Пример #1
0
 /**
  * Returns the vote for the given parameters.
  *
  * This method must return one of the following constants:
  * ACCESS_GRANTED, ACCESS_DENIED, or ACCESS_ABSTAIN.
  *
  * @param TokenInterface $token A TokenInterface instance
  * @param object|null $object The object to secure
  * @param array $attributes An array of attributes associated with the method being invoked
  *
  * @return int either ACCESS_GRANTED, ACCESS_ABSTAIN, or ACCESS_DENIED
  */
 public function vote(TokenInterface $token, $object, array $attributes)
 {
     if ($token->getUser() instanceof UserInterface === false) {
         return self::ACCESS_ABSTAIN;
     }
     if (!$object || !$this->supportsClass(get_class($object))) {
         return self::ACCESS_ABSTAIN;
     }
     // abstain vote by default in case none of the attributes are supported
     $vote = self::ACCESS_ABSTAIN;
     foreach ($attributes as $attribute) {
         if (!$this->supportsAttribute($attribute)) {
             continue;
         }
         // as soon as at least one attribute is supported, default is to deny access
         // $vote = self::ACCESS_DENIED;
         /** @var UserInterface $user */
         $currentSite = $this->siteManager->getCurrentSite();
         //            $roles = $this->roleHierarchy->getReachableRoles($token->getRoles());
         //
         //            if (in_array(new OrganizerRole($currentSite), $roles)) {
         //                return self::ACCESS_GRANTED;
         //            }
         $organizerRole = new OrganizerRole($currentSite);
         if ($token->getUser()->hasRole($organizerRole->getRole())) {
             return self::ACCESS_GRANTED;
         }
     }
     return $vote;
 }
Пример #2
0
 public function getRoles()
 {
     $roles = ['ROLE_USER'];
     if ($this->getAdminConventions()) {
         $roles[] = 'ROLE_ORGANIZER';
         foreach ($this->getAdminConventions() as $convention) {
             $role = new OrganizerRole($convention);
             $roles[] = $role->getRole();
         }
     }
     return parent::getRoles() + $roles;
 }