wip integrate new userclass system with voters

vincent-peugnet · Jan 21, 2021 · a760d58 · a760d58
1 parent 678e550
commit a760d58
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 18 deletions.
diff --git a/README.md b/README.md
@@ -110,11 +110,15 @@ Setup
 
 ### Requirements
 
-For now, the only way to install an Antilope app is via Symfony and `composer`.
+For now, the only way to install Antilope is using `git` and `composer`.
 
 - Apache
-- PHP 7
+- PHP 7.4
 - MySQL
+    - MariaDB 10.2+
+    - MySQL 8.0.1+
+    - PostgreSQL 8.4+
+    - SQLite 3.8.3+
 
 ### Install
 

diff --git a/src/Security/Voter/SharableVoter.php b/src/Security/Voter/SharableVoter.php
@@ -30,7 +30,12 @@
 use App\Entity\Manage;
 use App\Entity\Sharable;
 use App\Entity\User;
+use App\Entity\UserClass;
 use App\Entity\Validation;
+use App\Repository\InterestedRepository;
+use App\Repository\ManageRepository;
+use App\Repository\UserClassRepository;
+use App\Repository\ValidationRepository;
 use DateTime;
 use Doctrine\ORM\EntityManagerInterface;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
@@ -49,9 +54,21 @@ class SharableVoter extends Voter
     public const INTERESTED = 'interested';
     public const CONTACT    = 'contact';
 
-    public function __construct(EntityManagerInterface $em)
-    {
-        $this->em = $em;
+    private UserClassRepository $userClassRepository;
+    private InterestedRepository $interestedRepository;
+    private ValidationRepository $validationRepository;
+    private ManageRepository $manageRepository;
+
+    public function __construct(
+        UserClassRepository $userClassRepository,
+        InterestedRepository $interestedRepository,
+        ValidationRepository $validationRepository,
+        ManageRepository $manageRepository
+    ) {
+        $this->userClassRepository = $userClassRepository;
+        $this->interestedRepository = $interestedRepository;
+        $this->validationRepository = $validationRepository;
+        $this->manageRepository = $manageRepository;
     }
 
     protected function supports($attribute, $subject)
@@ -118,12 +135,9 @@ private function canView(Sharable $sharable, User $user): bool
         if ($this->canManage($sharable, $user)) {
             return true;
         }
-        if (null !== $sharable->getVisibleBy()) {
-            if ($user->getUserClass()->getRank() >= $sharable->getVisibleBy()->getRank()) {
-                return true;
-            } else {
-                return false;
-            }
+        if (!is_null($sharable->getVisibleBy())) {
+            $visibleByUserClasses = $this->userClassRepository->findBetween($sharable->getVisibleBy());
+            return (in_array($user->getUserClass(), $visibleByUserClasses));
         }
         if ($user->getUserClass()->getAccess()) {
             return true;
@@ -248,17 +262,15 @@ private function passedEnd(Sharable $sharable): bool
      */
     private function alreadyInterested(Sharable $sharable, User $user): ?Interested
     {
-        $interestedRepository = $this->em->getRepository(Interested::class);
-        return $interestedRepository->findOneBy([
+        return $this->interestedRepository->findOneBy([
             'user' => $user->getId(),
             'sharable' => $sharable->getId()
         ]);
     }
 
     private function alreadyValidated(Sharable $sharable, User $user): bool
     {
-        $validationRepo = $this->em->getRepository(Validation::class);
-        return (bool) $validationRepo->findOneBy([
+        return (bool) $this->validationRepository->findOneBy([
             'user' => $user->getId(),
             'sharable' => $sharable->getId(),
         ]);
@@ -270,8 +282,7 @@ private function alreadyValidated(Sharable $sharable, User $user): bool
      */
     private function canManage(Sharable $sharable, User $user): ?Manage
     {
-        $manageRepository = $this->em->getRepository(Manage::class);
-        return $manageRepository->findOneBy([
+        return $this->manageRepository->findOneBy([
             'user' => $user->getId(),
             'sharable' => $sharable->getId()
         ]);

diff --git a/src/Security/Voter/UserClassVoter.php b/src/Security/Voter/UserClassVoter.php
@@ -28,6 +28,7 @@
 
 use App\Entity\User;
 use App\Entity\UserClass;
+use App\Repository\UserClassRepository;
 use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
 use Symfony\Component\Security\Core\Authorization\Voter\Voter;
 use Symfony\Component\Security\Core\User\UserInterface;
@@ -38,6 +39,13 @@ class UserClassVoter extends Voter
     public const CREATE = 'create';
     public const DELETE = 'delete';
 
+    private UserClassRepository $userClassRepository;
+
+    public function __construct(UserClassRepository $userClassRepository)
+    {
+        $this->userClassRepository = $userClassRepository;
+    }
+
     protected function supports($attribute, $subject)
     {
         // replace with your own logic
@@ -81,6 +89,6 @@ private function canCreate(User $user)
 
     private function canDelete(User $user)
     {
-        return $user->isAdmin();
+        return ($user->isAdmin() && $this->userClassRepository->count([]) > 1);
     }
 }