/**
* @param CourseInterface $course
* @param UserInterface $user
* @return bool
*/
protected function isWriteGranted($course, $user)
{
// grant CREATE/EDIT/DELETE privileges if at least one of the following
// statements is true:
// 1. the user's primary school is the course's owning school
// and the user has at least one of the 'Faculty', 'Course Director' and 'Developer' roles.
// 2. the user has WRITE rights on the course's owning school via the permissions system
// and the user has at least one of the 'Faculty', 'Course Director' and 'Developer' roles.
// 3. the user has WRITE rights on the course via the permissions system
return $this->userHasRole($user, ['Faculty', 'Course Director', 'Developer']) && ($this->schoolsAreIdentical($course->getSchool(), $user->getSchool()) || $this->permissionManager->userHasWritePermissionToSchool($user, $course->getSchool())) || $this->permissionManager->userHasWritePermissionToCourse($user, $course);
}
/**
* @param string $attribute
* @param CourseInterface $course
* @param TokenInterface $token
* @return bool
*/
protected function voteOnAttribute($attribute, $course, TokenInterface $token)
{
$user = $token->getUser();
if (!$user instanceof UserInterface) {
return false;
}
switch ($attribute) {
case self::VIEW:
return $this->isViewGranted($course->getId(), $course->getSchool()->getId(), $user);
break;
case self::CREATE:
case self::EDIT:
case self::DELETE:
return $this->isWriteGranted($course->getId(), $course->getSchool()->getId(), $user);
break;
}
return false;
}
