mirror of
https://github.com/Part-DB/Part-DB-server.git
synced 2025-08-18 00:29:22 +02:00
Used PHP_CS_Fixer with symfony preset on codebase.
This commit is contained in:
parent
0f3ba9b6a8
commit
e2f7aafa2d
43 changed files with 971 additions and 1068 deletions
|
@ -1,9 +1,8 @@
|
|||
<?php
|
||||
/**
|
||||
*
|
||||
* part-db version 0.1
|
||||
* Copyright (C) 2005 Christoph Lechner
|
||||
* http://www.cl-projects.de/
|
||||
* http://www.cl-projects.de/.
|
||||
*
|
||||
* part-db version 0.2+
|
||||
* Copyright (C) 2009 K. Jacobs and others (see authors.php)
|
||||
|
@ -26,29 +25,25 @@
|
|||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
||||
*
|
||||
*/
|
||||
|
||||
namespace App\Security\Voter;
|
||||
|
||||
|
||||
use App\Entity\User;
|
||||
|
||||
class UserVoter extends ExtendedVoter
|
||||
{
|
||||
|
||||
/**
|
||||
* Determines if the attribute and subject are supported by this voter.
|
||||
*
|
||||
* @param string $attribute An attribute
|
||||
* @param mixed $subject The subject to secure, e.g. an object the user wants to access or any other PHP type
|
||||
* @param mixed $subject The subject to secure, e.g. an object the user wants to access or any other PHP type
|
||||
*
|
||||
* @return bool True if the attribute and subject are supported, false otherwise
|
||||
*/
|
||||
protected function supports($attribute, $subject)
|
||||
{
|
||||
if($subject instanceof User)
|
||||
{
|
||||
if ($subject instanceof User) {
|
||||
return in_array($attribute, array_merge(
|
||||
$this->resolver->listOperationsForPermission('users'),
|
||||
$this->resolver->listOperationsForPermission('self')),
|
||||
|
@ -62,23 +57,25 @@ class UserVoter extends ExtendedVoter
|
|||
/**
|
||||
* Similar to voteOnAttribute, but checking for the anonymous user is already done.
|
||||
* The current user (or the anonymous user) is passed by $user.
|
||||
*
|
||||
* @param $attribute
|
||||
* @param $subject
|
||||
* @param User $user
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
protected function voteOnUser($attribute, $subject, User $user): bool
|
||||
{
|
||||
if($subject instanceof User)
|
||||
{
|
||||
if ($subject instanceof User) {
|
||||
//Check if the checked user is the user itself
|
||||
if($subject->getID() === $user->getID() &&
|
||||
if ($subject->getID() === $user->getID() &&
|
||||
$this->resolver->isValidOperation('self', $attribute)) {
|
||||
//Then we also need to check the self permission
|
||||
$tmp = $this->resolver->inherit($user, 'self', $attribute) ?? false;
|
||||
//But if the self value is not allowed then use just the user value:
|
||||
if($tmp)
|
||||
if ($tmp) {
|
||||
return $tmp;
|
||||
}
|
||||
}
|
||||
//Else just check users permission:
|
||||
return $this->resolver->inherit($user, 'users', $attribute) ?? false;
|
||||
|
@ -86,6 +83,4 @@ class UserVoter extends ExtendedVoter
|
|||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue