vendor/pimcore/portal-engine/src/Service/Security/Voter/DataPoolAccessVoter.php line 26

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under following license:
  7.  * - Pimcore Commercial License (PCL)
  8.  *
  9.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  10.  *  @license    http://www.pimcore.org/license     PCL
  11.  */
  13. namespace Pimcore\Bundle\PortalEngineBundle\Service\Security\Voter;
  15. use Pimcore\Bundle\PortalEngineBundle\Enum\Permission;
  16. use Pimcore\Bundle\PortalEngineBundle\Model\DataObject\PortalUserInterface;
  17. use Pimcore\Bundle\PortalEngineBundle\Service\DataPool\DataPoolConfigService;
  18. use Pimcore\Bundle\PortalEngineBundle\Service\PortalConfig\PortalConfigService;
  19. use Pimcore\Bundle\PortalEngineBundle\Service\Security\PermissionService;
  20. use Pimcore\Bundle\PortalEngineBundle\Service\Security\SecurityService;
  21. use Pimcore\Bundle\PortalEngineBundle\Service\Security\Traits\SecurityServiceAware;
  22. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  23. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  24. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  26. class DataPoolAccessVoter extends Voter
  27. {
  28.     use SecurityServiceAware;
  30.     /**
  31.      * @var PortalConfigService
  32.      */
  33.     protected $portalConfigService;
  35.     /**
  36.      * @var DataPoolConfigService
  37.      */
  38.     protected $dataPoolConfigService;
  40.     /**
  41.      * @var EventDispatcherInterface
  42.      */
  43.     protected $eventDispatcher;
  45.     /**
  46.      * @var PermissionService
  47.      */
  48.     protected $permissionService;
  50.     /**
  51.      * @var SecurityService
  52.      */
  53.     protected $securityService;
  55.     /**
  56.      * DataPoolAccessVoter constructor.
  57.      *
  58.      * @param PortalConfigService $portalConfigService
  59.      * @param DataPoolConfigService $dataPoolConfigService
  60.      * @param EventDispatcherInterface $eventDispatcher
  61.      * @param PermissionService $permissionService
  62.      * @param SecurityService $securityService
  63.      */
  64.     public function __construct(
  65.         PortalConfigService $portalConfigService,
  66.         DataPoolConfigService $dataPoolConfigService,
  67.         EventDispatcherInterface $eventDispatcher,
  68.         PermissionService $permissionService,
  69.         SecurityService $securityService
  70.     ) {
  71.         $this->portalConfigService $portalConfigService;
  72.         $this->dataPoolConfigService $dataPoolConfigService;
  73.         $this->eventDispatcher $eventDispatcher;
  74.         $this->permissionService $permissionService;
  75.         $this->securityService $securityService;
  76.     }
  78.     /**
  79.      * @return bool
  80.      */
  81.     protected function supports($attribute$subject)
  82.     {
  83.         return ($this->portalConfigService->isPortalEngineSite() || $this->securityService->isAdminPreviewCall() || $this->securityService->isAdminRestApiCall())
  84.                && $attribute === Permission::DATA_POOL_ACCESS;
  85.     }
  87.     /**
  88.      * @param string $attribute
  89.      * @param mixed $subject
  90.      * @param TokenInterface $token
  91.      *
  92.      * @return bool
  93.      */
  94.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  95.     {
  96.         if ($this->securityService->isAdminPreviewCall()) {
  97.             return true;
  98.         }
  99.         $currentDataPoolConfigId $this->dataPoolConfigService->getCurrentDataPoolConfig() ? $this->dataPoolConfigService->getCurrentDataPoolConfig()->getId() : 0;
  100.         $dataPoolId = !empty($subject) ? $subject $currentDataPoolConfigId;
  102.         $user $this->securityService->getPortalUser();
  103.         if (!$user instanceof PortalUserInterface) {
  104.             return false;
  105.         }
  107.         return $this->permissionService->isDataPoolAccessAllowed($user$dataPoolId);
  108.     }
  109. }