vendor/pimcore/portal-engine/src/Service/Security/Voter/DataPoolVersionHistoryVoter.php line 29

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under following license:
  7.  * - Pimcore Commercial License (PCL)
  8.  *
  9.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  10.  *  @license    http://www.pimcore.org/license     PCL
  11.  */
  13. namespace Pimcore\Bundle\PortalEngineBundle\Service\Security\Voter;
  15. use Pimcore\Bundle\PortalEngineBundle\Enum\Permission;
  16. use Pimcore\Bundle\PortalEngineBundle\Event\Permission\DataPoolVersionHistoryEvent;
  17. use Pimcore\Bundle\PortalEngineBundle\Model\DataObject\PortalUserInterface;
  18. use Pimcore\Bundle\PortalEngineBundle\Service\DataPool\DataPoolConfigService;
  19. use Pimcore\Bundle\PortalEngineBundle\Service\DataPool\DataPoolService;
  20. use Pimcore\Bundle\PortalEngineBundle\Service\PortalConfig\PortalConfigService;
  21. use Pimcore\Bundle\PortalEngineBundle\Service\Security\PermissionService;
  22. use Pimcore\Bundle\PortalEngineBundle\Service\Security\Traits\SecurityServiceAware;
  23. use Pimcore\Model\Element\ElementInterface;
  24. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  25. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  26. use Symfony\Component\Security\Core\Authorization\Voter\Voter;
  27. use Symfony\Component\Security\Core\Security;
  29. class DataPoolVersionHistoryVoter extends Voter
  30. {
  31.     use SecurityServiceAware;
  33.     /**
  34.      * @var PortalConfigService
  35.      */
  36.     protected $portalConfigService;
  38.     /**
  39.      * @var DataPoolConfigService
  40.      */
  41.     protected $dataPoolConfigService;
  43.     /**
  44.      * @var DataPoolService
  45.      */
  46.     protected $dataPoolService;
  48.     /**
  49.      * @var Security
  50.      */
  51.     protected $security;
  53.     /**
  54.      * @var PermissionService
  55.      */
  56.     protected $permissionService;
  58.     /**
  59.      * @var EventDispatcherInterface
  60.      */
  61.     protected $eventDispatcher;
  63.     /**
  64.      * DataPoolVersionHistoryVoter constructor.
  65.      *
  66.      * @param PortalConfigService $portalConfigService
  67.      * @param DataPoolConfigService $dataPoolConfigService
  68.      * @param Security $security
  69.      * @param DataPoolService $dataPoolService
  70.      * @param PermissionService $permissionService
  71.      * @param EventDispatcherInterface $eventDispatcher
  72.      */
  73.     public function __construct(PortalConfigService $portalConfigServiceDataPoolConfigService $dataPoolConfigServiceSecurity $securityDataPoolService $dataPoolServicePermissionService $permissionServiceEventDispatcherInterface $eventDispatcher)
  74.     {
  75.         $this->portalConfigService $portalConfigService;
  76.         $this->dataPoolConfigService $dataPoolConfigService;
  77.         $this->dataPoolService $dataPoolService;
  78.         $this->security $security;
  79.         $this->permissionService $permissionService;
  80.         $this->eventDispatcher $eventDispatcher;
  81.     }
  83.     /**
  84.      * @param string $attribute
  85.      * @param mixed $subject
  86.      *
  87.      * @return bool
  88.      */
  89.     protected function supports($attribute$subject)
  90.     {
  91.         return $this->portalConfigService->isPortalEngineSite()
  92.                && $attribute === Permission::VERSION_HISTORY;
  93.     }
  95.     /**
  96.      * @param string $attribute
  97.      * @param ElementInterface $subject
  98.      * @param TokenInterface $token
  99.      *
  100.      * @return bool
  101.      */
  102.     protected function voteOnAttribute($attribute$subjectTokenInterface $token)
  103.     {
  104.         $allowed true;
  105.         if (!$this->security->isGranted(Permission::DATA_POOL_ACCESS)) {
  106.             $allowed false;
  107.         }
  109.         $dataPoolConfig $this->dataPoolConfigService->getCurrentDataPoolConfig();
  111.         if (!$dataPoolConfig->getEnableVersionHistory()) {
  112.             $allowed false;
  113.         }
  115.         if ($allowed) {
  116.             /**
  117.              * @var PortalUserInterface $user
  118.              */
  119.             $user $this->securityService->getPortalUser();
  120.             $allowed $this->permissionService->isAllowed($userPermission::VERSION_HISTORY Permission::PERMISSION_DELIMITER $dataPoolConfig->getId());
  121.         }
  123.         $event = new DataPoolVersionHistoryEvent($allowed$dataPoolConfig->getId(), $this->securityService->getPortalUser());
  124.         $this->eventDispatcher->dispatch($event);
  126.         return $event->isAllowed();
  127.     }
  128. }