<?php
/**
* Created by IntelliJ IDEA.
* User: jochen
* Date: 12.09.16
* Time: 15:14
*/
namespace App\Security;
// use Monolog\Logger;
use App\Entity\User;
use App\Entity\Document;
use App\Entity\Project;
use Lexik\Bundle\JWTAuthenticationBundle\Services\JWTTokenManagerInterface;
use Symfony\Component\Form\Exception\RuntimeException;
use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Symfony\Component\Security\Core\Authorization\Voter\VoterInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Psr\Log\LoggerInterface;
use Psr\Log\LoggerAwareInterface;
class CampaignVoter implements VoterInterface, LoggerAwareInterface
{
const ACCESS = 'access';
private $decisionManager;
/**
* @var LoggerInterface $logger
*/
private $logger;
protected $jwtManager;
protected $tokenStorageInterface;
/**
* @var RequestStack $requestStack
*/
protected $requestStack;
private $user;
public function __construct(
AccessDecisionManagerInterface $decisionManager,
TokenStorageInterface $tokenStorageInterface,
JWTTokenManagerInterface $jwtManager,
RequestStack $requestStack)
{
$this->decisionManager = $decisionManager;
$this->jwtManager = $jwtManager;
$this->tokenStorageInterface = $tokenStorageInterface;
$this->requestStack = $requestStack;
}
public function setLogger(LoggerInterface $logger)
{
$this->logger = $logger;
}
public function supportsAttribute($attribute)
{
return in_array($attribute, array(
self::ACCESS,
));
}
public function supportsClass($object)
{
$this->logger->info(sprintf("CampaignVoter class supported"));
$supportedClasses = array(
'App\Entity\Campaign',
);
foreach($supportedClasses as $supportedClass) {
if ($object instanceof $supportedClass) {
return true;
}
}
return false;
}
public function vote(TokenInterface $token, $object, array $attributes)
{
$decodedJwtToken = $this->jwtManager->decode($this->tokenStorageInterface->getToken());
$handleFromToken = $decodedJwtToken["campaign"];
$handleFromRequest = $this->requestStack->getCurrentRequest()->get('campaignHandle');
if ($handleFromToken !== $handleFromRequest) {
$this->logger->info(sprintf("CampaignVoter handle mismatch between request %s and toke %s", $handleFromToken, $handleFromRequest));
return VoterInterface::ACCESS_DENIED;
}
if (is_null($object)) {
return VoterInterface::ACCESS_ABSTAIN;
}
$attr = $attributes[0];
if (!$this->supportsClass($object) || !$this->supportsAttribute($attr)) {
return VoterInterface::ACCESS_ABSTAIN;
}
if ($object->getActive()) {
return VoterInterface::ACCESS_GRANTED;
}
else {
return VoterInterface::ACCESS_ABSTAIN;
}
}
}