src/Order/Security/Voter/OrderVoter.php line 16

Open in your IDE?
  1. <?php
  3. declare(strict_types=1);
  5. namespace App\Order\Security\Voter;
  7. use App\Program\Doctrine\Entity\Program;
  8. use App\Order\Doctrine\Entity\Order;
  9. use App\Security\Doctrine\Entity\User;
  10. use App\Security\Security\Store\Roles;
  11. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  12. use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
  13. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  14. use Symfony\Component\Workflow\WorkflowInterface;
  16. final class OrderVoter extends Voter
  17. {
  18.     public const CANCEL 'cancel';
  19.     public const PREPARE 'prepare';
  20.     public const PROCESS 'process';
  21.     public const SHIP 'ship';
  22.     public const DELIVER 'deliver';
  23.     public const ITEM 'item';
  25.     public function __construct(
  26.         private WorkflowInterface $orderStateMachine,
  27.         private AccessDecisionManagerInterface $accessDecisionManager
  28.     ) {
  29.     }
  31.     protected function supports(string $attributemixed $subject): bool
  32.     {
  33.         return $subject instanceof Order
  34.             && in_array($attribute, [self::ITEMself::CANCELself::PREPAREself::PROCESSself::SHIPself::DELIVER], true);
  35.     }
  37.     protected function voteOnAttribute(string $attributemixed $subjectTokenInterface $token): bool
  38.     {
  39.         /** @var Order $order */
  40.         $order $subject;
  43.         if (($program $token->getUser()) instanceof Program) {
  44.             return $attribute === self::ITEM && $order->getAccount()->getProfile()->getProgram() === $program;
  45.         }
  48.         if (!($user $token->getUser()) instanceof User) {
  49.             return false;
  50.         }
  52.         return match ($attribute) {
  53.             self::DELIVER => $this->accessDecisionManager->decide($token, [Roles::ORDER_PROCESS])
  54.                 && $this->orderStateMachine->getMarking($order)->has('prepared')
  55.                 && $order->getDetailsToDeliver()->count() > 0,
  56.             self::SHIP => $this->accessDecisionManager->decide($token, [Roles::ORDER_PROCESS])
  57.                 && $this->orderStateMachine->getMarking($order)->has('prepared')
  58.                 && $order->getDetailsToShip()->count() > 0,
  59.             self::PROCESS => $this->accessDecisionManager->decide($token, [Roles::ORDER_PROCESS])
  60.                 && $this->orderStateMachine->getMarking($order)->has('prepared')
  61.                 && $order->getDetailsToProcess()->count() > 0,
  62.             self::PREPARE => $this->orderStateMachine->can($orderself::PREPARE)
  63.                 && $this->accessDecisionManager->decide($token, [Roles::ORDER_PREPARE]),
  64.             self::CANCEL => !$this->orderStateMachine->getMarking($order)->has('pending')
  65.                 && $this->accessDecisionManager->decide($token, [Roles::ORDER_CANCEL]),
  66.             default => false
  67.         };
  68.     }
  69. }