.$perm, $op) ?? false;`
Check permissions in edit part form. 2019-03-19 19:00:39 +01:00			`}`

Added a simple Voter for checking, if a user is allowed, to view/edit/create a part. 2019-03-18 19:05:41 +01:00			`//Null concealing operator means, that no`
			`return $this->resolver->inherit($user, 'parts', $attribute) ?? false;`
			`}`

			`//Deny access by default.`
			`return false;`
			`}`
			`}`