Showing with 2 additions and 24 deletions.
  1. +0 −1 src/Ilios/AuthenticationBundle/Resources/config/voters.yml
  2. +2 −23 src/Ilios/AuthenticationBundle/Voter/LearningMaterialVoter.php
1 src/Ilios/AuthenticationBundle/Resources/config/voters.yml
View file
@@ -147,7 +147,6 @@ services:
- { name: security.voter }
security.access.learning_material_voter:
class: Ilios\AuthenticationBundle\Voter\LearningMaterialVoter
arguments: [ @ilioscore.permission.manager ]
public: false
tags:
- { name: security.voter }
25 src/Ilios/AuthenticationBundle/Voter/LearningMaterialVoter.php
View file
@@ -12,16 +12,6 @@
*/
class LearningMaterialVoter extends AbstractVoter
{
/**
* @var PermissionManagerInterface
*/
protected $permissionManager;

public function __construct(PermissionManagerInterface $permissionManager)
{
$this->permissionManager = $permissionManager;
}

/**
* {@inheritdoc}
*/
@@ -57,21 +47,10 @@ protected function isGranted($attribute, $material, $user = null)
// in order to grant EDIT and DELETE privileges on the given learning material to the given user,
// at least one of the following statements must be true:
// 1. the user owns the learning material
// 2. the user and the owner of the learning material share the same primary school,
// and the user has at least one of 'Faculty', 'Course Director' or 'Developer' roles.
// 3. the user has WRITE rights in the learning material owner's primary school,
// and the user has at least one of 'Faculty', 'Course Director' or 'Developer' roles.
// 2. the user has at least one of 'Faculty', 'Course Director' or 'Developer' roles.
return (
$this->usersAreIdentical($user, $material->getOwningUser())
|| (
$this->userHasRole($user, ['Faculty', 'Course Director', 'Developer'])
&& (
$this->schoolsAreIdentical($user->getSchool(), $material->getOwningSchool())
|| $this->permissionManager->userHasWritePermissionToSchool(
$user,
$material->getOwningSchool()
))
)
|| $this->userHasRole($user, ['Faculty', 'Course Director', 'Developer'])
);
break;
}