/** * @internal */ public function setEditRights(TravelRequest $travelRequest, TravelRequestUserInterface $currentUser, $currentStatusId) { $isEditLocked = true; $isStatusLocked = true; if (!$this->securityContext->isGranted('ROLE_ADMIN')) { // If request was created by current user if ($travelRequest->getUser()->getId() === $currentUser->getId()) { if (in_array($currentStatusId, array(Status::CREATED, Status::REVISE))) { $isEditLocked = false; $isStatusLocked = false; } elseif ($travelRequest->getGeneralManager()->getId() === $travelRequest->getUser()->getId()) { $isStatusLocked = false; } } elseif ($travelRequest->getGeneralManager()->getId() === $currentUser->getId()) { if (!in_array($currentStatusId, array(Status::CREATED, Status::REVISE))) { $isStatusLocked = false; } } } else { $isEditLocked = false; $isStatusLocked = false; if (in_array($currentStatusId, array(Status::APPROVED, Status::REJECTED))) { $isEditLocked = true; $isStatusLocked = true; } elseif ($currentStatusId === Status::FOR_APPROVAL) { $isEditLocked = true; } } return array('isStatusLocked' => $isStatusLocked, 'isEditLocked' => $isEditLocked); }
/** * Method to create and/or save travelExpense * * @param boolean $isNewTravelExpense * @param \Opit\OpitHrm\TravelBundle\Entity\TravelRequest $travelRequest * @param \Opit\OpitHrm\TravelBundle\Entity\TravelExpense $travelExpense * @param EntityManager $entityManager * @param ArrayCollection $children * @param Request $request * @return form */ protected function handleForm($isNewTravelExpense, $travelRequest, $travelExpense, EntityManager $entityManager, $children, $request) { $form = $this->createForm(new ExpenseType($travelRequest->getUser()->getEmployee(), $isNewTravelExpense), $travelExpense, array('em' => $entityManager)); if ($request->isMethod('POST')) { $form->handleRequest($request); if ($form->isValid()) { $statusManager = $this->get('opit.manager.travel_expense_status_manager'); $isNew = $travelExpense->getId(); $travelExpense = $this->get('opit.model.travel_expense')->calculateAdvances($travelExpense); $this->get('opit.model.travel_expense')->removeChildNodes($travelExpense, $children); $travelExpense->setTravelRequest($travelRequest); $entityManager->persist($travelExpense); $entityManager->flush(); // Create initial state for new travel expense. if (null === $isNew) { $statusManager->addStatus($travelExpense, Status::CREATED); } return true; } } return $form; }
/** * @internal */ public function setEditRights(User $user, TravelRequest $travelRequest, $isNewTravelRequest, $currentStatusId) { $isEditLocked = true; $isStatusLocked = false; $userId = $user->getId(); if (false === $isNewTravelRequest) { // the currently logged in user is always set as default $isStatusLocked = true; $isEditLocked = false; } else { if ($this->securityContext->isGranted('ROLE_ADMIN')) { $isEditLocked = false; $isStatusLocked = false; if (in_array($currentStatusId, array(Status::APPROVED, Status::REJECTED))) { $isEditLocked = true; $isStatusLocked = true; } elseif ($currentStatusId === Status::FOR_APPROVAL) { $isEditLocked = true; } } elseif ($userId === $travelRequest->getUser()->getId()) { if (Status::CREATED !== $currentStatusId && Status::REVISE !== $currentStatusId) { return false; } $isEditLocked = false; } elseif ($userId === $travelRequest->getGeneralManager()->getId()) { if (Status::FOR_APPROVAL !== $currentStatusId) { return false; } } } return array('isEditLocked' => $isEditLocked, 'isStatusLocked' => $isStatusLocked); }
/** * Method to check if travel expense can be added * * @param \Symfony\Component\Security\Core\User\UserInterface $user * @param \Opit\OpitHrm\TravelBundle\Entity\TravelRequest $travelRequest * @param type $travelRequestStatusId * @param type $isAdmin * @return type */ protected function isTECreateable(UserInterface $user, TravelRequest $travelRequest, $travelRequestStatusId, $isAdmin) { if (Status::APPROVED === $travelRequestStatusId && ($isAdmin || $user === $travelRequest->getUser())) { return VoterInterface::ACCESS_GRANTED; } return VoterInterface::ACCESS_DENIED; }