/** * Returns the vote for the given parameters. * * This method must return one of the following constants: * ACCESS_GRANTED, ACCESS_DENIED, or ACCESS_ABSTAIN. * * @param TokenInterface $token A TokenInterface instance * @param object|null $object The object to secure * @param array $attributes An array of attributes associated with the method being invoked * * @return int either ACCESS_GRANTED, ACCESS_ABSTAIN, or ACCESS_DENIED */ public function vote(TokenInterface $token, $object, array $attributes) { if ($token->getUser() instanceof UserInterface === false) { return self::ACCESS_ABSTAIN; } if (!$object || !$this->supportsClass(get_class($object))) { return self::ACCESS_ABSTAIN; } // abstain vote by default in case none of the attributes are supported $vote = self::ACCESS_ABSTAIN; foreach ($attributes as $attribute) { if (!$this->supportsAttribute($attribute)) { continue; } // as soon as at least one attribute is supported, default is to deny access $vote = self::ACCESS_DENIED; /** @var UserInterface $user */ $currentSite = $this->siteManager->getCurrentSite(); $organizerRole = new OrganizerRole($currentSite); if ($token->getUser()->hasRole($organizerRole->getRole())) { return self::ACCESS_GRANTED; } } return $vote; }
public function onKernelRequest(GetResponseEvent $event) { if (in_array($this->container->get('kernel')->getEnvironment(), array('test', 'dev'))) { return; } if ($this->container->get('security.authorization_checker')->isGranted('ROLE_ADMIN')) { return; } $route = $this->container->get('router')->getRouteCollection()->get($event->getRequest()->get('_route')); if ($route && preg_match('/^\\/admin\\/.*/', $route->getPath())) { return; } $convention = $this->siteManager->getCurrentSite(); $hoy = date('d-m-Y'); if ($convention && $convention->getSlug() !== 'ritsi' && ($convention->getMaintenance() == true || $hoy > $convention->getEndsAt())) { $engine = $this->container->get('templating'); $content = $engine->render('/frontend/conventions/maintenance.html.twig'); $event->setResponse(new Response($content, 503)); $event->stopPropagation(); } }
/** * {@inheritdoc} */ public function getBaseRole(AdminInterface $admin) { $code = $this->siteManager->getCurrentSite()->getSlug(); return 'ROLE_' . str_replace('.', '_', $code . '.' . strtoupper($admin->getCode())) . '_%s'; }
/** * Returns code domain * * @return string */ public function conventionDomain() { $convention = $this->siteManager->getCurrentSite(); return $convention->getDomain(); }
/** * Checks if the voter supports the given attribute. * * @param string $attribute An attribute * * @return bool true if this Voter supports the attribute, false otherwise */ public function supportsAttribute($attribute) { $entity = strtoupper(implode('', array_slice(explode('\\', $this->getClass()), -1))); $code = $this->siteManager->getCurrentSite()->getSlug(); return preg_match("/ROLE_{$code}_RITSIGA_ADMIN_{$entity}_[CREATE|DELETE|EDIT|VIEW]/", $attribute) === 1 ? true : false; }
/** * Returns the current convention. * * @return Convention */ public function getCurrentConvention() { return $this->siteManager->getCurrentSite(); }