<?php
/*
* This file has been created by developers from BitBag.
* Feel free to contact us once you face any issues or want to start
* You can find more information about us on https://bitbag.io and write us
* an email on hello@bitbag.io.
*/
declare(strict_types=1);
namespace BitBag\OpenMarketplace\Component\Core\Common\Security\Voter;
use BitBag\OpenMarketplace\Component\Customer\Model\CustomerInterface;
use BitBag\OpenMarketplace\Component\Vendor\Entity\ProfileUpdate\ProfileUpdateInterface;
use BitBag\OpenMarketplace\Component\Vendor\Entity\ShopUserInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
final class ObjectOwningVoter extends Voter
{
public const OWNIT = 'OWNIT';
protected function supports($attribute, $subject)
{
if (!in_array($attribute, [self::OWNIT])) {
return false;
}
return true;
}
/*
* This method call is ignored because phpstan force us to type hint arguments but this method in symfony 4.4
* is declared without so type hinted arguments cause trouble
*/
/** @phpstan-ignore-next-line */
protected function voteOnAttribute(
$attribute,
$subject,
TokenInterface $token
) {
$user = $token->getUser();
if (!$user instanceof ShopUserInterface || null == $subject) {
return false;
}
/** @var ProfileUpdateInterface $vendorUpdateData */
$vendorUpdateData = $subject;
switch ($attribute) {
case self::OWNIT:
return $this->doesUserOwnTheData($subject, $user);
default:
return false;
}
}
private function doesUserOwnTheData(object $data, ShopUserInterface $user): bool
{
/** @var CustomerInterface $customer */
$customer = $user->getCustomer();
$loggedInVendor = $customer->getOrganizationVendor();
/** @phpstan-ignore-next-line */
$vendorData = $data->getVendor();
if ($loggedInVendor === $vendorData) {
return true;
}
return false;
}
}