/**
* Vote to see if $user can act on the user $subject
* $user can do it if $subject is in a group depending on $user
*
* @param UserInterface $subject
* @param UserInterface $user
*
* @return bool
*/
protected function voteForUser(UserInterface $subject, UserInterface $user)
{
foreach ($subject->getGroups() as $group) {
if ($this->canActOnSite($group->getSite()->getSiteId(), $user)) {
return true;
}
}
return false;
}
/**
* Check if $subjectKey is in an allowed perimeter to $user
* The perimeter to check is of $entityType
*
* @param string $subjectKey
* @param UserInterface $user
* @param string $entityType
*
* @return bool
*/
protected function isSubjectInPerimeter($subjectKey, UserInterface $user, $entityType)
{
foreach ($user->getGroups() as $group) {
$perimeter = $group->getPerimeter($entityType);
if ($perimeter instanceof PerimeterInterface && $this->perimeterManager->isInPerimeter($subjectKey, $perimeter)) {
return true;
}
}
return false;
}
/**
* Vote for $action on $node not owned by $user
* A user can act on someone else's node if he has the matching super role and the node is in his perimeter
*
* @param string $action
* @param NodeInterface $node
* @param UserInterface $user
*
* @return bool
*/
protected function voteForSomeoneElseSubject($action, $node, UserInterface $user)
{
$requiredRole = ContributionRoleInterface::NODE_CONTRIBUTOR;
switch ($action) {
case ContributionActionInterface::EDIT:
$requiredRole = ContributionRoleInterface::NODE_SUPER_EDITOR;
break;
case ContributionActionInterface::DELETE:
$requiredRole = ContributionRoleInterface::NODE_SUPER_SUPRESSOR;
break;
}
return $user->hasRole($requiredRole) && $this->isSubjectInPerimeter($node->getPath(), $user, NodeInterface::ENTITY_TYPE);
}
/**
* @param Request $request
* @param UserInterface $user
*
* @return UserInterface
*/
protected function refreshLanguagesByAliases(UserInterface $user)
{
$sites = array();
$siteIds = array();
if ($user->isSuperAdmin()) {
$sites = $this->container->get('open_orchestra_model.repository.site')->findByDeleted(false);
} else {
foreach ($user->getGroups() as $group) {
/** @var SiteInterface $site */
$site = $group->getSite();
if (!$site->isDeleted() && !in_array($site->getSiteId(), $siteIds)) {
$siteIds[] = $site->getSiteId();
$sites[] = $site;
}
}
}
foreach ($sites as $site) {
if (!$user->hasLanguageBySite($site->getSiteId())) {
$user->setLanguageBySite($site->getSiteId(), $site->getDefaultLanguage());
}
}
return $user;
}
/**
* @param UserInterface|string $user
*
* @return bool
*/
protected function isSuperAdmin($user = null)
{
return $user instanceof UserInterface && ($user->hasRole(ContributionRoleInterface::DEVELOPER) || $user->hasRole(ContributionRoleInterface::PLATFORM_ADMIN));
}
