src/Security/OrderVoter.php line 13

Open in your IDE?
  1. <?php
  3. namespace App\Security;
  5. use App\Entity\System\Employee;
  6. use App\Entity\System\Order;
  7. use App\Entity\System\OrderStatus;
  8. use App\Entity\System\PaymentMethod;
  9. use App\Service\EnvironmentService;
  10. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  11. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  13. class OrderVoter extends Voter
  14. {
  15. public const PUBLISH = 'publish';
  17. public const CHECK_PAYPAL = 'publish';
  19. public const VIRTUAL_MARK_TRANSFER_PROCESSED = 'virtual_mark_transfer_processed';
  20. private EnvironmentService $environmentService;
  22. public function __construct(EnvironmentService $environmentService)
  23. {
  24. $this->environmentService = $environmentService;
  25. }
  27. /**
  28. * @param Order $subject
  29. */
  30. protected function supports(string $attribute, $subject): bool
  31. {
  32. if (!(get_class($subject) === Order::class)) {
  33. return false;
  34. }
  36. return $this->supportsAttribute($attribute);
  37. }
  39. public function supportsAttribute(string $attribute): bool
  40. {
  41. $voter = new \ReflectionClass(__CLASS__);
  42. $allowedValues = $voter->getConstants();
  44. if (!\array_key_exists($attribute, \array_flip($allowedValues))) {
  45. return false;
  46. }
  48. return true;
  49. }
  51. /**
  52. * @param Order $order
  53. */
  54. protected function voteOnAttribute(string $attribute, $order, TokenInterface $token): bool
  55. {
  56. $user = $token->getUser();
  58. if (!$user instanceof Employee) {
  59. return false;
  60. }
  62. switch ($attribute) {
  63. case self::PUBLISH:
  64. return $this->publishAllowed($order);
  65. case self::CHECK_PAYPAL:
  66. return $this->checkPayPal($order);
  67. case self::VIRTUAL_MARK_TRANSFER_PROCESSED:
  68. return $this->virtualMarkProcessed($order);
  69. default:
  70. throw new \LogicException('This code should not be reached!');
  71. }
  72. }
  74. private function publishAllowed(Order $order): bool
  75. {
  76. return $order->getOrderStatusId() !== OrderStatus::PROCESSING;
  77. }
  79. private function checkPayPal(Order $order): bool
  80. {
  81. return $order->getOrderStatusId() === OrderStatus::PAYPAL_VALIDATION_PENDING
  82. && $order->getTransactionId() !== null
  83. && $order->getPaymentMethod()->getId() === PaymentMethod::PAYPAL_PAYMENT_METHOD_ID;
  84. }
  86. private function virtualMarkProcessed(Order $order): bool
  87. {
  88. return $this->environmentService->isDev() && $order->getCart()->isVirtual()
  89. && $order->getOrderStatusId() === OrderStatus::PENDING_PAYMENT
  90. && $order->getPaymentMethod()->getId() === PaymentMethod::TRANSFER_PAYMENT_METHOD_ID;
  91. }
  92. }