/**
* Check if the user is allowed to see the email.
* => the mail is public or the user is among the recipients or the user is an admin.
*
* @param SentEmail $mail
* @return boolean
*/
private function userIsAllowedToSeeThisMail(SentEmail $mail)
{
$recipients = $mail->getRecipients();
// it is a public email
if ($recipients == null) {
return true;
}
// get the current user
$currentUser = null;
if (!$this->container->has('security.context')) {
// @codeCoverageIgnoreStart
throw new \LogicException('The SecurityBundle is not registered in your application.');
// @codeCoverageIgnoreEnd
} else {
$token = $this->container->get('security.context')->getToken();
// check if the token is not null and the user in the token an object
if ($token instanceof TokenInterface && is_object($token->getUser())) {
$currentUser = $token->getUser();
}
}
// it is not a public email, and a user is logged in
if ($currentUser != null) {
// the user is among the recipients
if (array_search($currentUser->getEmail(), $recipients) !== false) {
return true;
}
// the user is admin
if ($currentUser->hasRole("ROLE_ADMIN")) {
return true;
}
}
// not public email, but
// - there is no user, or
// - the user is not among the recipients and
// - the user not an admin-user either
return false;
}
