/**
* @param string $attribute
* @param SessionInterface $session
* @param TokenInterface $token
* @return bool
*/
protected function voteOnAttribute($attribute, $session, TokenInterface $token)
{
$user = $token->getUser();
if (!$user instanceof UserInterface) {
return false;
}
$course = $session->getCourse();
switch ($attribute) {
case self::VIEW:
return $this->isViewGranted($course->getId(), $course->getSchool()->getId(), $user);
break;
case self::CREATE:
case self::EDIT:
case self::DELETE:
// prevent any sort of write operation (create/edit/delete) if the parent course is locked or archived.
if ($course->isLocked() || $course->isArchived()) {
return false;
}
return $this->isWriteGranted($course->getId(), $course->getSchool()->getId(), $user);
break;
}
return false;
}
/**
* @param string $attribute
* @param SessionInterface $session
* @param UserInterface|null $user
* @return bool
*/
protected function isGranted($attribute, $session, $user = null)
{
// grant perms based on the owning course
return parent::isGranted($attribute, $session->getCourse(), $user);
}